VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Format every file

Browse source
This commit is contained in:
Vili Sinervä 2024-06-02 16:18:19 +03:00
parent 4787fea598
commit cbe88024dd
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
13 changed files with 1034 additions and 932 deletions
Download patch file Download diff file Expand all files Collapse all files

225
machine-confs/helium.nix
View file

@ -1,13 +1,24 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
{
networking = {
hostName = "helium";
firewall.allowedUDPPorts = [ 51820 51821 ];
firewall.allowedUDPPorts = [
51820
51821
];
wg-quick.interfaces = {
wg0 = {
autostart = false;
address = [ "172.16.0.2/24" ];
dns = [ "192.168.0.1" "vsinerva.fi" ];
dns = [
"192.168.0.1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
@ -29,7 +40,10 @@
peers = [
{
publicKey = "XSYHg0utIR1j7kRsWFwuWNo4RPD47KP53cVa6qDPtRE=";
allowedIPs = [ "0.0.0.0/0" "192.168.0.0/24" ];
allowedIPs = [
"0.0.0.0/0"
"192.168.0.0/24"
];
endpoint = "netflix.vsinerva.fi:51821";
}
];
@ -52,92 +66,147 @@
];
disabledModules = [ "services/hardware/libinput.nix" ];
nixpkgs.overlays =
[
(final: prev:
{
nixpkgs.overlays = [
(final: prev: {
moonlight-qt = prev.moonlight-qt.overrideAttrs (old: {
patches = (old.patches or []) ++ [ ../misc/mouse-accel.patch ];
patches = (old.patches or [ ]) ++ [ ../misc/mouse-accel.patch ];
});
})
];
environment.systemPackages = with pkgs; [
zenmonitor moonlight-qt parsec-bin via
zenmonitor
moonlight-qt
parsec-bin
via
];
# HARDWARE SPECIFIC
boot.initrd.kernelModules = [ "amdgpu" ];
hardware = {
opengl.extraPackages = with pkgs; [
rocmPackages.clr.icd
];
logitech.wireless = {
enable = true;
enableGraphical = true;
};
};
services = {
xserver = {
videoDrivers = [ "amdgpu" "modesetting" ];
deviceSection = ''
Option "DRI" "2"
Option "TearFree" "true"
'';
displayManager.setupCommands = ''
${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-0 --auto --pos 0x0 --primary --output eDP --auto --pos 3840x360
'';
};
libinput.mouse = {
accelProfile = "custom";
accelPointsMotion = [ 0.00000 0.02000 0.04000 0.06000 0.08000 0.10000 0.12000 0.14000 0.16000 0.18000 0.20000 0.25250 0.31000 0.37250 0.44000 0.51250 0.59000 0.67250 0.76000 0.85250 0.95000 1.15500 1.37000 1.59500 1.83000 2.07500 2.33000 2.59500 2.87000 3.15500 3.45000 3.75500 4.07000 4.39500 4.73000 5.07500 5.43000 5.79500 6.17000 6.55500 6.95000 7.35500 7.77000 8.19500 8.63000 9.07500 9.53000 9.99500 10.47000 10.95500 11.45000 11.95000 ];
accelStepMotion = 0.05;
};
redshift = {
executable = "/bin/redshift-gtk";
enable = true;
temperature = {
night = 2800;
day = 6500;
};
brightness = {
night = "0.5";
day = "1";
# HARDWARE SPECIFIC
boot.initrd.kernelModules = [ "amdgpu" ];
hardware = {
opengl.extraPackages = with pkgs; [ rocmPackages.clr.icd ];
logitech.wireless = {
enable = true;
enableGraphical = true;
};
};
devmon.enable = true;
gvfs.enable = true;
udisks2.enable = true;
};
location = {
latitude = 60.17;
longitude = 24.94;
};
services = {
xserver = {
videoDrivers = [
"amdgpu"
"modesetting"
];
deviceSection = ''
Option "DRI" "2"
Option "TearFree" "true"
'';
# Swap + hibernate
swapDevices = [
{
device = "/var/lib/swapfile";
size = 16*1024;
}
];
boot.resumeDevice = "/dev/mapper/luks-f6e1979b-0dee-4ee9-8170-10490019854b";
boot.kernelParams = [ "resume_offset=44537856" ];
services.logind = {
lidSwitch = "hibernate";
};
displayManager.setupCommands = ''
${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-0 --auto --pos 0x0 --primary --output eDP --auto --pos 3840x360
'';
};
# Keychron Q11
services.udev.extraRules = ''
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="01e0", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl"
'';
libinput.mouse = {
accelProfile = "custom";
accelPointsMotion = [
0.0
2.0e-2
4.0e-2
6.0e-2
8.0e-2
0.1
0.12
0.14
0.16
0.18
0.2
0.2525
0.31
0.3725
0.44
0.5125
0.59
0.6725
0.76
0.8525
0.95
1.155
1.37
1.595
1.83
2.075
2.33
2.595
2.87
3.155
3.45
3.755
4.07
4.395
4.73
5.075
5.43
5.795
6.17
6.555
6.95
7.355
7.77
8.195
8.63
9.075
9.53
9.995
10.47
10.955
11.45
11.95
];
accelStepMotion = 5.0e-2;
};
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
redshift = {
executable = "/bin/redshift-gtk";
enable = true;
temperature = {
night = 2800;
day = 6500;
};
brightness = {
night = "0.5";
day = "1";
};
};
devmon.enable = true;
gvfs.enable = true;
udisks2.enable = true;
};
location = {
latitude = 60.17;
longitude = 24.94;
};
# Swap + hibernate
swapDevices = [
{
device = "/var/lib/swapfile";
size = 16 * 1024;
}
];
boot.resumeDevice = "/dev/mapper/luks-f6e1979b-0dee-4ee9-8170-10490019854b";
boot.kernelParams = [ "resume_offset=44537856" ];
services.logind = {
lidSwitch = "hibernate";
};
# Keychron Q11
services.udev.extraRules = ''
KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="3434", ATTRS{idProduct}=="01e0", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl"
'';
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

10
machine-confs/nextcloud.nix
View file

@ -7,11 +7,11 @@
../nextcloud.nix
];
# HARDWARE SPECIFIC
# HARDWARE SPECIFIC
services.qemuGuest.enable = true;
services.qemuGuest.enable = true;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

9
machine-confs/nixos-cpu.nix
View file

@ -9,11 +9,10 @@
../syncthing.nix
];
# HARDWARE SPECIFIC
# HARDWARE SPECIFIC
services.qemuGuest.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
services.qemuGuest.enable = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

10
machine-confs/vaultwarden.nix
View file

@ -7,11 +7,11 @@
../vaultwarden.nix
];
# HARDWARE SPECIFIC
# HARDWARE SPECIFIC
services.qemuGuest.enable = true;
services.qemuGuest.enable = true;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

51
machine-confs/wg-rpi.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
SSID = "ENTER_SSID";
SSIDpassword = "ENTER_PASSWORD";
@ -6,12 +11,15 @@ let
wg_interface = "end0";
hostname = "netflix-huijaus";
ddPassFile = "/root/wg-conf/ddPassFile";
in {
imports = [
../base.nix
];
in
{
imports = [ ../base.nix ];
environment.systemPackages = with pkgs; [ git wireguard-tools qrencode ];
environment.systemPackages = with pkgs; [
git
wireguard-tools
qrencode
];
# enable NAT
networking.nat.enable = true;
@ -33,15 +41,14 @@ in {
# This allows the wireguard server to route your traffic to the internet and hence be like a VPN
# For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ${wg_interface} -j MASQUERADE
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ${wg_interface} -j MASQUERADE
'';
# This undoes the above command
postShutdown = ''
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ${wg_interface} -j MASQUERADE
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o ${wg_interface} -j MASQUERADE
'';
# Path to the private key file.
#
# Note: The private key can also be included inline via the privateKey option,
@ -50,27 +57,33 @@ in {
privateKeyFile = "/root/wg-conf/private";
peers = [
{ # Vili Android
{
# Vili Android
publicKey = "niKpC3+Pi4HrYITlzROzqRcxzfzRw1rjpxeJVOr/WAw=";
allowedIPs = [ "10.100.0.2/32" ];
}
{ # Miika Puhelin
{
# Miika Puhelin
publicKey = "mcOs94W9jqn3SGgc8uWbnmUv0tja/P6tAvaCg3WYKlY=";
allowedIPs = [ "10.100.0.3/32" ];
}
{ # Miika Kone
{
# Miika Kone
publicKey = "7m7wnwNlmxZfUNvUOYNh4mTNbOsig7z2K/svUhDHFDY=";
allowedIPs = [ "10.100.0.4/32" ];
}
{ # Silja Puhelin
{
# Silja Puhelin
publicKey = "f6wWd6KD63xwnKkre/ZgZxPJv9GfAXK9Zx/EQEq8cik=";
allowedIPs = [ "10.100.0.5/32" ];
}
{ # Silja Kone
{
# Silja Kone
publicKey = "t9cmHc6/+0njdzsTFnnhEGKfhCa2VXFrTH9hF1jOCXw=";
allowedIPs = [ "10.100.0.6/32" ];
}
{ # Vili helium
{
# Vili helium
publicKey = "iGO375NT9EK5LH+E9vjPRRJp+UM4rZ2d1RMVR3f5R0c=";
allowedIPs = [ "10.100.0.7/32" ];
}
@ -86,11 +99,15 @@ in {
username = "VSinerva";
passwordFile = ddPassFile;
};
#################### EVERYTHING BELOW THIS SHOULD NOT NEED TO CHANGE ####################
#################### EVERYTHING BELOW THIS SHOULD NOT NEED TO CHANGE ####################
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
initrd.availableKernelModules = [
"xhci_pci"
"usbhid"
"usb_storage"
];
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;