anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-04-02 11:12:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update

Browse Source 
Former-commit-id: 905cc9a885
This commit is contained in:
Hadi
2024-10-06 18:49:52 +02:00
parent 13c8f27411
commit 18c30e5931
75 changed files with 326 additions and 1325 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
hosts/server/configuration.nix
View File

@@ -1,49 +0,0 @@
{ config, ... }: {
imports = [
./hardware-configuration.nix
./variables.nix
../modules/grub.nix
../modules/timezone.nix
../modules/utils.nix
../modules/users.nix
../modules/zsh.nix
../modules/nix.nix
../modules/auto-upgrade.nix
../modules/home-manager.nix
../modules/network-manager.nix
# internal
./modules/internal/security.nix
./modules/internal/openssh.nix
# ./modules/internal/adguard.nix
# ./modules/internal/cockpit.nix
# exposed
# ./modules/exposed/ntfy-sh.nix
./modules/exposed/tailscale.nix
./modules/exposed/kuma.nix
./modules/exposed/cloudflare-dyndns.nix
./modules/exposed/nginx.nix
./modules/exposed/nextcloud.nix
./modules/exposed/vaultwarden.nix
./modules/www
./modules/jackflix
./secrets
];
virtualisation.docker.enable = true;
networking.networkmanager.enable = true;
home-manager.users."${config.var.username}" = import ./home.nix;
users.users.${config.var.username} = {
openssh.authorizedKeys.keys = [ config.var.sshPublicKey ];
};
# Don't touch this
system.stateVersion = "24.05";
}

31
hosts/server/hardware-configuration.nix
View File

@@ -1,31 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/f60945a8-32c6-49ba-b541-d1716385527b";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

45
hosts/server/home.nix
View File

@@ -1,45 +0,0 @@
{ pkgs, config, ... }: {
imports = [
./variables.nix
# Programs
../../home/programs/btop
../../home/programs/nvim
../../home/programs/git
../../home/programs/shell
# Scripts
../../home/scripts # All scripts
];
home = {
inherit (config.var) username;
inherit (config.var) homeDirectory;
packages = with pkgs; [
# Dev
go
cargo
nodejs
python3
jq
# Utils
fd
bc
gcc
zip
unzip
wget
curl
glow
wireguard-tools
pfetch
];
stateVersion = "24.05";
};
programs.home-manager.enable = true;
}

36
hosts/server/modules/exposed/bitcoin-git.nix
View File

@@ -1,36 +0,0 @@
{ pkgs, ... }:
let
bitcoin-price = pkgs.writeShellScriptBin "bitcoin-price" ''
[ ! -d "/home/hadi/btcprice" ] && ${pkgs.git}/bin/git clone git@github.com:anotherhadi/btcprice /home/hadi/btcprice
cd "/home/hadi/btcprice"
price=$(${pkgs.curl}/bin/curl eur.rate.sx/1BTC)
echo "# Bitcoin Price in EURO" >README.md
echo "" >>README.md
echo "1 Bitcoin = $price" >>README.md
echo "" >>README.md
echo "Date: $(date)" >>README.md
${pkgs.git}/bin/git add .
${pkgs.git}/bin/git commit -m "Update price (hadi)"
${pkgs.git}/bin/git push -u origin main
'';
in {
systemd.timers."bitcoin-git" = {
wantedBy = [ "timers.target" ];
timerConfig = {
Unit = "bitcoin-git.service";
OnCalendar = "daily";
Persistent = true;
};
};
systemd.services."bitcoin-git" = {
script = ''
${bitcoin-price}
exit 0
'';
serviceConfig = {
Type = "oneshot";
User = "hadi";
};
};
}

20
hosts/server/modules/exposed/cloudflare-dyndns.nix
View File

@@ -1,20 +0,0 @@
# CloudFlare Dynamic DNS client
{
services.cloudflare-dyndns = {
enable = true;
ipv4 = true;
domains = [
"cloud.anotherhadi.com"
"vault.anotherhadi.com"
"anotherhadi.com"
"www.anotherhadi.com"
"jack.anotherhadi.com"
"ntfy.anotherhadi.com"
"home.anotherhadi.com"
"kuma.anotherhadi.com"
"media.anotherhadi.com"
];
proxied = true;
apiTokenFile = "/etc/cloudflare/apiToken";
};
}

14
hosts/server/modules/exposed/kuma.nix
View File

@@ -1,14 +0,0 @@
{
services.uptime-kuma = {
enable = true;
settings = {
HOST = "127.0.0.1";
PORT = "3005";
};
};
services.nginx.virtualHosts."kuma.anotherhadi.com" = {
enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:3005"; };
};
networking.firewall.allowedTCPPorts = [ 3005 ];
}

28
hosts/server/modules/exposed/nextcloud.nix
View File

@@ -1,28 +0,0 @@
# Nextcloud
{ config, ... }:
let hostname = "cloud.anotherhadi.com";
in {
services.nextcloud = {
enable = true;
hostName = hostname;
https = true;
config = {
adminuser = "jack";
adminpassFile = "/etc/nextcloud/adminpassFile";
};
settings = {
trusted_domains =
[ "localhost" "127.0.0.1" "192.168.1.99" "cloud.anotherhadi.com" ];
};
nginx.recommendedHttpHeaders = true;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
contacts calendar tasks notes;
};
extraAppsEnable = true;
};
services.nginx.virtualHosts.${hostname} = {
forceSSL = false;
enableACME = true;
};
}

10
hosts/server/modules/exposed/nginx.nix
View File

@@ -1,10 +0,0 @@
# Nginx Reverse Proxy & ACME certs
{ config, ... }: {
services.nginx.enable = true;
security.acme = {
acceptTerms = true;
defaults.email = config.var.git.email;
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}

21
hosts/server/modules/exposed/ntfy-sh.nix
View File

@@ -1,21 +0,0 @@
# Push Notification Server
# https://mynixos.com/nixpkgs/options/services.ntfy-sh
let
hostname = "ntfy.anotherhadi.com";
port = 8082;
url = "https://" + hostname;
in {
services.ntfy-sh = {
enable = true;
settings = {
base-url = url;
listen-http = "127.0.0.1:${toString port}";
behind-proxy = true;
};
};
services.nginx.virtualHosts.${hostname} = {
enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; };
};
networking.firewall.allowedTCPPorts = [ port ];
}

13
hosts/server/modules/exposed/tailscale.nix
View File

@@ -1,13 +0,0 @@
{ config, ... }: {
services.tailscale = {
enable = config.var.tailscale;
useRoutingFeatures = "both";
authKeyFile = "/etc/tailscale/authKey";
openFirewall = true;
extraUpFlags = [ "--advertise-exit-node" ];
};
# Fix DNS & IPv6 bugs
networking.nftables.enable = true;
# services.resolved.enable = true;
}

22
hosts/server/modules/exposed/vaultwarden.nix
View File

@@ -1,22 +0,0 @@
# Password manager
let
hostname = "vault.anotherhadi.com";
url = "https://" + hostname;
port = 8222;
in {
services.vaultwarden = {
enable = true;
config = {
DOMAIN = url;
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = port;
ROCKET_LOG = "critical";
};
};
services.nginx.virtualHosts.${hostname} = {
enableACME = true;
locations."/" = { proxyPass = "http://127.0.0.1:${toString port}"; };
};
networking.firewall.allowedTCPPorts = [ port ];
}

12
hosts/server/modules/internal/adguard.nix
View File

@@ -1,12 +0,0 @@
# Network-wide ads & trackers blocking DNS server
# Change your router primary DNS server to {this server IP} to make it network wide.
{
services.adguardhome = {
enable = true;
host = "0.0.0.0";
port = 3000;
allowDHCP = true;
openFirewall = true;
};
networking.firewall.allowedTCPPorts = [ 53 3000 3001 ];
}

15
hosts/server/modules/internal/cockpit.nix
View File

@@ -1,15 +0,0 @@
# Web-based graphical interface for servers
{ pkgs, ... }: {
services.cockpit = {
enable = true;
port = 3009;
openFirewall = true;
settings.WebService = { AllowUnencrypted = true; };
};
environment.systemPackages = with pkgs; [
networkmanagerapplet
selinux-python
cockpit
];
}

18
hosts/server/modules/internal/openssh.nix
View File

@@ -1,18 +0,0 @@
# SSH server
{ config, ... }: {
services.openssh = {
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = true;
AllowUsers = [
config.var.username
]; # "null" allows all users by default. Can be [ "user1" "user2" ]
UseDns = true;
X11Forwarding = false;
PermitRootLogin =
"no"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
};
};
networking.firewall.allowedTCPPorts = [ 22 ];
}

8
hosts/server/modules/internal/security.nix
View File

@@ -1,8 +0,0 @@
# Firewall & fail2ban
{
networking.firewall.enable = true;
services.fail2ban = {
enable = true;
maxretry = 5;
};
}

84
hosts/server/modules/jackflix/default.nix
View File

@@ -1,84 +0,0 @@
let
exposed = false; # Expose jellyfin to the internet
vpn = {
enable = true;
wg-config = "/etc/wireguard/wg0.conf";
};
root_folder = "/data";
in {
systemd.tmpfiles.rules = [
"d ${root_folder} 0755 nixarr nixarr"
"d ${root_folder}/media 0755 nixarr nixarr"
"d ${root_folder}/media/shows 0755 nixarr nixarr"
"d ${root_folder}/media/movies 0755 nixarr nixarr"
"d ${root_folder}/radarr 0755 nixarr nixarr"
"d ${root_folder}/sonarr 0755 nixarr nixarr"
"d ${root_folder}/jellyfin 0755 nixarr nixarr"
"d ${root_folder}/bazarr 0755 nixarr nixarr"
"d ${root_folder}/transmission 0755 nixarr nixarr"
"d ${root_folder}/completed 0755 nixarr nixarr"
"d ${root_folder}/incomplete 0755 nixarr nixarr"
];
users = {
groups.nixarr = { };
users.nixarr = {
isNormalUser = true;
group = "nixarr";
extraGroups = [ "docker" ];
hashedPassword =
"$y$j9T$9.hOJCwwmryq3PzEOGtjZ.$hu/76TghEjongcbls7oDoN2GWRqg8AwCknq.CS0zB.8";
};
};
systemd.services.jellyfin.serviceConfig.IOSchedulingPriority = 0;
services = {
jellyfin = {
enable = true;
user = "nixarr";
group = "nixarr";
openFirewall = true;
dataDir = "${root_folder}/jellyfin";
};
jellyseerr = {
enable = true;
port = 5055;
openFirewall = true;
};
prowlarr = {
enable = true;
openFirewall = true;
};
radarr = {
enable = true;
user = "nixarr";
group = "nixarr";
dataDir = "${root_folder}/radarr";
openFirewall = true;
};
sonarr = {
enable = true;
user = "nixarr";
group = "nixarr";
dataDir = "${root_folder}/sonarr";
openFirewall = true;
};
bazarr = {
enable = true;
user = "nixarr";
group = "nixarr";
openFirewall = true;
};
};
# Transmission port
networking.firewall.allowedTCPPorts = [ 9091 ];
}

21
hosts/server/modules/jackflix/transmission.nix
View File

@@ -1,21 +0,0 @@
# I'm using the transmission-openvpn docker image to be sure that my torrent traffic is going through a VPN.
# Only to download legal stuff of course.
{
# environment.etc."/etc/transmission.sh" = {
# text = ''
# docker run --cap-add=NET_ADMIN -d \
# -v /var/lib/transmission-openvpn/data:/data \
# -v /var/lib/transmission-openvpn/config:/config \
# -e OPENVPN_PROVIDER=PIA \
# -e OPENVPN_CONFIG=france \
# -e OPENVPN_USERNAME=username\
# -e OPENVPN_PASSWORD="password" \
# -e LOCAL_NETWORK=192.168.2.0/24 \
# --log-driver json-file \
# --log-opt max-size=10m \
# -p 9091:9091 \
# haugene/transmission-openvpn
# '';
# };
}

7
hosts/server/modules/www/anotherhadi.com.nix
View File

@@ -1,7 +0,0 @@
{ inputs, pkgs, ... }: {
services.nginx.virtualHosts."anotherhadi.com" = {
serverAliases = [ "www.anotherhadi.com" ];
enableACME = true;
root = inputs.anotherhadi-portfolio.packages."${pkgs.system}".default;
};
}

7
hosts/server/modules/www/default.nix
View File

@@ -1,7 +0,0 @@
{
imports = [ ./home.anotherhadi.com.nix ./anotherhadi.com.nix ];
services.nginx.virtualHosts = {
# "test.anotherhadi.com" = { root = "/var/www/test"; };
};
}

147
hosts/server/modules/www/home.anotherhadi.com.nix
View File

@@ -1,147 +0,0 @@
{ pkgs, config, ... }:
let
settings = ''
{
"config": {
"title" : "Jack's Home",
"openLinksInNewTab": false,
"locale": "fr-FR",
"colors": {
"primary": "#${config.var.theme.colors.accent}",
"background": "#${config.var.theme.colors.bg}",
"foreground": "#${config.var.theme.colors.fg}",
"muted": "#${config.var.theme.colors.c8}"
},
"folders": [
{
"name": " Home",
"links": [
{
"title": "Nextcloud",
"url": "https://cloud.anotherhadi.com",
"icon": "󰅟"
},
{
"title": "Vaultwarden",
"url": "https://vault.anotherhadi.com",
"icon": ""
}
]
},
{
"name": "󰚺 Streaming",
"links": [
{
"title": "Jellyfin",
"url": "http://192.168.1.99:8096",
"icon": "󰼂"
},
{
"title": "Jellyseerr",
"url": "http://192.168.1.99:5055",
"icon": ""
},
{
"title": "Radarr",
"url": "http://192.168.1.99:7878",
"icon": ""
},
{
"title": "Sonarr",
"url": "http://192.168.1.99:8989",
"icon": ""
},
{
"title": "Bazarr",
"url": "http://192.168.1.99:6767",
"icon": "󰨖"
},
{
"title": "Transmission",
"url": "http://192.168.1.99:9091",
"icon": "󰘡"
},
{
"title": "Prowlarr",
"url": "http://192.168.1.99:9696",
"icon": "󱖫"
}
]
},
{
"name": " Admin",
"links": [
{
"title": "Uptime Kuma",
"url": "https://kuma.anotherhadi.com",
"icon": "󱎫"
},
{
"title": "Cockpit",
"url": "https://jack:3009",
"icon": ""
},
{
"title": "Adguard Home",
"url": "http://192.168.2.24:3001",
"icon": ""
},
{
"title": "Proxmox",
"url": "https://192.168.2.17:8006",
"icon": ""
},
{
"title": "Cloudflare",
"url": "https://dash.cloudflare.com/",
"icon": ""
},
{
"title": "Tailscale",
"url": "https://login.tailscale.com/admin/machines",
"icon": "󰖂"
}
]
}
]
}
}
'';
package = pkgs.buildNpmPackage {
pname = "homepage";
version = "0.0.0";
src = pkgs.fetchFromGitHub {
owner = "anotherhadi";
repo = "homepage";
rev = "9553fc10221eb8568ca6999d73e48e9261447aa4";
hash = "sha256-vpiaBb0iDnbYQH69ZbMurHtOerWNPX7HC7Hx0vM31C4=";
};
# npmDepsHash = lib.fakeHash;
npmDepsHash = "sha256-bG+CHTq2Rst3JMxsjAC81KhK+G7WwsTVD1eyP87g0z4=";
buildPhase = ''
npm install
cp ${
pkgs.writeText "src/routes/config.json" settings
} src/routes/config.json
npm run build
mkdir $out
mv build $out
'';
meta = {
description = "homepage";
homepage = "https://github.com/anotherhadi/homepage";
};
};
in {
services.nginx.virtualHosts."home.anotherhadi.com" = {
serverAliases = [ "jack.anotherhadi.com" ];
enableACME = true;
root = package + "/build";
};
}

39
hosts/server/secrets/default.nix
View File

@@ -1,39 +0,0 @@
{
sops = {
age.keyFile = "/home/hadi/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
sshconfig = {
path = "/home/hadi/.ssh/config";
owner = "hadi";
};
github-key = {
path = "/home/hadi/.ssh/github";
owner = "hadi";
};
nextcloud-adminpass = {
mode = "0444";
path = "/etc/nextcloud/adminpassFile";
};
cloudflare-apitoken = {
mode = "0444";
path = "/etc/cloudflare/apiToken";
};
tailscaled-authKey = {
mode = "0444";
path = "/etc/tailscale/authKey";
};
transmission-script = {
mode = "0755";
path = "/data/transmission-script.sh";
owner = "nixarr";
};
pia-wg = {
mode = "0755";
path = "/data/.secret/wg.conf";
};
};
};
}

27
hosts/server/secrets/secrets.yaml
View File

@@ -1,27 +0,0 @@
sshconfig: ENC[AES256_GCM,data:4js0EtQXcazsMDoF3LFmEqvDSxviZFTLtmyd0XgS4PTcf7exHj586EqxJRMQuT318PyPH+KzYU5XV1OwnZl8c5G0ZSivj2AJewAPe0JtByqrBA6xEiozDGP8s8YezELZs2MebVHHWxzn+g/HsJM3QFoR3g==,iv:l1pS/K2GHNJ8aztgYGvtksP3QR4qqhIDRLiWg6dwGzc=,tag:adAmwETO0gmeC0jGGkFSmg==,type:str]
github-key: ENC[AES256_GCM,data:6u7+Rq+FYhYvfHoCNeQ2zKHVzsw9gbsFcoEcEMHc5gDenLwjTBTvY5TroIY5X8SvDh656N8WsOTIYGqbRyNY1bnCsMt9Q6rlanIlc1BGp77bctztImp0KKbMctDDvG+6FVqvdmO5gwO1+lUB/uX4Sb6DeFGrizDyhoKZlTrA7GHnYh4prryimlSnlwzhXTtpqQ7fzyniNShXlJPgQfGB7Z3LJCmMEUs4CHVRuuIIgRm/wk5muhJmynKsuB8l0tSqVDaNQjTrxE95p021ivCiEHWULf6+Z31u5tTG+yps2y5kpSP08Op9mk1aB7Wrcg/vh52wWvedpTuqLSeJCzxbLWrmeMq8d9J402ZH8jgI2WfqgWHdHotODrD12n5nA5b6gnoQ7N793FuQPKu4YfMbCvZN5gdzNrfmAuAaSCTq1XTr4z8As81LIZxbj22uyRSEvZM6biqVZOIk7I0FZMN2BnWVZLYOoC+fyeedh/I1ZqYWuvswCUBowrVJ875eo+/+2JEcRiXIGcLFsuPsbw8R,iv:gv6qb91ZvkOIT6QuQZvLuotxGaBv1nK8ytagDWtiWBQ=,tag:2tXUNGiA/5xhxCXC5v4D3w==,type:str]
nextcloud-adminpass: ENC[AES256_GCM,data:skcJhRBDDAIqdrUkylqntJE7ErG+4jWAcw==,iv:gf49orzxxyr+CAYCHQwvHCE6IcaR3iCu4blfn/HFzlc=,tag:b7R4Y8GSKAqoZuUBLPj2AQ==,type:str]
cloudflare-apitoken: ENC[AES256_GCM,data:VVMa84UpCFcUSFVdnBt4mVTnm5rGDJBtw0nEm6584mDcVT35Ycc8LyhHJofQRNQQPviDKgmjgt9Tv7ZgRg==,iv:fVC2cWfveeACJ0x+weKzv0bQZGucfwZi5rq2RiDJgsY=,tag:uCN/IKaFbqQaDoA+M704sw==,type:str]
tailscaled-authKey: ENC[AES256_GCM,data:wIFPKLoD2BDgBjBmOSx2a5okN8BWFdEqApXD4QeVA9uxXBSBhfPu+57dh4O0gTH77n0RgbhxJ/TCorTtNg==,iv:ue/MeYAhUcG69p2Vw5drGdGxkRC8ofzzE910nZd2JKk=,tag:xKjlIpi8WHWT57ryWtUnlg==,type:str]
transmission-script: ENC[AES256_GCM,data:W5GaHfc1Grmzu2a48FkVTaPj3FUB6qWamdFIzaxPhmJoiA6F8T4sUwN6tRaP5YDCX+svdzceOTg6f63RfoSv5Vwq56Lmew6+MJi/GE4D70E4PkWBxyO6DJ+Pq/XtgsVyh+98U7n10oUoDMei8gTf0Fx8VgHSzs+KjsaQsgY2MDdHasl2Kk+cZn1jfLdPPH8NHV8zwnpCl95+acugXzMMZR+rwl+dGLlESmmHj1O9FVWo33kyv/3kEW7ByHByv/TP7Lh+3aYxBeTBAQ/DgK3lpLSINwifTXkXNSao+RuzFXW+7l29qz64mgcqwDerFWXM5IyLnnkt/Nh4+B9FEYgGpyq+cs9HSpgk5ifwx7RvGf/Gmhxj6wynv3Oa2h9ezYGVHZwuOJeuZVjbOSiVfo9i7/l2PZkl5EFbD90gUMHNl7GLuTW0+h+bYxMkfTMOrQQDx0t9c/kFvsd4nxhkIvB+f0kQzlLM3/LvN+6NTwg2P8JtLs52hVT2nP9FkIo9g7IyB5LiNvZc9vwJm2Jmow==,iv:J7HYpaqzAktdFx/wOx3q11l3aLoAQ6DbI6/zM8hwpJs=,tag:qW59BNzCbIu2it2hL3AZyg==,type:str]
pia-wg: ENC[AES256_GCM,data:zJuAQa5joQUwMppaffHTbmLS7y+c3usOjjNpSGSMolGVIp81mr+5ccqLOqtb1Ox0L1/VdIJifRCSk/WGZYXVN2yLb4Ndw6vbRzrLwML3lFfOC4p2zDVraJIkPxSyGA3gb3yvAoNTzhnTyLaZnFdwxAq6bZqlCq/Ey9VVDvMFSssmW8oaWmFJSjtbyhUwnygMsoInmz6MTptAmtmzSuBVuWeFo2VfkT26alkIBtTCN3o3/5xTr5htvsMoyr5B3+ut0t+1FN+k/ntohi/QzxNcWznm2OUOyhV4fkjBxFcDhLiM+eb7gD1ZPFAyXZ2v+XY4+R/OGdwhEfr0+60pIl9gC9ukpVY504r8Cw==,iv:bK5XE7oJh2EIsprEwdtvyVuMfg+opUkC2QkzazejNTI=,tag:dkQFA0PhqXCKeybnTsLdqQ==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age12yvtj49pfh3fqzqflscm0ek4yzrjhr6cqhn7x89gdxnlykq0xudq5c7334
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHVWN4YjZqczB3Q21WL1lz
ckROWkhRditHblVHVEpOS0E0aGVqdW14M0ZvCkNzRXlCOWFBWmQwTGpTYVdFRlpq
bFdOR2pSTEZpUVpvUHo2NklrQm5EU1kKLS0tIFZ5ZWhYcHg1Z0hTOTZIdHR1QUxv
cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo
FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-08-23T09:28:13Z"
mac: ENC[AES256_GCM,data:qP/YVCjBE2E8pNPIhEgozwUmImH7knlWNzcV25ch6BQDVWN0K9wChm6lPxKuckdX5LG/txO1zCi8NJjDy3Ku6iZ9VqA2oA8TyTQQkg3X8jxXCqL+onrI/oag/lohy3a3ElDWlwowaHxw58hXRxl9uMWQiL2boPJyXjo7mZ5Czgg=,iv:LJ7YU8vnYxRuY+T+HlKlWGH+VvA7ZtP6W/JysIWeC/Q=,tag:kLNqVX6sYVESZz56lDZjrQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0

34
hosts/server/variables.nix
View File

@@ -1,34 +0,0 @@
{ config, ... }: {
imports = [ ../modules/variables-config.nix ];
config.var = {
hostname = "jack";
username = "hadi";
homeDirectory = "/home/" + config.var.username;
configDirectory = config.var.homeDirectory + "/.config/nixos";
keyboardLayout = "fr";
timeZone = "Europe/Paris";
defaultLocale = "en_US.UTF-8";
extraLocale = "fr_FR.UTF-8";
git = {
username = "Hadi";
email = "112569860+anotherhadi@users.noreply.github.com";
};
autoUpgrade = false;
autoGarbageCollector = false;
sops = true;
tailscale = true;
usbguard = false;
usbguardRules = "";
sshPublicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPG9SE80ZyBcXZK/f5ypSKudaM5Jo3XtQikCnGo0jI5E hadi@nixy";
theme = import ../themes/windows.nix;
};
}