Update greatyamada config
This commit is contained in:
		
							parent
							
								
									772d3f19f5
								
							
						
					
					
						commit
						9271746217
					
				
					 22 changed files with 556 additions and 212 deletions
				
			
		|  | @ -40,7 +40,13 @@ | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   services.openssh.enable = true; |   services.openssh = { | ||||||
|  |     enable = true; | ||||||
|  |     settings = { | ||||||
|  |       X11Forwarding = false; | ||||||
|  |       PermitRootLogin = "no"; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
| 
 | 
 | ||||||
|   sops = { |   sops = { | ||||||
|     secrets.avery_password = { |     secrets.avery_password = { | ||||||
|  |  | ||||||
|  | @ -1,8 +1,14 @@ | ||||||
| { config, ... }: { | { config, lib, ... }: { | ||||||
|   programs = { |   programs = { | ||||||
|     zsh = { |     zsh = { | ||||||
|       enable = true; |       enable = true; | ||||||
|       initExtra = '' |       initContent = lib.mkBefore '' | ||||||
|  |         setopt AUTO_PUSHD | ||||||
|  |         setopt SHARE_HISTORY | ||||||
|  |         setopt MENUCOMPLETE | ||||||
|  |         autoload -U history-search-end | ||||||
|  |         zle -N history-beginning-search-backward-end history-search-end | ||||||
|  |         zle -N history-beginning-search-forward-end history-search-end | ||||||
|         bindkey "^[OA" history-beginning-search-backward-end |         bindkey "^[OA" history-beginning-search-backward-end | ||||||
|         bindkey "^[OB" history-beginning-search-forward-end |         bindkey "^[OB" history-beginning-search-forward-end | ||||||
|         bindkey "^r" history-incremental-search-backward |         bindkey "^r" history-incremental-search-backward | ||||||
|  | @ -20,14 +26,6 @@ | ||||||
| 
 | 
 | ||||||
|         fastfetch |         fastfetch | ||||||
|       ''; |       ''; | ||||||
|       initExtraFirst = '' |  | ||||||
|         setopt AUTO_PUSHD |  | ||||||
|         setopt SHARE_HISTORY |  | ||||||
|         setopt MENUCOMPLETE |  | ||||||
|         autoload -U history-search-end |  | ||||||
|         zle -N history-beginning-search-backward-end history-search-end |  | ||||||
|         zle -N history-beginning-search-forward-end history-search-end |  | ||||||
|       ''; |  | ||||||
|       history.path = "${config.xdg.dataHome}/zhistory"; |       history.path = "${config.xdg.dataHome}/zhistory"; | ||||||
|       syntaxHighlighting.enable = true; |       syntaxHighlighting.enable = true; | ||||||
|     }; |     }; | ||||||
|  |  | ||||||
							
								
								
									
										163
									
								
								flake.lock
									
										
									
										generated
									
									
									
								
							
							
						
						
									
										163
									
								
								flake.lock
									
										
									
										generated
									
									
									
								
							|  | @ -34,11 +34,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1742012573, |         "lastModified": 1749968237, | ||||||
|         "narHash": "sha256-/M7hD64NRtg+QIIhMhe5v+u8fkW8zNkBoobCdYO9cWo=", |         "narHash": "sha256-K72058wQbyefCV/jx8UskyBh4r7mOMARatXfzZPcoyQ=", | ||||||
|         "owner": "nix-community", |         "owner": "nix-community", | ||||||
|         "repo": "autofirma-nix", |         "repo": "autofirma-nix", | ||||||
|         "rev": "99559fb377b1139cdf1317ce80ecbb27edb5da4e", |         "rev": "76d28ab9d5ff3a1dfad58c0168fe823523913802", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -82,15 +82,12 @@ | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "crane": { |     "crane": { | ||||||
|       "inputs": { |  | ||||||
|         "nixpkgs": "nixpkgs_2" |  | ||||||
|       }, |  | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1717535930, |         "lastModified": 1731098351, | ||||||
|         "narHash": "sha256-1hZ/txnbd/RmiBPNUs7i8UQw2N89uAK3UzrGAWdnFfU=", |         "narHash": "sha256-HQkYvKvaLQqNa10KEFGgWHfMAbWBfFp+4cAgkut+NNE=", | ||||||
|         "owner": "ipetkov", |         "owner": "ipetkov", | ||||||
|         "repo": "crane", |         "repo": "crane", | ||||||
|         "rev": "55e7754ec31dac78980c8be45f8a28e80e370946", |         "rev": "ef80ead953c1b28316cc3f8613904edc2eb90c28", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -118,11 +115,11 @@ | ||||||
|     "flake-compat_2": { |     "flake-compat_2": { | ||||||
|       "flake": false, |       "flake": false, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1733328505, |         "lastModified": 1747046372, | ||||||
|         "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", |         "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=", | ||||||
|         "owner": "edolstra", |         "owner": "edolstra", | ||||||
|         "repo": "flake-compat", |         "repo": "flake-compat", | ||||||
|         "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", |         "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -139,11 +136,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741352980, |         "lastModified": 1749398372, | ||||||
|         "narHash": "sha256-+u2UunDA4Cl5Fci3m7S643HzKmIDAe+fiXrLqYsR2fs=", |         "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", | ||||||
|         "owner": "hercules-ci", |         "owner": "hercules-ci", | ||||||
|         "repo": "flake-parts", |         "repo": "flake-parts", | ||||||
|         "rev": "f4330d22f1c5d2ba72d3d22df5597d123fdb60a9", |         "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -160,11 +157,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1717285511, |         "lastModified": 1730504689, | ||||||
|         "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", |         "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=", | ||||||
|         "owner": "hercules-ci", |         "owner": "hercules-ci", | ||||||
|         "repo": "flake-parts", |         "repo": "flake-parts", | ||||||
|         "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", |         "rev": "506278e768c2a08bec68eb62932193e341f55c90", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -181,11 +178,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1738453229, |         "lastModified": 1749398372, | ||||||
|         "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", |         "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", | ||||||
|         "owner": "hercules-ci", |         "owner": "hercules-ci", | ||||||
|         "repo": "flake-parts", |         "repo": "flake-parts", | ||||||
|         "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", |         "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -212,24 +209,6 @@ | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "flake-utils_2": { |  | ||||||
|       "inputs": { |  | ||||||
|         "systems": "systems_3" |  | ||||||
|       }, |  | ||||||
|       "locked": { |  | ||||||
|         "lastModified": 1731533236, |  | ||||||
|         "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", |  | ||||||
|         "owner": "numtide", |  | ||||||
|         "repo": "flake-utils", |  | ||||||
|         "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", |  | ||||||
|         "type": "github" |  | ||||||
|       }, |  | ||||||
|       "original": { |  | ||||||
|         "owner": "numtide", |  | ||||||
|         "repo": "flake-utils", |  | ||||||
|         "type": "github" |  | ||||||
|       } |  | ||||||
|     }, |  | ||||||
|     "gitignore": { |     "gitignore": { | ||||||
|       "inputs": { |       "inputs": { | ||||||
|         "nixpkgs": [ |         "nixpkgs": [ | ||||||
|  | @ -257,11 +236,11 @@ | ||||||
|         "nixpkgs": "nixpkgs" |         "nixpkgs": "nixpkgs" | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741955947, |         "lastModified": 1749779443, | ||||||
|         "narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", |         "narHash": "sha256-r6YTIMprNCYcJcA4oZ0x1wPaHPPHUxb8CnyEeMkhGks=", | ||||||
|         "owner": "nix-community", |         "owner": "nix-community", | ||||||
|         "repo": "home-manager", |         "repo": "home-manager", | ||||||
|         "rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", |         "rev": "18f3a0d21c3739a242aafa17c04c5238bbab5a41", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -277,11 +256,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741955947, |         "lastModified": 1750107071, | ||||||
|         "narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", |         "narHash": "sha256-yfuHCO4m+gu3OBNGnP0/TL5W8nLXrC/EV1fs/+YcoL8=", | ||||||
|         "owner": "nix-community", |         "owner": "nix-community", | ||||||
|         "repo": "home-manager", |         "repo": "home-manager", | ||||||
|         "rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", |         "rev": "0edffd088e42fdc48598b37d88eb5345e2ca3937", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -304,16 +283,16 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1729958008, |         "lastModified": 1748294338, | ||||||
|         "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", |         "narHash": "sha256-FVO01jdmUNArzBS7NmaktLdGA5qA3lUMJ4B7a05Iynw=", | ||||||
|         "owner": "NuschtOS", |         "owner": "NuschtOS", | ||||||
|         "repo": "ixx", |         "repo": "ixx", | ||||||
|         "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", |         "rev": "cc5f390f7caf265461d4aab37e98d2292ebbdb85", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|         "owner": "NuschtOS", |         "owner": "NuschtOS", | ||||||
|         "ref": "v0.0.6", |         "ref": "v0.0.8", | ||||||
|         "repo": "ixx", |         "repo": "ixx", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       } |       } | ||||||
|  | @ -397,11 +376,11 @@ | ||||||
|         "treefmt-nix": "treefmt-nix" |         "treefmt-nix": "treefmt-nix" | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741624954, |         "lastModified": 1745514172, | ||||||
|         "narHash": "sha256-VjLS010BEfwuK343Dst08NnQNS8SRtVCDkz1zTsHuvI=", |         "narHash": "sha256-FV8uIBumYYmqOMEa6WR3lFxs0ocANT7bbawEDg+vWjo=", | ||||||
|         "owner": "nix-community", |         "owner": "nix-community", | ||||||
|         "repo": "nix-unit", |         "repo": "nix-unit", | ||||||
|         "rev": "e9d81f6cffe67681e7c04a967d29f18c2c540af5", |         "rev": "be0d299e89a31e246c5472bf0e1005d4cc1e9e55", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -418,11 +397,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741870048, |         "lastModified": 1749574455, | ||||||
|         "narHash": "sha256-odXRdNZGdXg1LmwlAeWL85kgy/FVHsgKlDwrvbR2BsU=", |         "narHash": "sha256-fm2/8KPOYvvIAnNVtjDlTt/My00lIbZQ+LMrfQIWVzs=", | ||||||
|         "owner": "nix-community", |         "owner": "nix-community", | ||||||
|         "repo": "NixOS-WSL", |         "repo": "NixOS-WSL", | ||||||
|         "rev": "5d76001e33ee19644a598ad80e7318ab0957b122", |         "rev": "917af390377c573932d84b5e31dd9f2c1b5c0f09", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -434,11 +413,11 @@ | ||||||
|     }, |     }, | ||||||
|     "nixpkgs": { |     "nixpkgs": { | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741513245, |         "lastModified": 1749285348, | ||||||
|         "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=", |         "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", | ||||||
|         "owner": "NixOS", |         "owner": "NixOS", | ||||||
|         "repo": "nixpkgs", |         "repo": "nixpkgs", | ||||||
|         "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1", |         "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -450,43 +429,27 @@ | ||||||
|     }, |     }, | ||||||
|     "nixpkgs-stable": { |     "nixpkgs-stable": { | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1710695816, |         "lastModified": 1730741070, | ||||||
|         "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", |         "narHash": "sha256-edm8WG19kWozJ/GqyYx2VjW99EdhjKwbY3ZwdlPAAlo=", | ||||||
|         "owner": "NixOS", |         "owner": "NixOS", | ||||||
|         "repo": "nixpkgs", |         "repo": "nixpkgs", | ||||||
|         "rev": "614b4613980a522ba49f0d194531beddbb7220d3", |         "rev": "d063c1dd113c91ab27959ba540c0d9753409edf3", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|         "owner": "NixOS", |         "owner": "NixOS", | ||||||
|         "ref": "nixos-23.11", |         "ref": "nixos-24.05", | ||||||
|         "repo": "nixpkgs", |         "repo": "nixpkgs", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "nixpkgs_2": { |     "nixpkgs_2": { | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1743076231, |         "lastModified": 1749794982, | ||||||
|         "narHash": "sha256-yQugdVfi316qUfqzN8JMaA2vixl+45GxNm4oUfXlbgw=", |         "narHash": "sha256-Kh9K4taXbVuaLC0IL+9HcfvxsSUx8dPB5s5weJcc9pc=", | ||||||
|         "owner": "NixOS", |  | ||||||
|         "repo": "nixpkgs", |  | ||||||
|         "rev": "6c5963357f3c1c840201eda129a99d455074db04", |  | ||||||
|         "type": "github" |  | ||||||
|       }, |  | ||||||
|       "original": { |  | ||||||
|         "owner": "NixOS", |  | ||||||
|         "ref": "nixpkgs-unstable", |  | ||||||
|         "repo": "nixpkgs", |  | ||||||
|         "type": "github" |  | ||||||
|       } |  | ||||||
|     }, |  | ||||||
|     "nixpkgs_3": { |  | ||||||
|       "locked": { |  | ||||||
|         "lastModified": 1743095683, |  | ||||||
|         "narHash": "sha256-gWd4urRoLRe8GLVC/3rYRae1h+xfQzt09xOfb0PaHSk=", |  | ||||||
|         "owner": "nixos", |         "owner": "nixos", | ||||||
|         "repo": "nixpkgs", |         "repo": "nixpkgs", | ||||||
|         "rev": "5e5402ecbcb27af32284d4a62553c019a3a49ea6", |         "rev": "ee930f9755f58096ac6e8ca94a1887e0534e2d81", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -502,14 +465,15 @@ | ||||||
|         "nixpkgs": [ |         "nixpkgs": [ | ||||||
|           "nixpkgs" |           "nixpkgs" | ||||||
|         ], |         ], | ||||||
|         "nuschtosSearch": "nuschtosSearch" |         "nuschtosSearch": "nuschtosSearch", | ||||||
|  |         "systems": "systems_3" | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741709061, |         "lastModified": 1750105753, | ||||||
|         "narHash": "sha256-G1YTksB0CnVhpU1gEmvO3ugPS5CAmUpm5UtTIUIPnEI=", |         "narHash": "sha256-reWddMyGkxjackE4VSZ2NjOQlAdfiofhCEWFHapblNI=", | ||||||
|         "owner": "nix-community", |         "owner": "nix-community", | ||||||
|         "repo": "nixvim", |         "repo": "nixvim", | ||||||
|         "rev": "3a3abf11700f76738d8ad9d15054ceaf182d2974", |         "rev": "ab0a3682cc40da89029dcb3f467b46ae3b8c0fd1", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -520,7 +484,7 @@ | ||||||
|     }, |     }, | ||||||
|     "nuschtosSearch": { |     "nuschtosSearch": { | ||||||
|       "inputs": { |       "inputs": { | ||||||
|         "flake-utils": "flake-utils_2", |         "flake-utils": "flake-utils", | ||||||
|         "ixx": "ixx", |         "ixx": "ixx", | ||||||
|         "nixpkgs": [ |         "nixpkgs": [ | ||||||
|           "nixvim", |           "nixvim", | ||||||
|  | @ -528,11 +492,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1738508923, |         "lastModified": 1749730855, | ||||||
|         "narHash": "sha256-4DaDrQDAIxlWhTjH6h/+xfG05jt3qDZrZE/7zDLQaS4=", |         "narHash": "sha256-L3x2nSlFkXkM6tQPLJP3oCBMIsRifhIDPMQQdHO5xWo=", | ||||||
|         "owner": "NuschtOS", |         "owner": "NuschtOS", | ||||||
|         "repo": "search", |         "repo": "search", | ||||||
|         "rev": "86e2038290859006e05ca7201425ea5b5de4aecb", |         "rev": "8dfe5879dd009ff4742b668d9c699bc4b9761742", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -555,11 +519,11 @@ | ||||||
|         "nixpkgs-stable": "nixpkgs-stable" |         "nixpkgs-stable": "nixpkgs-stable" | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1717664902, |         "lastModified": 1731363552, | ||||||
|         "narHash": "sha256-7XfBuLULizXjXfBYy/VV+SpYMHreNRHk9nKMsm1bgb4=", |         "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", | ||||||
|         "owner": "cachix", |         "owner": "cachix", | ||||||
|         "repo": "pre-commit-hooks.nix", |         "repo": "pre-commit-hooks.nix", | ||||||
|         "rev": "cc4d466cb1254af050ff7bdf47f6d404a7c646d1", |         "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -575,25 +539,24 @@ | ||||||
|         "home-manager": "home-manager_2", |         "home-manager": "home-manager_2", | ||||||
|         "lanzaboote": "lanzaboote", |         "lanzaboote": "lanzaboote", | ||||||
|         "nixos-wsl": "nixos-wsl", |         "nixos-wsl": "nixos-wsl", | ||||||
|         "nixpkgs": "nixpkgs_3", |         "nixpkgs": "nixpkgs_2", | ||||||
|         "nixvim": "nixvim", |         "nixvim": "nixvim", | ||||||
|         "sops-nix": "sops-nix" |         "sops-nix": "sops-nix" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "rust-overlay": { |     "rust-overlay": { | ||||||
|       "inputs": { |       "inputs": { | ||||||
|         "flake-utils": "flake-utils", |  | ||||||
|         "nixpkgs": [ |         "nixpkgs": [ | ||||||
|           "lanzaboote", |           "lanzaboote", | ||||||
|           "nixpkgs" |           "nixpkgs" | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1717813066, |         "lastModified": 1731897198, | ||||||
|         "narHash": "sha256-wqbRwq3i7g5EHIui0bIi84mdqZ/It1AXBSLJ5tafD28=", |         "narHash": "sha256-Ou7vLETSKwmE/HRQz4cImXXJBr/k9gp4J4z/PF8LzTE=", | ||||||
|         "owner": "oxalica", |         "owner": "oxalica", | ||||||
|         "repo": "rust-overlay", |         "repo": "rust-overlay", | ||||||
|         "rev": "6dc3e45fe4aee36efeed24d64fc68b1f989d5465", |         "rev": "0be641045af6d8666c11c2c40e45ffc9667839b5", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  | @ -609,11 +572,11 @@ | ||||||
|         ] |         ] | ||||||
|       }, |       }, | ||||||
|       "locked": { |       "locked": { | ||||||
|         "lastModified": 1741861888, |         "lastModified": 1749592509, | ||||||
|         "narHash": "sha256-ynOgXAyToeE1UdLNfrUn/hL7MN0OpIS2BtNdLjpjPf0=", |         "narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=", | ||||||
|         "owner": "Mic92", |         "owner": "Mic92", | ||||||
|         "repo": "sops-nix", |         "repo": "sops-nix", | ||||||
|         "rev": "d016ce0365b87d848a57c12ffcfdc71da7a2b55f", |         "rev": "50754dfaa0e24e313c626900d44ef431f3210138", | ||||||
|         "type": "github" |         "type": "github" | ||||||
|       }, |       }, | ||||||
|       "original": { |       "original": { | ||||||
|  |  | ||||||
							
								
								
									
										15
									
								
								flake.nix
									
										
									
									
									
								
							
							
						
						
									
										15
									
								
								flake.nix
									
										
									
									
									
								
							|  | @ -78,6 +78,21 @@ | ||||||
|           ./hosts/greatyamada/nixos |           ./hosts/greatyamada/nixos | ||||||
|           ./hosts/greatyamada/services |           ./hosts/greatyamada/services | ||||||
|           inputs.sops-nix.nixosModules.sops |           inputs.sops-nix.nixosModules.sops | ||||||
|  |           inputs.home-manager.nixosModules.home-manager | ||||||
|  |           { | ||||||
|  |             home-manager = { | ||||||
|  |               backupFileExtension = "bak"; | ||||||
|  |               useUserPackages = true; | ||||||
|  |               users.avery = { | ||||||
|  |                 imports = [ | ||||||
|  |                   inputs.nixvim.homeManagerModules.nixvim | ||||||
|  |                   ./common/home.nix | ||||||
|  |                   ./common/zsh.nix | ||||||
|  |                   ./hosts/totsugeki/home-manager/development/nixvim | ||||||
|  |                 ]; | ||||||
|  |               }; | ||||||
|  |             }; | ||||||
|  |           } | ||||||
|         ]; |         ]; | ||||||
|       }; |       }; | ||||||
|       # WSL development system |       # WSL development system | ||||||
|  |  | ||||||
|  | @ -1,15 +1,34 @@ | ||||||
| { lib, pkgs, ... }: { | { lib, pkgs, ... }: { | ||||||
|   imports = [ ./filesystems.nix ]; |   imports = [ ./filesystems.nix ]; | ||||||
| 
 | 
 | ||||||
|   boot.loader.systemd-boot.enable = true; |   boot = { | ||||||
|  |     loader.systemd-boot.enable = true; | ||||||
|  |     kernelPackages = pkgs.linuxKernel.packages.linux_zen; | ||||||
|  |     initrd.availableKernelModules = | ||||||
|  |       [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; | ||||||
|  |     initrd.kernelModules = [ ]; | ||||||
|  |     kernelModules = [ "kvm-amd" ]; | ||||||
|  |     extraModulePackages = [ ]; | ||||||
|  |   }; | ||||||
| 
 | 
 | ||||||
|   environment.systemPackages = with pkgs; [ iptables ]; |   environment.systemPackages = with pkgs; [ arion docker-client ]; | ||||||
| 
 | 
 | ||||||
|   networking = { |   networking = { | ||||||
|     firewall.enable = true; |     firewall.enable = true; | ||||||
|     hostName = "greatyamada"; |     hostName = "greatyamada"; | ||||||
|     networkmanager.enable = true; |     networkmanager.enable = true; | ||||||
|     useDHCP = lib.mkDefault false; |     useDHCP = lib.mkDefault false; | ||||||
|  |     interfaces.enp5s0 = { | ||||||
|  |       ipv4.addresses = [{ | ||||||
|  |         address = "10.0.0.1"; | ||||||
|  |         prefixLength = 24; | ||||||
|  |       }]; | ||||||
|  |     }; | ||||||
|  |     defaultGateway = { | ||||||
|  |       address = "10.0.0.254"; | ||||||
|  |       interface = "enp5s0"; | ||||||
|  |     }; | ||||||
|  |     nameservers = [ "9.9.9.9" ]; | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   sops = { |   sops = { | ||||||
|  | @ -17,7 +36,18 @@ | ||||||
|     age.keyFile = "/etc/nixos/keys.txt"; |     age.keyFile = "/etc/nixos/keys.txt"; | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   system.stateVersion = "25.05"; |   system.stateVersion = "24.05"; | ||||||
|  | 
 | ||||||
|  |   users = { | ||||||
|  |     groups.media = { }; | ||||||
|  |     users.avery.extraGroups = [ "media" ]; | ||||||
|  |   }; | ||||||
|  | 
 | ||||||
|  |   virtualisation.podman = { | ||||||
|  |     enable = true; | ||||||
|  |     dockerSocket.enable = true; | ||||||
|  |     defaultNetwork.settings.dns_enabled = true; | ||||||
|  |   }; | ||||||
| 
 | 
 | ||||||
|   time.timeZone = "UTC"; |   time.timeZone = "UTC"; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -2,27 +2,27 @@ | ||||||
|   fileSystems = { |   fileSystems = { | ||||||
|     "/" = { |     "/" = { | ||||||
|       device = "/dev/disk/by-label/NIXROOT"; |       device = "/dev/disk/by-label/NIXROOT"; | ||||||
|       fsType = "btrfs"; |       fsType = "ext4"; | ||||||
|       options = [ "compress=zstd:15" ]; |  | ||||||
|     }; |     }; | ||||||
|     "/boot" = { |     "/boot" = { | ||||||
|       device = "/dev/disk/by-label/NIXBOOT"; |       device = "/dev/disk/by-label/NIXBOOT"; | ||||||
|       fsType = "vfat"; |       fsType = "vfat"; | ||||||
|     }; |     }; | ||||||
|     "/mnt/Datos" = { |     "/mnt/ssd-01" = { | ||||||
|       device = "/dev/disk/by-label/Datos"; |       device = "/dev/disk/by-label/ssd-01"; | ||||||
|       fsType = "btrfs"; |       fsType = "ext4"; | ||||||
|       options = [ "compress=zstd:15" ]; |  | ||||||
|     }; |     }; | ||||||
|     "/mnt/Datos/minecraft" = { |     "/mnt/hdd-01" = { | ||||||
|       device = "/dev/disk/by-label/Datos"; |       device = "/dev/disk/by-label/hdd-01"; | ||||||
|       fsType = "btrfs"; |       fsType = "ext4"; | ||||||
|       options = [ "compress=zstd:4" "subvol=/minecraft" ]; |  | ||||||
|     }; |     }; | ||||||
|     "/mnt/Datos/music" = { |     "/mnt/hdd-02" = { | ||||||
|       device = "/dev/disk/by-label/Datos"; |       device = "/dev/disk/by-label/hdd-02"; | ||||||
|       fsType = "btrfs"; |       fsType = "ext4"; | ||||||
|       options = [ "subvol=/music" ]; |  | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|  |   swapDevices = [{ | ||||||
|  |     device = "/.swapfile"; | ||||||
|  |     size = 4 * 1024; | ||||||
|  |   }]; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,20 +1,17 @@ | ||||||
| { | { | ||||||
|   adguardhome-dns = 53; |   adguardhome-dns = 53; | ||||||
|   adguardhome-http = 3001; |   adguardhome-http = 3001; | ||||||
|   coturn-turn = 3478; |   adguardhome-dhcp-udp = 67; | ||||||
|   coturn-turn-alt = 3479; |  | ||||||
|   coturn-minimum = 49192; |  | ||||||
|   coturn-maximum = 49200; |  | ||||||
|   forgejo-http = 3000; |   forgejo-http = 3000; | ||||||
|   jellyfin-http = 8096; |   jellyfin-http = 8096; | ||||||
|   matrix-http = 8008; |  | ||||||
|   matrix-https = 8448; |  | ||||||
|   matrix-bridges-http = 8088; |  | ||||||
|   mautrix-whatsapp = 29318; |  | ||||||
|   minecraft = 13914; |   minecraft = 13914; | ||||||
|  |   navidrome-https = 4533; | ||||||
|   nginx-https = 443; |   nginx-https = 443; | ||||||
|   ntfy-http = 2586; |   ntfy-http = 2586; | ||||||
|  |   pgadmin = 5050; | ||||||
|   postgresql = 5432; |   postgresql = 5432; | ||||||
|   radicale-http = 5232; |   radicale-http = 5232; | ||||||
|  |   searxng = 8888; | ||||||
|   wireguard = 51820; |   wireguard = 51820; | ||||||
|  |   vaultwarden = 8222; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -2,18 +2,13 @@ | ||||||
|   security.acme = { |   security.acme = { | ||||||
|     acceptTerms = true; |     acceptTerms = true; | ||||||
|     defaults.email = "aveeryy@protonmail.com"; |     defaults.email = "aveeryy@protonmail.com"; | ||||||
|     # Temporarily use staging server for testing |  | ||||||
|     defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory"; |  | ||||||
|     certs."rcia.dev" = { |     certs."rcia.dev" = { | ||||||
|       credentialFiles.CLOUDFLARE_DNS_API_TOKEN_FILE = |       credentialFiles.CLOUDFLARE_DNS_API_TOKEN_FILE = "/run/secrets/acme_token"; | ||||||
|         "/run/secrets/cloudflare_api_token"; |       extraDomainNames = [ "*.rcia.dev" ]; | ||||||
|       dnsProvider = "cloudflare"; |       dnsProvider = "cloudflare"; | ||||||
|       group = "nginx"; |       group = "nginx"; | ||||||
|       webroot = null; |       webroot = null; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|   sops.secrets."cloudflare/api_token" = { |   sops.secrets."acme_token".group = "acme"; | ||||||
|     path = "/run/secrets/cloudflare_api_token"; |  | ||||||
|     group = "acme"; |  | ||||||
|   }; |  | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -3,18 +3,21 @@ let | ||||||
|   portDefinitions = import ./_port-definitions.nix; |   portDefinitions = import ./_port-definitions.nix; | ||||||
|   nginxLocalServiceConfig = import ./nginx-local-config.nix; |   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||||
| in { | in { | ||||||
|   networking.firewall.allowedTCPPorts = [ portDefinitions.adguardhome-dns ]; |   networking.firewall = { | ||||||
|   networking.firewall.allowedUDPPorts = [ portDefinitions.adguardhome-dns ]; |     allowedTCPPorts = [ portDefinitions.adguardhome-dns ]; | ||||||
|  |     allowedUDPPorts = | ||||||
|  |       [ portDefinitions.adguardhome-dns portDefinitions.adguardhome-dhcp-udp ]; | ||||||
|  |   }; | ||||||
|   services = { |   services = { | ||||||
|     adguardhome = { |     adguardhome = { | ||||||
|       enable = true; |       enable = true; | ||||||
|       allowDHCP = true; |       allowDHCP = true; | ||||||
|       port = portDefinitions.adguardhome-http; |  | ||||||
|       mutableSettings = true; |       mutableSettings = true; | ||||||
|  |       port = portDefinitions.adguardhome-http; | ||||||
|       settings = { |       settings = { | ||||||
|         http = { |         http = { | ||||||
|           address = "127.0.0.1:${toString portDefinitions.adguardhome-http}"; |           address = "127.0.0.1:${toString portDefinitions.adguardhome-http}"; | ||||||
|           session_ttl = "1440h"; |           session_ttl = "720h"; | ||||||
|         }; |         }; | ||||||
|         dns = { |         dns = { | ||||||
|           bind_hosts = [ "0.0.0.0" ]; |           bind_hosts = [ "0.0.0.0" ]; | ||||||
|  | @ -38,9 +41,231 @@ in { | ||||||
|             icmp_timeout_msec = 1000; |             icmp_timeout_msec = 1000; | ||||||
|           }; |           }; | ||||||
|         }; |         }; | ||||||
|  |         filtering = { | ||||||
|  |           safe_search.enabled = false; | ||||||
|  |           filtering_enabled = true; | ||||||
|  |           parental_enabled = false; | ||||||
|  |           safebrowsing_enabled = false; | ||||||
|  |           protection_enabled = true; | ||||||
|  |           cache_time = 30; | ||||||
|  |           filters_update_interval = 24; | ||||||
|  |           rewrites = [ | ||||||
|  |             { | ||||||
|  |               domain = "rcia.dev"; | ||||||
|  |               answer = "10.0.0.1"; | ||||||
|  |             } | ||||||
|  |             { | ||||||
|  |               domain = "*.rcia.dev"; | ||||||
|  |               answer = "10.0.0.1"; | ||||||
|  |             } | ||||||
|  |           ]; | ||||||
|  |         }; | ||||||
|  |         clients = { | ||||||
|  |           runtime_sources = { | ||||||
|  |             whois = true; | ||||||
|  |             arp = true; | ||||||
|  |             rdns = true; | ||||||
|  |             dhcp = true; | ||||||
|  |             hosts = true; | ||||||
|  |           }; | ||||||
|  |           persistent = [ | ||||||
|  |             { | ||||||
|  |               name = "Decodificador"; | ||||||
|  |               ids = [ "10.0.0.200" ]; | ||||||
|  |               tags = [ "device_tv" ]; | ||||||
|  |               upstreams = [ "172.26.23.3" ]; | ||||||
|  |               use_global_settings = true; | ||||||
|  |             } | ||||||
|  |             { | ||||||
|  |               name = "Poco X3"; | ||||||
|  |               ids = [ "10.0.0.202" ]; | ||||||
|  |               tags = [ "device_phone" ]; | ||||||
|  |               use_global_settings = false; | ||||||
|  |               filtering_enabled = false; | ||||||
|  |             } | ||||||
|  |             { | ||||||
|  |               name = "Tablet Samsung"; | ||||||
|  |               ids = [ "10.0.0.201" ]; | ||||||
|  |               tags = [ "device_tablet" ]; | ||||||
|  |               use_global_settings = false; | ||||||
|  |               filtering_enabled = false; | ||||||
|  |             } | ||||||
|  |           ]; | ||||||
|  |         }; | ||||||
|  |         filters = [ | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt"; | ||||||
|  |             name = "AdGuard DNS filter"; | ||||||
|  |             id = 1; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt"; | ||||||
|  |             name = "AdAway Default Blocklist"; | ||||||
|  |             id = 2; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_23.txt"; | ||||||
|  |             name = "WindowsSpyBlocker - Hosts spy rules"; | ||||||
|  |             id = 1687062393; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_6.txt"; | ||||||
|  |             name = "Dandelion Sprout's Game Console Adblock List"; | ||||||
|  |             id = 1687062394; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_30.txt"; | ||||||
|  |             name = "Phishing URL Blocklist (PhishTank and OpenPhish)"; | ||||||
|  |             id = 1687062395; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_7.txt"; | ||||||
|  |             name = "Perflyst and Dandelion Sprout's Smart-TV Blocklist"; | ||||||
|  |             id = 1687062396; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_12.txt"; | ||||||
|  |             name = "Dandelion Sprout's Anti-Malware List"; | ||||||
|  |             id = 1687062397; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_10.txt"; | ||||||
|  |             name = "Scam Blocklist by DurableNapkin"; | ||||||
|  |             id = 1687062398; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_9.txt"; | ||||||
|  |             name = "The Big List of Hacked Malware Web Sites"; | ||||||
|  |             id = 1687062399; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_33.txt"; | ||||||
|  |             name = "Steven Black's List"; | ||||||
|  |             id = 1687062400; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_4.txt"; | ||||||
|  |             name = "Dan Pollock's List"; | ||||||
|  |             id = 1687062401; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_11.txt"; | ||||||
|  |             name = "Malicious URL Blocklist (URLHaus)"; | ||||||
|  |             id = 1687062402; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_3.txt"; | ||||||
|  |             name = "Peter Lowe's Blocklist"; | ||||||
|  |             id = 1687062403; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_32.txt"; | ||||||
|  |             name = "The NoTracking blocklist"; | ||||||
|  |             id = 1687062404; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_31.txt"; | ||||||
|  |             name = "Stalkerware Indicators List"; | ||||||
|  |             id = 1694924469; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_44.txt"; | ||||||
|  |             name = "HaGeZi's Threat Intelligence Feeds"; | ||||||
|  |             id = 1694924470; | ||||||
|  |           } | ||||||
|  |           { | ||||||
|  |             enabled = true; | ||||||
|  |             url = | ||||||
|  |               "https://adguardteam.github.io/HostlistsRegistry/assets/filter_8.txt"; | ||||||
|  |             name = "NoCoin Filter List"; | ||||||
|  |             id = 1694924471; | ||||||
|  |           } | ||||||
|  |         ]; | ||||||
|  |         user_rules = [ | ||||||
|  |           "||www.googleadservices.com^$important" | ||||||
|  |           "||rdvs.alljoyn.org^$important" | ||||||
|  |           "||safebrowsing.google.com^$client='10.0.0.28'" | ||||||
|  |           "||fm.nvc.heil.nuancemobility.net^$client='10.0.0.230'" | ||||||
|  |           "@@||npdl.cdn.nintendowifi.net^$important" | ||||||
|  |           "||tse3.mm.bing.net^$important" | ||||||
|  |           "@@||repo.webosbrew.org^$important" | ||||||
|  |           "||es.lgeapi.com^$important" | ||||||
|  |           "||discovery.meethue.com^$important" | ||||||
|  |           "||eic.lgtviot.com^$important" | ||||||
|  |           "||qs2-nevoai-iothub-02-prod.azure-devices.net^$important" | ||||||
|  |           "||snu.lge.com^$important" | ||||||
|  |           "||su.lge.com^$important" | ||||||
|  |           "||su-ssl.lge.com^$important" | ||||||
|  |           "||snu-dev.lge.com^$important" | ||||||
|  |           "||su-dev.lge.com^$important" | ||||||
|  |           "||nsu.lge.com^$important" | ||||||
|  |           "||eic.commonpush.lgtviot.com^$important" | ||||||
|  |           "||eic.sports.lgtviot.com^$important" | ||||||
|  |           "||es.lgtvsdp.com^$important" | ||||||
|  |           "||prod-ripcut-delivery.disney-plus.net^$client='TV'" | ||||||
|  |           "||ngfts.lge.com^$important" | ||||||
|  |           "||lgtvonline.lge.com^$important" | ||||||
|  |           "||www.ueiwsp.com^$important" | ||||||
|  |           "||temu.com^$important" | ||||||
|  |           "||www.temu.com^$important" | ||||||
|  |           "@@||unity3d.com^$client='10.0.0.7'" | ||||||
|  |           "@@||config.ads.vungle.com^$client='10.0.0.7'" | ||||||
|  |           "@@||rayjump.com^$client='10.0.0.7'" | ||||||
|  |           "@@||vungle.com^$client='10.0.0.7'" | ||||||
|  |           "@@||mtgglobals.com^$client='10.0.0.7'" | ||||||
|  |           "@@||fundingchoicesmessages.google.com^$client='10.0.0.7'" | ||||||
|  |           "@@||applovin.com^$client='10.0.0.7'" | ||||||
|  |           "@@||rovio.com^$client='10.0.0.7'" | ||||||
|  |           "@@||gov.aniview.com^$client='10.0.0.7'" | ||||||
|  |           "@@||unity3d.com^$client='10.10.0.3'" | ||||||
|  |           "@@||config.ads.vungle.com^$client='10.10.0.3'" | ||||||
|  |           "@@||rayjump.com^$client='10.10.0.3'" | ||||||
|  |           "@@||vungle.com^$client='10.10.0.3'" | ||||||
|  |           "@@||mtgglobals.com^$client='10.10.0.3'" | ||||||
|  |           "@@||fundingchoicesmessages.google.com^$client='10.10.0.3'" | ||||||
|  |           "@@||googleads.g.doubleclick.net^$client='10.10.0.3'" | ||||||
|  |           "@@||applovin.com^$client='10.10.0.3'" | ||||||
|  |           "@@||rovio.com^$client='10.10.0.3'" | ||||||
|  |           "@@||gov.aniview.com^$client='10.10.0.3'" | ||||||
|  |           "@@||cdn.liftoff-creatives.io^$client='10.0.0.7'" | ||||||
|  |           "||googleads.g.doubleclick.net^$client='Tablet'" | ||||||
|  |         ]; | ||||||
|       }; |       }; | ||||||
|     }; |     }; | ||||||
|     nginx.virtualHosts."dns.rcia.dev" = { |     nginx.virtualHosts."dns.rcia.dev" = { | ||||||
|  |       forceSSL = true; | ||||||
|       locations."/".proxyPass = |       locations."/".proxyPass = | ||||||
|         "http://127.0.0.1:${toString portDefinitions.adguardhome-http}"; |         "http://127.0.0.1:${toString portDefinitions.adguardhome-http}"; | ||||||
|       extraConfig = nginxLocalServiceConfig; |       extraConfig = nginxLocalServiceConfig; | ||||||
|  |  | ||||||
|  | @ -1,13 +1,17 @@ | ||||||
| { ... }: { | { ... }: { | ||||||
|   imports = [ |   imports = [ | ||||||
|     ./acme.nix |     ./acme.nix | ||||||
|  |     ./adguardhome.nix | ||||||
|     ./forgejo.nix |     ./forgejo.nix | ||||||
|     ./inadyn.nix |     ./inadyn.nix | ||||||
|     ./jellyfin.nix |     ./jellyfin.nix | ||||||
|     ./minecraft |     # ./minecraft | ||||||
|     ./nginx.nix |     ./nginx.nix | ||||||
|  |     ./pgadmin.nix | ||||||
|     ./postgresql.nix |     ./postgresql.nix | ||||||
|     ./radicale.nix |     ./radicale.nix | ||||||
|  |     ./searxng.nix | ||||||
|  |     ./vaultwarden.nix | ||||||
|     ./wireguard.nix |     ./wireguard.nix | ||||||
|   ]; |   ]; | ||||||
|   # paperlessngx |   # paperlessngx | ||||||
|  |  | ||||||
|  | @ -1,14 +1,10 @@ | ||||||
| { pkgs, ... }: | { pkgs, lib, ... }: | ||||||
| let | let | ||||||
|   forgejoSecretsPath = "/run/secrets/forgejo_"; |  | ||||||
|   portDefinitions = import ./_port-definitions.nix; |   portDefinitions = import ./_port-definitions.nix; | ||||||
|   arrayToSecrets = elements: |   arrayToSecrets = elements: | ||||||
|     builtins.listToAttrs (map (key: { |     builtins.listToAttrs (map (key: { | ||||||
|       name = "forgejo/${key}"; |       name = "forgejo/${key}"; | ||||||
|       value = { |       value.owner = "forgejo"; | ||||||
|         path = "${forgejoSecretsPath}${key}"; |  | ||||||
|         owner = "forgejo"; |  | ||||||
|       }; |  | ||||||
|     }) elements); |     }) elements); | ||||||
| in { | in { | ||||||
|   services = { |   services = { | ||||||
|  | @ -18,15 +14,17 @@ in { | ||||||
|       database = { |       database = { | ||||||
|         type = "postgres"; |         type = "postgres"; | ||||||
|         port = portDefinitions.postgresql; |         port = portDefinitions.postgresql; | ||||||
|         passwordFile = "${forgejoSecretsPath}database_password"; |         passwordFile = "/run/secrets/forgejo/database_password"; | ||||||
|       }; |       }; | ||||||
|       secrets = { |       secrets = { | ||||||
|         server.LFS_JWT_SECRET = "${forgejoSecretsPath}lfs_jwt_secret"; |         server.LFS_JWT_SECRET = | ||||||
|  |           lib.mkForce "/run/secrets/forgejo/lfs_jwt_secret"; | ||||||
|         security = { |         security = { | ||||||
|           INTERNAL_TOKEN = "${forgejoSecretsPath}internal_token"; |           INTERNAL_TOKEN = lib.mkForce "/run/secrets/forgejo/internal_token"; | ||||||
|           SECRET_KEY = "${forgejoSecretsPath}secret_key"; |           SECRET_KEY = lib.mkForce "/run/secrets/forgejo/secret_key"; | ||||||
|         }; |         }; | ||||||
|         oauth2.JWT_SECRET = "${forgejoSecretsPath}oauth2_jwt_secret"; |         oauth2.JWT_SECRET = | ||||||
|  |           lib.mkForce "/run/secrets/forgejo/oauth2_jwt_secret"; | ||||||
|       }; |       }; | ||||||
|       settings = { |       settings = { | ||||||
|         server = { |         server = { | ||||||
|  | @ -43,12 +41,13 @@ in { | ||||||
|       locations."/" = { |       locations."/" = { | ||||||
|         proxyPass = "http://127.0.0.1:${toString portDefinitions.forgejo-http}"; |         proxyPass = "http://127.0.0.1:${toString portDefinitions.forgejo-http}"; | ||||||
|       }; |       }; | ||||||
|  |       forceSSL = true; | ||||||
|       useACMEHost = "rcia.dev"; |       useACMEHost = "rcia.dev"; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|   systemd.services.forgejo.preStart = '' |   # systemd.services.forgejo.preStart = '' | ||||||
|     ${pkgs.forgejo}/bin/gitea migrate |   #   ${pkgs.forgejo}/bin/gitea migrate | ||||||
|   ''; |   # ''; | ||||||
|   sops.secrets = arrayToSecrets [ |   sops.secrets = arrayToSecrets [ | ||||||
|     "database_password" |     "database_password" | ||||||
|     "internal_token" |     "internal_token" | ||||||
|  |  | ||||||
|  | @ -1,10 +1,19 @@ | ||||||
| { config, ... }: { | { config, ... }: { | ||||||
|   services.inadyn = { |   services.inadyn = { | ||||||
|     enable = true; |     enable = true; | ||||||
|     provider."cloudflare.com" = { |     settings.provider."cloudflare.com" = { | ||||||
|       hostname = [ "rcia.dev" "*.rcia.dev" ]; |       hostname = [ "rcia.dev" "*.rcia.dev" ]; | ||||||
|       username = "rcia.dev"; |       username = "rcia.dev"; | ||||||
|       password = "${config.sops.placeholder.cloudflare.api_key}"; |       include = config.sops.templates."inadyn-password.conf".path; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  |   sops = { | ||||||
|  |     secrets."cloudflare/api_token" = { }; | ||||||
|  |     templates."inadyn-password.conf" = { | ||||||
|  |       content = '' | ||||||
|  |         password = ${config.sops.placeholder."cloudflare/api_token"} | ||||||
|  |       ''; | ||||||
|  |       owner = "inadyn"; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,21 +1,14 @@ | ||||||
| { ... }: | { ... }: | ||||||
| let | let portDefinitions = import ./_port-definitions.nix; | ||||||
|   jellyfinPath = "/mnt/Datos/jellyfin"; |  | ||||||
|   nginxLocalServiceConfig = import ./nginx-local-config.nix; |  | ||||||
|   portDefinitions = import ./_port-definitions.nix; |  | ||||||
| in { | in { | ||||||
|   services = { |   services = { | ||||||
|     jellyfin = { |     jellyfin.enable = true; | ||||||
|       enable = true; |  | ||||||
|       dataDir = "${jellyfinPath}/data/"; |  | ||||||
|     }; |  | ||||||
|     nginx.virtualHosts."jellyfin.rcia.dev" = { |     nginx.virtualHosts."jellyfin.rcia.dev" = { | ||||||
|       locations."/" = { |       locations."/".proxyPass = | ||||||
|         proxyPass = |         "http://127.0.0.1:${toString portDefinitions.jellyfin-http}"; | ||||||
|           "http://127.0.0.1:${toString portDefinitions.jellyfin-http}"; |       forceSSL = true; | ||||||
|       }; |  | ||||||
|       extraConfig = nginxLocalServiceConfig; |  | ||||||
|       useACMEHost = "rcia.dev"; |       useACMEHost = "rcia.dev"; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|  |   users.users.jellyfin.extraGroups = [ "media" ]; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,10 +1,16 @@ | ||||||
| { ... }: { | { ... }: { | ||||||
|  |   networking.firewall.allowedTCPPorts = [ 443 ]; | ||||||
|   services.nginx = { |   services.nginx = { | ||||||
|     enable = true; |     enable = true; | ||||||
|  |     recommendedGzipSettings = true; | ||||||
|  |     recommendedProxySettings = true; | ||||||
|  |     recommendedOptimisation = true; | ||||||
|  |     recommendedTlsSettings = true; | ||||||
|     virtualHosts = { |     virtualHosts = { | ||||||
|       "rcia.dev" = { |       "rcia.dev" = { | ||||||
|         forceSSL = true; |         forceSSL = true; | ||||||
|         enableACME = true; |         # enableACME = true; | ||||||
|  |         useACMEHost = "rcia.dev"; | ||||||
|         serverAliases = [ "*.rcia.dev" ]; |         serverAliases = [ "*.rcia.dev" ]; | ||||||
|         # locations."/" = { root = /var/www/public; }; |         # locations."/" = { root = /var/www/public; }; | ||||||
|       }; |       }; | ||||||
|  |  | ||||||
							
								
								
									
										21
									
								
								hosts/greatyamada/services/pgadmin.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								hosts/greatyamada/services/pgadmin.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,21 @@ | ||||||
|  | { ... }: | ||||||
|  | let | ||||||
|  |   _portDefinitions = import ./_port-definitions.nix; | ||||||
|  |   nginxLocalConfig = import ./nginx-local-config.nix; | ||||||
|  | in { | ||||||
|  |   services = { | ||||||
|  |     pgadmin = { | ||||||
|  |       enable = true; | ||||||
|  |       initialEmail = "avery@rcia.dev"; | ||||||
|  |       initialPasswordFile = "/etc/nixos/a.txt"; | ||||||
|  |       port = _portDefinitions.pgadmin; | ||||||
|  |     }; | ||||||
|  |     nginx.virtualHosts."pgadmin.rcia.dev" = { | ||||||
|  |       locations."/".proxyPass = | ||||||
|  |         "http://localhost:${toString _portDefinitions.pgadmin}"; | ||||||
|  |       forceSSL = true; | ||||||
|  |       useACMEHost = "rcia.dev"; | ||||||
|  |       extraConfig = nginxLocalConfig; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  | } | ||||||
|  | @ -1,8 +1,11 @@ | ||||||
| { ... }: | { config, pkgs, ... }: | ||||||
| let portDefinitions = import ./_port-definitions.nix; | let portDefinitions = import ./_port-definitions.nix; | ||||||
| in { | in { | ||||||
|   services.postgresql = { |   services.postgresql = { | ||||||
|     enable = true; |     enable = true; | ||||||
|  |     package = pkgs.postgresql_16; | ||||||
|  |     dataDir = | ||||||
|  |       "/mnt/ssd-01/postgresql/${config.services.postgresql.package.psqlSchema}"; | ||||||
|     settings.port = portDefinitions.postgresql; |     settings.port = portDefinitions.postgresql; | ||||||
|   }; |   }; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -2,7 +2,6 @@ | ||||||
| let | let | ||||||
|   nginxLocalServiceConfig = import ./nginx-local-config.nix; |   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||||
|   portDefinitions = import ./_port-definitions.nix; |   portDefinitions = import ./_port-definitions.nix; | ||||||
|   radicalePath = "/mnt/Datos/radicale"; |  | ||||||
| in { | in { | ||||||
|   services = { |   services = { | ||||||
|     radicale = { |     radicale = { | ||||||
|  | @ -12,10 +11,9 @@ in { | ||||||
|           [ "127.0.0.1:${toString portDefinitions.radicale-http}" ]; |           [ "127.0.0.1:${toString portDefinitions.radicale-http}" ]; | ||||||
|         auth = { |         auth = { | ||||||
|           type = "htpasswd"; |           type = "htpasswd"; | ||||||
|           htpasswd_filename = "/etc/radicale/users"; |           htpasswd_filename = "/var/lib/radicale/users"; | ||||||
|           htpasswd_encryption = "bcrypt"; |           htpasswd_encryption = "bcrypt"; | ||||||
|         }; |         }; | ||||||
|         storage.filesystem_folder = radicalePath; |  | ||||||
|       }; |       }; | ||||||
|     }; |     }; | ||||||
|     nginx.virtualHosts."radicale.rcia.dev" = { |     nginx.virtualHosts."radicale.rcia.dev" = { | ||||||
|  | @ -23,12 +21,13 @@ in { | ||||||
|         proxyPass = |         proxyPass = | ||||||
|           "http://127.0.0.1:${toString portDefinitions.radicale-http}"; |           "http://127.0.0.1:${toString portDefinitions.radicale-http}"; | ||||||
|       }; |       }; | ||||||
|       extraConfig = nginxLocalServiceConfig; |       forceSSL = true; | ||||||
|       useACMEHost = "rcia.dev"; |       useACMEHost = "rcia.dev"; | ||||||
|  |       extraConfig = nginxLocalServiceConfig; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|   sops.secrets."radicale/users" = { |   sops.secrets."radicale/users" = { | ||||||
|     path = "/etc/radicale/users"; |     path = "/var/lib/radicale/users"; | ||||||
|     owner = "radicale"; |     owner = "radicale"; | ||||||
|   }; |   }; | ||||||
| } | } | ||||||
|  |  | ||||||
							
								
								
									
										46
									
								
								hosts/greatyamada/services/searxng.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										46
									
								
								hosts/greatyamada/services/searxng.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,46 @@ | ||||||
|  | { config, pkgs, ... }: | ||||||
|  | let | ||||||
|  |   portDefinitions = import ./_port-definitions.nix; | ||||||
|  |   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||||
|  | in { | ||||||
|  |   services = { | ||||||
|  |     searx = { | ||||||
|  |       enable = true; | ||||||
|  |       package = pkgs.searxng; | ||||||
|  |       environmentFile = config.sops.templates."searxng_secret_key.env".path; | ||||||
|  |       redisCreateLocally = true; | ||||||
|  |       # runInUwsgi = true; | ||||||
|  |       # uwsgiConfig = { | ||||||
|  |       #   socket = "/run/searx/searxng.sock"; | ||||||
|  |       #   http = ":${toString portDefinitions.searxng}"; | ||||||
|  |       #   chmod-socket = "660"; | ||||||
|  |       # }; | ||||||
|  |       settings = { | ||||||
|  |         base_url = "https://searxng.rcia.dev"; | ||||||
|  |         bind_address = "127.0.0.1"; | ||||||
|  |         port = portDefinitions.searxng; | ||||||
|  |         public_instance = false; | ||||||
|  |         limiter = false; | ||||||
|  |       }; | ||||||
|  | 
 | ||||||
|  |     }; | ||||||
|  |     nginx.virtualHosts."searxng.rcia.dev" = { | ||||||
|  |       locations."/".proxyPass = | ||||||
|  |         "http://127.0.0.1:${toString portDefinitions.searxng}"; | ||||||
|  |       extraConfig = nginxLocalServiceConfig; | ||||||
|  |       forceSSL = true; | ||||||
|  |       useACMEHost = "rcia.dev"; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  |   sops = { | ||||||
|  |     secrets."searxng_secret_key".owner = "searx"; | ||||||
|  |     templates."searxng_secret_key.env" = { | ||||||
|  |       content = '' | ||||||
|  |         SEARXNG_SECRET=${config.sops.placeholder."searxng_secret_key"} | ||||||
|  |       ''; | ||||||
|  |       owner = "searx"; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  |   systemd.services.nginx.serviceConfig.ProtectHome = false; | ||||||
|  |   users.groups.searx.members = [ "nginx" ]; | ||||||
|  | } | ||||||
							
								
								
									
										36
									
								
								hosts/greatyamada/services/vaultwarden.nix
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										36
									
								
								hosts/greatyamada/services/vaultwarden.nix
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,36 @@ | ||||||
|  | { config, ... }: | ||||||
|  | let | ||||||
|  |   portDefinitions = import ./_port-definitions.nix; | ||||||
|  |   nginxLocalServiceConfig = import ./nginx-local-config.nix; | ||||||
|  | in { | ||||||
|  |   services = { | ||||||
|  |     vaultwarden = { | ||||||
|  |       enable = true; | ||||||
|  |       dbBackend = "postgresql"; | ||||||
|  |       config = { | ||||||
|  |         domain = "https://vaultwarden.rcia.dev"; | ||||||
|  |         rocketAddress = "127.0.0.1"; | ||||||
|  |         rocketPort = portDefinitions.vaultwarden; | ||||||
|  |         showPasswordHint = false; | ||||||
|  |         signupsAllowed = false; | ||||||
|  |       }; | ||||||
|  |       environmentFile = config.sops.templates."vaultwarden.env".path; | ||||||
|  |     }; | ||||||
|  |     nginx.virtualHosts."vaultwarden.rcia.dev" = { | ||||||
|  |       locations."/".proxyPass = | ||||||
|  |         "http://localhost:${toString portDefinitions.vaultwarden}"; | ||||||
|  |       forceSSL = true; | ||||||
|  |       useACMEHost = "rcia.dev"; | ||||||
|  |       extraConfig = nginxLocalServiceConfig; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  |   sops = { | ||||||
|  |     secrets."vaultwarden_database_url" = { }; | ||||||
|  |     templates."vaultwarden.env" = { | ||||||
|  |       content = '' | ||||||
|  |         DATABASE_URL=${config.sops.placeholder."vaultwarden_database_url"} | ||||||
|  |       ''; | ||||||
|  |       owner = "vaultwarden"; | ||||||
|  |     }; | ||||||
|  |   }; | ||||||
|  | } | ||||||
|  | @ -1,34 +1,36 @@ | ||||||
| { ... }: | { pkgs, ... }: | ||||||
| let portDefinitions = import ./_port-definitions.nix; | let portDefinitions = import ./_port-definitions.nix; | ||||||
| in { | in { | ||||||
|   networking = { |   networking = { | ||||||
|  |     nat = { | ||||||
|  |       enable = true; | ||||||
|  |       externalInterface = "enp5s0"; | ||||||
|  |       internalInterfaces = [ "wg0" ]; | ||||||
|  |     }; | ||||||
|     firewall.allowedUDPPorts = [ portDefinitions.wireguard ]; |     firewall.allowedUDPPorts = [ portDefinitions.wireguard ]; | ||||||
|     wireguard = { |     wireguard = { | ||||||
|       enable = true; |       enable = true; | ||||||
|       interfaces.wg0 = { |       interfaces.wg0 = { | ||||||
|         ips = [ "10.10.0.1/24" ]; |         ips = [ "10.10.0.1/24" ]; | ||||||
|  |         listenPort = portDefinitions.wireguard; | ||||||
|         peers = [{ |         peers = [{ | ||||||
|           allowedIPs = [ "10.10.0.2/32" ]; |           allowedIPs = [ "10.10.0.2/32" ]; | ||||||
|           name = "Note9"; |           name = "Pixel9a"; | ||||||
|           publicKey = "Y5A5iv0ukg1TQMcIdtXd+bmDxtrqHCuoEhYRmBqwkFY="; |           publicKey = "Y5A5iv0ukg1TQMcIdtXd+bmDxtrqHCuoEhYRmBqwkFY="; | ||||||
|           presharedKeyFile = "/run/secrets/preshared_keys_note9"; |           presharedKeyFile = "/run/secrets/wireguard/preshared_keys/note9"; | ||||||
|         }]; |         }]; | ||||||
|         postSetup = |         postSetup = '' | ||||||
|           "iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp5s0 -j MASQUERADE"; |           ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.10.0.0/24 -o enp5s0 -j MASQUERADE | ||||||
|         postShutdown = |         ''; | ||||||
|           "iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp5s0 -j MASQUERADE"; |         postShutdown = '' | ||||||
|         privateKeyFile = "/run/secrets/wg_private_key"; |           ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.10.0.0/24 -o enp5s0 -j MASQUERADE | ||||||
|  |         ''; | ||||||
|  |         privateKeyFile = "/run/secrets/wireguard/private_key"; | ||||||
|       }; |       }; | ||||||
|     }; |     }; | ||||||
|   }; |   }; | ||||||
|   sops.secrets = { |   sops.secrets = { | ||||||
|     "wireguard/private_key" = { |     "wireguard/private_key" = { owner = "root"; }; | ||||||
|       path = "/run/secrets/wg_private_key"; |     "wireguard/preshared_keys/note9" = { owner = "root"; }; | ||||||
|       owner = "root"; |  | ||||||
|     }; |  | ||||||
|     "wireguard/preshared_keys/note9" = { |  | ||||||
|       path = "/run/secrets/preshared_keys_note9"; |  | ||||||
|       owner = "root"; |  | ||||||
|     }; |  | ||||||
|   }; |   }; | ||||||
| } | } | ||||||
|  |  | ||||||
|  | @ -1,12 +1,5 @@ | ||||||
| { pkgs, ... }: { | { pkgs, ... }: { | ||||||
|   home.packages = with pkgs; [ |   home.packages = with pkgs; [ xh gnupg git-credential-manager pass wslu ]; | ||||||
|     xh |  | ||||||
|     gnupg |  | ||||||
|     git-credential-manager |  | ||||||
|     pass |  | ||||||
|     wslu |  | ||||||
|     python3 |  | ||||||
|   ]; |  | ||||||
|   programs = { |   programs = { | ||||||
|     git = { |     git = { | ||||||
|       enable = true; |       enable = true; | ||||||
|  |  | ||||||
|  | @ -1,7 +1,7 @@ | ||||||
| { lib, pkgs, ... }: { | { lib, pkgs, ... }: { | ||||||
| 
 | 
 | ||||||
|   environment.shells = with pkgs; [ zsh ]; |   environment.shells = with pkgs; [ zsh ]; | ||||||
|   environment.systemPackages = with pkgs; [ xorg.setxkbmap android-tools ]; |   environment.systemPackages = with pkgs; [ xorg.setxkbmap ]; | ||||||
| 
 | 
 | ||||||
|   fonts = { |   fonts = { | ||||||
|     packages = with pkgs; [ inter notonoto ]; |     packages = with pkgs; [ inter notonoto ]; | ||||||
|  | @ -26,15 +26,19 @@ | ||||||
|     wheelNeedsPassword = true; |     wheelNeedsPassword = true; | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|  |   services.mysql = { | ||||||
|  |     enable = true; | ||||||
|  |     package = pkgs.mysql84; | ||||||
|  |   }; | ||||||
|  | 
 | ||||||
|   users = { |   users = { | ||||||
|     defaultUserShell = pkgs.zsh; |     defaultUserShell = pkgs.zsh; | ||||||
|     users.avery.extraGroups = [ "wheel" "adbusers" ]; |     users.avery.extraGroups = [ "wheel" ]; | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   wsl = { |   wsl = { | ||||||
|     enable = true; |     enable = true; | ||||||
|     defaultUser = "avery"; |     defaultUser = "avery"; | ||||||
|     usbip.enable = true; |  | ||||||
|   }; |   }; | ||||||
| 
 | 
 | ||||||
|   virtualisation.docker.enable = true; |   virtualisation.docker.enable = true; | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue