anotherhadi/nixy
1
Fork 0
mirror of https://github.com/anotherhadi/nixy.git synced 2026-04-02 11:12:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

update/format configuration for jack

Browse Source 
Signed-off-by: Hadi <112569860+anotherhadi@users.noreply.github.com>
This commit is contained in:
Hadi
2025-07-16 19:51:05 +02:00
parent 18c8afb616
commit 72e4be86eb
30 changed files with 466 additions and 589 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
flake.nix
View File

@@ -16,16 +16,11 @@
nixcord.url = "github:kaylorben/nixcord"; nixcord.url = "github:kaylorben/nixcord";
sops-nix.url = "github:Mic92/sops-nix"; sops-nix.url = "github:Mic92/sops-nix";
nixarr.url = "github:rasmus-kirk/nixarr"; nixarr.url = "github:rasmus-kirk/nixarr";
anyrun.url = "github:fufexan/anyrun/launch-prefix";
nvf.url = "github:notashelf/nvf"; nvf.url = "github:notashelf/nvf";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixvim = {
url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs";
};
spicetify-nix = { spicetify-nix = {
url = "github:Gerg-L/spicetify-nix"; url = "github:Gerg-L/spicetify-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";

29
hosts/laptop/secrets/default.nix
View File

@@ -1,19 +1,23 @@
# Those are my secrets, encrypted with sops # Those are my secrets, encrypted with sops
# You shouldn't import this file, unless you edit it # You shouldn't import this file, unless you edit it
{ pkgs, inputs, ... }: { {
imports = [ inputs.sops-nix.homeManagerModules.sops ]; pkgs,
inputs,
...
}: {
imports = [inputs.sops-nix.homeManagerModules.sops];
sops = { sops = {
age.keyFile = "/home/hadi/.config/sops/age/keys.txt"; age.keyFile = "/home/hadi/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
secrets = { secrets = {
sshconfig = { path = "/home/hadi/.ssh/config"; }; sshconfig = {path = "/home/hadi/.ssh/config";};
github-key = { path = "/home/hadi/.ssh/github"; }; github-key = {path = "/home/hadi/.ssh/github";};
gitlab-key = { path = "/home/hadi/.ssh/gitlab"; }; gitlab-key = {path = "/home/hadi/.ssh/gitlab";};
jack-key = { path = "/home/hadi/.ssh/jack"; }; jack-key = {path = "/home/hadi/.ssh/jack";};
signing-key = { path = "/home/hadi/.ssh/key"; }; signing-key = {path = "/home/hadi/.ssh/key";};
signing-pub-key = { path = "/home/hadi/.ssh/key.pub"; }; signing-pub-key = {path = "/home/hadi/.ssh/key.pub";};
pia = { path = "/home/hadi/.config/pia/pia.ovpn"; }; pia = {path = "/home/hadi/.config/pia/pia.ovpn";};
}; };
}; };
@@ -31,9 +35,8 @@
- *primary - *primary
''; '';
systemd.user.services.mbsync.Unit.After = [ "sops-nix.service" ]; systemd.user.services.mbsync.Unit.After = ["sops-nix.service"];
home.packages = with pkgs; [ sops age ]; home.packages = with pkgs; [sops age];
wayland.windowManager.hyprland.settings.exec-once = wayland.windowManager.hyprland.settings.exec-once = ["systemctl --user start sops-nix"];
[ "systemctl --user start sops-nix" ];
} }

5
hosts/server/configuration.nix
View File

@@ -1,5 +1,6 @@
{config, ...}: { {config, ...}: {
imports = [ imports = [
# NixOS module
../../nixos/home-manager.nix ../../nixos/home-manager.nix
../../nixos/nix.nix ../../nixos/nix.nix
../../nixos/systemd-boot.nix ../../nixos/systemd-boot.nix
@@ -8,6 +9,7 @@
../../nixos/docker.nix ../../nixos/docker.nix
../../nixos/tailscale.nix ../../nixos/tailscale.nix
# NixOS server modules
../../server-modules/ssh.nix ../../server-modules/ssh.nix
../../server-modules/bitwarden.nix ../../server-modules/bitwarden.nix
../../server-modules/firewall.nix ../../server-modules/firewall.nix
@@ -15,12 +17,9 @@
../../server-modules/nextcloud.nix ../../server-modules/nextcloud.nix
../../server-modules/glance.nix ../../server-modules/glance.nix
../../server-modules/adguardhome.nix ../../server-modules/adguardhome.nix
../../server-modules/hoarder.nix
../../server-modules/arr.nix ../../server-modules/arr.nix
../../server-modules/mealie.nix ../../server-modules/mealie.nix
# ../../server-modules/meilisearch.nix
../../server-modules/search-nixos-api.nix ../../server-modules/search-nixos-api.nix
# ../../server-modules/headscale.nix
# You should let those lines as is # You should let those lines as is
./hardware-configuration.nix ./hardware-configuration.nix

23
hosts/server/hardware-configuration.nix
View File

@@ -1,13 +1,18 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }: { {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; config,
boot.initrd.availableKernelModules = lib,
[ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; pkgs,
boot.initrd.kernelModules = [ "dm-snapshot" ]; modulesPath,
boot.kernelModules = [ "kvm-amd" ]; ...
boot.extraModulePackages = [ ]; }: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/350cf109-5380-4982-8a9e-279a9275ee18"; device = "/dev/disk/by-uuid/350cf109-5380-4982-8a9e-279a9275ee18";
fsType = "ext4"; fsType = "ext4";
@@ -15,9 +20,9 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/DD15-1125"; device = "/dev/disk/by-uuid/DD15-1125";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ]; options = ["fmask=0077" "dmask=0077"];
}; };
swapDevices = [ ]; swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction

7
hosts/server/home.nix
View File

@@ -1,5 +1,8 @@
{ pkgs, config, ... }: { {
pkgs,
config,
...
}: {
imports = [ imports = [
# Mostly user-specific configuration # Mostly user-specific configuration
./variables.nix ./variables.nix

4
hosts/server/secrets/default.nix
View File

@@ -23,10 +23,6 @@
path = "/home/hadi/.ssh/key.pub"; path = "/home/hadi/.ssh/key.pub";
mode = "0600"; mode = "0600";
}; };
cloudflare-dns-token = {path = "/etc/cloudflare/dnskey.txt";};
nextcloud-pwd = {path = "/etc/nextcloud/pwd.txt";};
adguard-pwd = {};
hoarder = {};
}; };
}; };

12
hosts/server/variables.nix
View File

@@ -1,4 +1,8 @@
{ config, lib, ... }: { {
config,
lib,
...
}: {
imports = [ imports = [
# Choose your theme here: # Choose your theme here:
../../themes/nixy.nix ../../themes/nixy.nix
@@ -7,7 +11,9 @@
config.var = { config.var = {
hostname = "jack"; hostname = "jack";
username = "hadi"; username = "hadi";
configDirectory = "/home/" + config.var.username configDirectory =
"/home/"
+ config.var.username
+ "/.config/nixos"; # The path of the nixos configuration directory + "/.config/nixos"; # The path of the nixos configuration directory
keyboardLayout = "fr"; keyboardLayout = "fr";
@@ -30,7 +36,7 @@
options = { options = {
var = lib.mkOption { var = lib.mkOption {
type = lib.types.attrs; type = lib.types.attrs;
default = { }; default = {};
}; };
}; };
} }

1
nixos/audio.nix
View File

@@ -1,3 +1,4 @@
# Audio configuration for NixOS using PipeWire
{ {
security.rtkit.enable = true; security.rtkit.enable = true;
services.pulseaudio.enable = false; services.pulseaudio.enable = false;

1
nixos/bluetooth.nix
View File

@@ -1,3 +1,4 @@
# Bluetooth configuration for NixOS
{pkgs, ...}: { {pkgs, ...}: {
environment.systemPackages = with pkgs; [blueman]; environment.systemPackages = with pkgs; [blueman];
hardware.bluetooth = { hardware.bluetooth = {

1
nixos/docker.nix
View File

@@ -1,3 +1,4 @@
# Docker is a containerization platform that allows you to run applications in isolated environments called containers.
{config, ...}: { {config, ...}: {
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
users.users."${config.var.username}".extraGroups = ["docker"]; users.users."${config.var.username}".extraGroups = ["docker"];

1
nixos/fonts.nix
View File

@@ -1,3 +1,4 @@
# Fonts configuration for NixOS
{pkgs, ...}: { {pkgs, ...}: {
fonts = { fonts = {
packages = with pkgs; [ packages = with pkgs; [

1
nixos/home-manager.nix
View File

@@ -1,3 +1,4 @@
# Home-manager configuration for NixOS
{inputs, ...}: { {inputs, ...}: {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;

1
nixos/hyprland.nix
View File

@@ -1,3 +1,4 @@
# Hyprland is a dynamic tiling Wayland compositor.
{ {
inputs, inputs,
pkgs, pkgs,

1
nixos/nix.nix
View File

@@ -1,3 +1,4 @@
# Nix configuration for NixOS
{ {
config, config,
inputs, inputs,

2
nixos/nvidia.nix
View File

@@ -1,3 +1,5 @@
# Nvidia configuration for NixOS with Wayland and Hyprland support
# Import this module only if you have an Nvidia GPU
{ {
pkgs, pkgs,
config, config,

2
nixos/omen.nix
View File

@@ -1,3 +1,5 @@
# Omen laptop configuration for NixOS
# Import this only if you have an HP Omen laptop
{ {
config, config,
pkgs, pkgs,

1
nixos/systemd-boot.nix
View File

@@ -1,3 +1,4 @@
# Systemd-boot configuration for NixOS
{pkgs, ...}: { {pkgs, ...}: {
boot = { boot = {
bootspec.enable = true; bootspec.enable = true;

1
nixos/users.nix
View File

@@ -1,3 +1,4 @@
# Users configuration for NixOS
{ {
config, config,
pkgs, pkgs,

1
nixos/utils.nix
View File

@@ -1,3 +1,4 @@
# Misc
{ {
pkgs, pkgs,
config, config,

7
server-modules/arr.nix
View File

@@ -1,3 +1,6 @@
# *arr is a collection of media management applications.
# See https://github.com/rasmus-kirk/nixarr
# Setup guide: https://nixarr.com/wiki/setup/
{config, ...}: let {config, ...}: let
domain = "hadi.diy"; domain = "hadi.diy";
mkVirtualHost = port: { mkVirtualHost = port: {
@@ -5,10 +8,10 @@
forceSSL = true; forceSSL = true;
locations."/" = {proxyPass = "http://127.0.0.1:${toString port}";}; locations."/" = {proxyPass = "http://127.0.0.1:${toString port}";};
}; };
my-username = config.var.username; username = config.var.username;
in { in {
# Add my user to the media group # Add my user to the media group
users.users."${my-username}".extraGroups = ["media"]; users.users."${username}".extraGroups = ["media"];
# Add my secrets # Add my secrets
sops.secrets = { sops.secrets = {

617
server-modules/glance.nix
View File

@@ -1,323 +1,316 @@
{ config, lib, ... }: # Glance is a self-hosted homepage/dashboard service.
let {
config,
lib,
...
}: let
domain = "start.hadi.diy"; domain = "start.hadi.diy";
rgb-to-hsl = color: rgb-to-hsl = color: let
let r = ((lib.toInt config.lib.stylix.colors."${color}-rgb-r") * 100.0) / 255;
r = ((lib.toInt config.lib.stylix.colors."${color}-rgb-r") * 100.0) / 255; g = ((lib.toInt config.lib.stylix.colors."${color}-rgb-g") * 100.0) / 255;
g = ((lib.toInt config.lib.stylix.colors."${color}-rgb-g") * 100.0) / 255; b = ((lib.toInt config.lib.stylix.colors."${color}-rgb-b") * 100.0) / 255;
b = ((lib.toInt config.lib.stylix.colors."${color}-rgb-b") * 100.0) / 255; max = lib.max r (lib.max g b);
max = lib.max r (lib.max g b); min = lib.min r (lib.min g b);
min = lib.min r (lib.min g b); delta = max - min;
delta = max - min; fmod = base: int: base - (int * builtins.floor (base / int));
fmod = base: int: base - (int * builtins.floor (base / int)); h =
h = if delta == 0 then if delta == 0
0 then 0
else if max == r then else if max == r
60 * (fmod ((g - b) / delta) 6) then 60 * (fmod ((g - b) / delta) 6)
else if max == g then else if max == g
60 * (((b - r) / delta) + 2) then 60 * (((b - r) / delta) + 2)
else if max == b then else if max == b
60 * (((r - g) / delta) + 4) then 60 * (((r - g) / delta) + 4)
else else 0;
0; l = (max + min) / 2;
l = (max + min) / 2; s =
s = if delta == 0 then if delta == 0
0 then 0
else else 100 * delta / (100 - lib.max (2 * l - 100) (100 - (2 * l)));
100 * delta / (100 - lib.max (2 * l - 100) (100 - (2 * l))); roundToString = value: toString (builtins.floor (value + 0.5));
roundToString = value: toString (builtins.floor (value + 0.5)); in
in lib.concatMapStringsSep " " roundToString [ h s l ]; lib.concatMapStringsSep " " roundToString [h s l];
in { in {
services = { services = {
glance = { glance = {
enable = true; enable = true;
settings = { settings = {
theme = { theme = {
# primary-color = rgb-to-hsl "base0D";
contrast-multiplier = lib.mkForce 1.4; contrast-multiplier = lib.mkForce 1.4;
}; };
pages = [{ pages = [
hide-desktop-navigation = true; {
columns = [ hide-desktop-navigation = true;
{ columns = [
size = "small"; {
widgets = [ size = "small";
{ widgets = [
type = "clock"; {
hour-format = "24h"; type = "clock";
} hour-format = "24h";
{ }
type = "weather"; {
location = "Paris, France"; type = "weather";
} location = "Paris, France";
{ }
type = "markets"; {
markets = [ type = "markets";
{ markets = [
symbol = "BTC-USD"; {
name = "Bitcoin"; symbol = "BTC-USD";
chart-link = name = "Bitcoin";
"https://www.tradingview.com/chart/?symbol=INDEX:BTCUSD"; chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:BTCUSD";
} }
{ {
symbol = "SOL-USD"; symbol = "SOL-USD";
name = "Solana"; name = "Solana";
chart-link = chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:SOLUSD";
"https://www.tradingview.com/chart/?symbol=INDEX:SOLUSD"; }
} {
{ symbol = "ETH-USD";
symbol = "ETH-USD"; name = "Ethereum";
name = "Ethereum"; chart-link = "https://www.tradingview.com/chart/?symbol=INDEX:ETHUSD";
chart-link = }
"https://www.tradingview.com/chart/?symbol=INDEX:ETHUSD"; ];
} }
]; {
} type = "dns-stats";
{ service = "adguard";
type = "dns-stats"; url = "https://adguard.hadi.diy";
service = "adguard"; username = "hadi";
url = "https://adguard.hadi.diy"; password = "\${secret:adguard-pwd}";
username = "hadi"; }
password = "\${secret:adguard-pwd}"; ];
} }
]; {
} size = "full";
{ widgets = [
size = "full"; {
widgets = [ type = "search";
{ search-engine = "duckduckgo";
type = "search"; }
search-engine = "duckduckgo"; {
} type = "bookmarks";
{ groups = [
type = "bookmarks"; {
groups = [ title = "";
{ same-tab = true;
title = ""; color = "200 50 50";
same-tab = true; links = [
color = "200 50 50"; {
links = [ title = "ProtonMail";
{ url = "https://proton.me/mail";
title = "ProtonMail"; }
url = "https://proton.me/mail"; {
} title = "Github";
{ url = "https://github.com";
title = "Github"; }
url = "https://github.com"; {
} title = "Youtube";
{ url = "https://youtube.com";
title = "Youtube"; }
url = "https://youtube.com"; {
} title = "Figma";
{ url = "https://figma.com";
title = "Figma"; }
url = "https://figma.com"; ];
} }
]; {
} title = "Docs";
{ same-tab = true;
title = "Docs"; color = "200 50 50";
same-tab = true; links = [
color = "200 50 50"; {
links = [ title = "Nixpkgs repo";
{ url = "https://github.com/NixOS/nixpkgs";
title = "Nixpkgs repo"; }
url = "https://github.com/NixOS/nixpkgs"; {
} title = "Nixvim";
{ url = "https://nix-community.github.io/nixvim/";
title = "Nixvim"; }
url = "https://nix-community.github.io/nixvim/"; {
} title = "Hyprland wiki";
{ url = "https://wiki.hyprland.org/";
title = "Hyprland wiki"; }
url = "https://wiki.hyprland.org/"; {
} title = "Search NixOS";
{ url = "https://search-nixos.hadi.diy";
title = "Search NixOS"; }
url = "https://search-nixos.hadi.diy"; ];
} }
]; {
} title = "Homelab";
{ same-tab = true;
title = "Homelab"; color = "100 50 50";
same-tab = true; links = [
color = "100 50 50"; {
links = [ title = "Router";
{ url = "http://192.168.1.254/";
title = "Router"; }
url = "http://192.168.1.254/"; {
} title = "Cloudflare";
{ url = "https://dash.cloudflare.com/";
title = "Cloudflare"; }
url = "https://dash.cloudflare.com/"; ];
} }
]; {
} title = "Work";
{ same-tab = true;
title = "Work"; color = "50 50 50";
same-tab = true; links = [
color = "50 50 50"; {
links = [ title = "Outlook";
{ url = "https://outlook.office.com/";
title = "Outlook"; }
url = "https://outlook.office.com/"; {
} title = "Teams";
{ url = "https://teams.microsoft.com/";
title = "Teams"; }
url = "https://teams.microsoft.com/"; {
} title = "Office";
{ url = "https://www.office.com/";
title = "Office"; }
url = "https://www.office.com/"; ];
} }
]; {
} title = "Cyber";
{ same-tab = true;
title = "Cyber"; color = rgb-to-hsl "base09";
same-tab = true; links = [
color = rgb-to-hsl "base09"; {
links = [ title = "CyberChef";
{ url = "https://cyberchef.org/";
title = "CyberChef"; }
url = "https://cyberchef.org/"; {
} title = "TryHackMe";
{ url = "https://tryhackme.com/";
title = "TryHackMe"; }
url = "https://tryhackme.com/"; {
} title = "RootMe";
{ url = "https://www.root-me.org/";
title = "RootMe"; }
url = "https://www.root-me.org/"; {
} title = "Exploit-DB";
{ url = "https://www.exploit-db.com/";
title = "Exploit-DB"; }
url = "https://www.exploit-db.com/"; {
} title = "CrackStation";
{ url = "https://crackstation.net/";
title = "CrackStation"; }
url = "https://crackstation.net/"; ];
} }
]; {
} title = "Misc";
{ same-tab = true;
title = "Misc"; color = rgb-to-hsl "base01";
same-tab = true; links = [
color = rgb-to-hsl "base01"; {
links = [ title = "Svgl";
{ url = "https://svgl.app/";
title = "Svgl"; }
url = "https://svgl.app/"; {
} title = "Excalidraw";
{ url = "https://excalidraw.com/";
title = "Excalidraw"; }
url = "https://excalidraw.com/"; {
} title = "Cobalt (Downloader)";
{ url = "https://cobalt.tools/";
title = "Cobalt (Downloader)"; }
url = "https://cobalt.tools/"; {
} title = "Mazanoke (Image optimizer)";
{ url = "https://mazanoke.com/";
title = "Mazanoke (Image optimizer)"; }
url = "https://mazanoke.com/"; ];
} }
]; ];
} }
{
]; type = "server-stats";
} servers = [
{ {
type = "server-stats"; type = "local";
servers = [{ name = "Jack";
type = "local"; }
name = "Jack"; ];
}]; }
} {
{ type = "group";
type = "group"; widgets = [
widgets = [ {
{ type = "monitor";
type = "monitor"; title = "Services";
title = "Services"; cache = "1m";
cache = "1m"; sites = [
sites = [ {
{ title = "Vaultwarden";
title = "Vaultwarden"; url = "https://vault.hadi.diy";
url = "https://vault.hadi.diy"; icon = "si:bitwarden";
icon = "si:bitwarden"; }
} {
{ title = "Nextcloud";
title = "Nextcloud"; url = "https://cloud.hadi.diy";
url = "https://cloud.hadi.diy"; icon = "si:nextcloud";
icon = "si:nextcloud"; }
} {
{ title = "Adguard";
title = "Adguard"; url = "https://adguard.hadi.diy";
url = "https://adguard.hadi.diy"; icon = "si:adguard";
icon = "si:adguard"; }
} {
{ title = "Mealie";
title = "Hoarder"; url = "https://mealie.hadi.diy";
url = "https://hoarder.hadi.diy"; icon = "si:mealie";
icon = "si:bookstack"; }
} ];
{ }
title = "Mealie"; {
url = "https://mealie.hadi.diy"; type = "monitor";
icon = "si:mealie"; title = "*arr";
} cache = "1m";
]; sites = [
} {
{ title = "Jellyfin";
type = "monitor"; url = "https://jellyfin.hadi.diy";
title = "*arr"; icon = "si:jellyfin";
cache = "1m"; }
sites = [ {
{ title = "Jellyseerr";
title = "Jellyfin"; url = "https://jellyseerr.hadi.diy";
url = "https://jellyfin.hadi.diy"; icon = "si:odysee";
icon = "si:jellyfin"; }
} {
{ title = "Radarr";
title = "Jellyseerr"; url = "https://radarr.hadi.diy";
url = "https://jellyseerr.hadi.diy"; icon = "si:radarr";
icon = "si:odysee"; }
} {
{ title = "Sonarr";
title = "Radarr"; url = "https://sonarr.hadi.diy";
url = "https://radarr.hadi.diy"; icon = "si:sonarr";
icon = "si:radarr"; }
} {
{ title = "Prowlarr";
title = "Sonarr"; url = "https://prowlarr.hadi.diy";
url = "https://sonarr.hadi.diy"; icon = "si:podcastindex";
icon = "si:sonarr"; }
} {
{ title = "Transmission";
title = "Prowlarr"; url = "https://transmission.hadi.diy";
url = "https://prowlarr.hadi.diy"; icon = "si:transmission";
icon = "si:podcastindex"; }
} ];
{ }
title = "SABnzbd"; ];
url = "https://sabnzbd.hadi.diy"; }
icon = "si:sabanci"; ];
} }
{ ];
title = "Transmission"; name = "Home";
url = "https://transmission.hadi.diy"; }
icon = "si:transmission"; ];
} server = {port = 5678;};
];
}
];
}
];
}
];
name = "Home";
}];
server = { port = 5678; };
}; };
}; };
nginx.virtualHosts."${domain}" = { nginx.virtualHosts."${domain}" = {
@@ -325,8 +318,8 @@ in {
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${ proxyPass = "http://127.0.0.1:${
toString config.services.glance.settings.server.port toString config.services.glance.settings.server.port
}"; }";
}; };
}; };
}; };

88
server-modules/headscale.nix
View File

@@ -1,88 +0,0 @@
{ config, pkgs, ... }:
let
derpPort = 3478;
domain = "hadi.diy";
headscale-ui-src = pkgs.fetchFromGitHub {
owner = "gurucomputing";
repo = "headscale-ui";
rev = "63041fd673d81da56e60d2b528a4991981eab746";
sha256 = "pz7oDRfBf/dN+PMEqbMe+es6deQ4QP3pC191ASlyV7U=";
};
headscale-ui = pkgs.buildNpmPackage {
pname = "headscale-ui";
version = "0.0.1";
src = headscale-ui-src;
npmDepsHash = "MePNbOPSe5wB8/6T3DLs+4+Qlr8f+7cCPs301il7iX8=";
buildPhase = ''
runHook preBuild
mkdir -p $out
npm run build
runHook postBuild
'';
installPhase = ''
mv ./build $out/dist
'';
makeCacheWritable = true;
dontFixup = true;
dontNpmBuild = true;
};
in {
services = {
headscale = {
enable = true;
port = 8085;
address = "127.0.0.1";
settings = {
dns = {
override_local_dns = true;
base_domain = "ts.${domain}";
magic_dns = true;
nameservers.global = [ "9.9.9.9" ];
# extra_records = [{
# name = "merope.${domain}";
# type = "A";
# value = "100.77.0.5";
# }];
};
server_url = "https://tailscale.${domain}";
metrics_listen_addr = "127.0.0.1:8095";
logtail = { enabled = false; };
log = { level = "warn"; };
ip_prefixes = [ "100.77.0.0/24" "fd7a:115c:a1e0:77::/64" ];
derp.server = {
enable = true;
region_id = 999;
stun_listen_addr = "0.0.0.0:${toString derpPort}";
};
};
};
nginx.virtualHosts = {
"tailscale.${domain}" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations = {
"/" = {
proxyPass =
"http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
"/metrics" = {
proxyPass =
"http://${config.services.headscale.settings.metrics_listen_addr}/metrics";
};
"/web" = {
root = "${headscale-ui}/dist";
index = "index.html";
tryFiles = [ "$uri" "/index.html" ];
};
};
};
};
};
# Derp server
networking.firewall.allowedUDPPorts = [ derpPort ];
environment.systemPackages = [ config.services.headscale.package ];
}

50
server-modules/hoarder.nix
View File

@@ -1,50 +0,0 @@
{ config, ... }:
let domain = "hoarder.hadi.diy";
in {
systemd.tmpfiles.rules = [
"d /var/lib/hoarder/web 0755 root root -"
"d /var/lib/hoarder/meili 0755 root root -"
];
virtualisation.oci-containers.containers = {
hoarder-web = {
environmentFiles = [ config.sops.secrets.hoarder.path ];
image = "ghcr.io/hoarder-app/hoarder:release";
volumes = [ "/var/lib/hoarder/web:/data" ];
ports = [ "127.0.0.1:3131:3000" ];
environment = {
HOARDER_VERSION = "release";
NEXTAUTH_URL = "https://" + domain;
DATA_DIR = "/data";
MEILI_ADDR = "http://hoarder-meili:7700";
BROWSER_WEB_URL = "http://hoarder-browser:9222";
DISABLE_SIGNUPS = "false";
};
};
hoarder-meili = {
environmentFiles = [ config.sops.secrets.hoarder.path ];
image = "getmeili/meilisearch:v1.11.1";
environment = { MEILI_NO_ANALYTICS = "true"; };
volumes = [ "/var/lib/hoarder/meili:/meili_data" ];
};
hoarder-browser = {
image = "gcr.io/zenika-hub/alpine-chrome:123";
#pull = "newer";
cmd = [
"--no-sandbox"
"--disable-gpu"
"--disable-dev-shm-usage"
"--remote-debugging-address=0.0.0.0"
"--remote-debugging-port=9222"
"--hide-scrollbars"
];
};
};
services.nginx.virtualHosts."${domain}" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { proxyPass = "http://127.0.0.1:3131"; };
};
}

5
server-modules/mealie.nix
View File

@@ -1,5 +1,6 @@
{ config, ... }: # Mealie is a recipe management and meal planning application.
let domain = "mealie.hadi.diy"; {config, ...}: let
domain = "mealie.hadi.diy";
in { in {
services = { services = {
mealie = { mealie = {

19
server-modules/meilisearch.nix
View File

@@ -1,19 +0,0 @@
{ config, ... }:
let domain = "meilisearch.hadi.diy";
in {
services = {
meilisearch = {
enable = true;
listenPort = 7700;
# masterKeyEnvironmentFile= "";
};
nginx.virtualHosts."${domain}" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = {
proxyPass =
"http://127.0.0.1:${toString config.services.meilisearch.listenPort}";
};
};
};
}

43
server-modules/nextcloud.nix
View File

@@ -1,5 +1,11 @@
{ pkgs, config, ... }: # Nextcloud is a self-hosted productivity platform that allows you to store and share files, manage calendars, contacts, and more.
let domain = "cloud.hadi.diy"; {
pkgs,
config,
...
}: let
domain = "cloud.hadi.diy";
adminuser = "hadi";
in { in {
services = { services = {
nginx.virtualHosts = { nginx.virtualHosts = {
@@ -19,32 +25,33 @@ in {
https = true; https = true;
autoUpdateApps.enable = true; autoUpdateApps.enable = true;
settings = { settings = {
trusted_domains = [ domain ]; trusted_domains = [domain];
default_phone_region = "FR"; default_phone_region = "FR";
overwriteprotocol = "https"; overwriteprotocol = "https";
}; };
extraAppsEnable = true; extraAppsEnable = true;
extraApps = with config.services.nextcloud.package.packages.apps; { # extraApps = with config.services.nextcloud.package.packages.apps; {
# List of apps we want to install and are already packaged in # List of apps we want to install and are already packaged in
# https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
# inherit calendar contacts notes onlyoffice tasks cookbook qownnotesapi; # inherit calendar contacts notes onlyoffice tasks cookbook qownnotesapi;
inherit cookbook; # inherit cookbook;
# Custom app example. # Custom app example.
# socialsharing_telegram = pkgs.fetchNextcloudApp rec { # socialsharing_telegram = pkgs.fetchNextcloudApp rec {
# url = # url =
# "https://github.com/nextcloud-releases/socialsharing/releases/download/v3.0.1/socialsharing_telegram-v3.0.1.tar.gz"; # "https://github.com/nextcloud-releases/socialsharing/releases/download/v3.0.1/socialsharing_telegram-v3.0.1.tar.gz";
# license = "agpl3"; # license = "agpl3";
# sha256 = "sha256-8XyOslMmzxmX2QsVzYzIJKNw6rVWJ7uDhU1jaKJ0Q8k="; # sha256 = "sha256-8XyOslMmzxmX2QsVzYzIJKNw6rVWJ7uDhU1jaKJ0Q8k=";
# }; # };
}; # };
config = { config = {
dbtype = "pgsql"; dbtype = "pgsql";
adminuser = "hadi"; adminuser = adminuser;
adminpassFile = config.sops.secrets.nextcloud-pwd.path; adminpassFile = config.sops.secrets.nextcloud-pwd.path;
}; };
# Suggested by Nextcloud's health check. # Suggested by Nextcloud's health check.
phpOptions."opcache.interned_strings_buffer" = "16"; phpOptions."opcache.interned_strings_buffer" = "16";
}; };
}; };
sops.secrets.nextcloud-pwd.path = "/etc/nextcloud/pwd.txt";
} }

69
server-modules/nginx.nix
View File

@@ -1,38 +1,45 @@
{ config, ... }: { # Nginx is a web server that can also be used as a reverse proxy, load balancer, and HTTP cache.
services.nginx = { enable = true; }; {config, ...}: let
domain = "hadi.diy";
in {
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = config.var.git.email; defaults.email = config.var.git.email;
}; certs."${domain}" = {
domain = "${domain}";
security.acme.certs."hadi.diy" = { extraDomainNames = ["*.${domain}"];
domain = "hadi.diy"; group = "nginx";
extraDomainNames = [ "*.hadi.diy" ]; dnsProvider = "cloudflare";
group = "nginx"; dnsPropagationCheck = true;
credentialsFile = config.sops.secrets.cloudflare-dns-token.path;
dnsProvider = "cloudflare";
dnsPropagationCheck = true;
credentialsFile = config.sops.secrets.cloudflare-dns-token.path;
};
services.nginx.virtualHosts = {
"default" = {
default = true;
locations."/" = { return = 444; };
};
"*.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { return = 444; };
};
"aaaaaa.hadi.diy" = {
useACMEHost = "hadi.diy";
forceSSL = true;
locations."/" = { return = 444; };
}; };
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ]; # Return 444 for all requests not matching a used subdomain.
networking.firewall.allowedUDPPorts = [ 80 443 ]; services.nginx = {
enable = true;
virtualHosts = {
"default" = {
default = true;
locations."/" = {return = 444;};
};
"*.${domain}" = {
useACMEHost = domain;
forceSSL = true;
locations."/" = {return = 444;};
};
"aaaaaa.${domain}" = {
useACMEHost = domain;
forceSSL = true;
locations."/" = {return = 444;};
};
};
};
networking.firewall = {
allowedTCPPorts = [80 443];
allowedUDPPorts = [80 443];
};
sops.secrets.cloudflare-dns-token = {path = "/etc/cloudflare/dnskey.txt";};
} }

11
server-modules/search-nixos-api.nix
View File

@@ -1,15 +1,16 @@
{ config, ... }: # Custom NixOS module for the Search NixOS API service
let domain = "search-nixos-api.hadi.diy"; # Check https://search-nixos.hadi.diy
{config, ...}: let
domain = "search-nixos-api.hadi.diy";
in { in {
services = { services = {
search-nixos-api = { enable = true; }; search-nixos-api = {enable = true;};
nginx.virtualHosts."${domain}" = { nginx.virtualHosts."${domain}" = {
useACMEHost = "hadi.diy"; useACMEHost = "hadi.diy";
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = proxyPass = "http://127.0.0.1:${toString config.services.search-nixos-api.port}/";
"http://127.0.0.1:${toString config.services.search-nixos-api.port}/";
}; };
}; };
}; };

12
server-modules/ssh.nix
View File

@@ -1,16 +1,20 @@
{ config, ... }: { # SSH configuration
{config, ...}: let
username = config.var.username;
in {
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = [ 22 ]; ports = [22];
openFirewall = true; openFirewall = true;
settings = { settings = {
PermitRootLogin = "no"; PermitRootLogin = "no";
PasswordAuthentication = false; PasswordAuthentication = false;
AllowUsers = [ config.var.username ]; AllowUsers = [username];
}; };
}; };
users.users."${config.var.username}" = { # Add my public SSH key to my user
users.users."${username}" = {
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPG9SE80ZyBcXZK/f5ypSKudaM5Jo3XtQikCnGo0jI5E hadi@nixy" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPG9SE80ZyBcXZK/f5ypSKudaM5Jo3XtQikCnGo0jI5E hadi@nixy"
]; ];

35
themes/nixy.nix
View File

@@ -1,5 +1,9 @@
{ lib, pkgs, config, ... }: { {
lib,
pkgs,
config,
...
}: {
options.theme = lib.mkOption { options.theme = lib.mkOption {
type = lib.types.attrs; type = lib.types.attrs;
default = { default = {
@@ -15,7 +19,8 @@
textColorOnWallpaper = textColorOnWallpaper =
config.lib.stylix.colors.base01; # Color of the text displayed on the wallpaper (Lockscreen, display manager, ...) config.lib.stylix.colors.base01; # Color of the text displayed on the wallpaper (Lockscreen, display manager, ...)
bar = { # Hyprpanel bar = {
# Hyprpanel
position = "top"; # "top" | "bottom" position = "top"; # "top" | "bottom"
transparent = true; transparent = true;
transparentButtons = false; transparentButtons = false;
@@ -31,28 +36,21 @@
# See https://tinted-theming.github.io/tinted-gallery/ for more schemes # See https://tinted-theming.github.io/tinted-gallery/ for more schemes
base16Scheme = { base16Scheme = {
base00 = "09090B"; # Default Background base00 = "09090B"; # Default Background
base01 = base01 = "1c1e1f"; # Lighter Background (Used for status bars, line number and folding marks)
"1c1e1f"; # Lighter Background (Used for status bars, line number and folding marks)
base02 = "313244"; # Selection Background base02 = "313244"; # Selection Background
base03 = "45475a"; # Comments, Invisibles, Line Highlighting base03 = "45475a"; # Comments, Invisibles, Line Highlighting
base04 = "585b70"; # Dark Foreground (Used for status bars) base04 = "585b70"; # Dark Foreground (Used for status bars)
base05 = "cdd6f4"; # Default Foreground, Caret, Delimiters, Operators base05 = "cdd6f4"; # Default Foreground, Caret, Delimiters, Operators
base06 = "f5e0dc"; # Light Foreground (Not often used) base06 = "f5e0dc"; # Light Foreground (Not often used)
base07 = "b4befe"; # Light Background (Not often used) base07 = "b4befe"; # Light Background (Not often used)
base08 = base08 = "f38ba8"; # Variables, XML Tags, Markup Link Text, Markup Lists, Diff Deleted
"f38ba8"; # Variables, XML Tags, Markup Link Text, Markup Lists, Diff Deleted base09 = "fab387"; # Integers, Boolean, Constants, XML Attributes, Markup Link Url
base09 =
"fab387"; # Integers, Boolean, Constants, XML Attributes, Markup Link Url
base0A = "f9e2af"; # Classes, Markup Bold, Search Text Background base0A = "f9e2af"; # Classes, Markup Bold, Search Text Background
base0B = "a6e3a1"; # Strings, Inherited Class, Markup Code, Diff Inserted base0B = "a6e3a1"; # Strings, Inherited Class, Markup Code, Diff Inserted
base0C = base0C = "94e2d5"; # Support, Regular Expressions, Escape Characters, Markup Quotes
"94e2d5"; # Support, Regular Expressions, Escape Characters, Markup Quotes base0D = "c5afd4"; # Functions, Methods, Attribute IDs, Headings, Accent color
base0D = base0E = "cba6f7"; # Keywords, Storage, Selector, Markup Italic, Diff Changed
"c5afd4"; # Functions, Methods, Attribute IDs, Headings, Accent color base0F = "f2cdcd"; # Deprecated, Opening/Closing Embedded Language Tags, e.g. <?php ?>
base0E =
"cba6f7"; # Keywords, Storage, Selector, Markup Italic, Diff Changed
base0F =
"f2cdcd"; # Deprecated, Opening/Closing Embedded Language Tags, e.g. <?php ?>
}; };
cursor = { cursor = {
@@ -85,8 +83,7 @@
polarity = "dark"; polarity = "dark";
image = pkgs.fetchurl { image = pkgs.fetchurl {
url = url = "https://raw.githubusercontent.com/anotherhadi/awesome-wallpapers/refs/heads/main/app/static/wallpapers/black-and-white-forest_minimalist_black-and-white.png";
"https://raw.githubusercontent.com/anotherhadi/awesome-wallpapers/refs/heads/main/app/static/wallpapers/black-and-white-forest_minimalist_black-and-white.png";
sha256 = "sha256-MOlLRQonZ6UAaSJlysjL8snxnMrSFH9VOLrjXaU82Kw="; sha256 = "sha256-MOlLRQonZ6UAaSJlysjL8snxnMrSFH9VOLrjXaU82Kw=";
}; };
}; };