diff options
Diffstat (limited to 'modules/hosts')
23 files changed, 0 insertions, 1630 deletions
diff --git a/modules/hosts/audio/default.nix b/modules/hosts/audio/default.nix deleted file mode 100644 index 3cd06e4..0000000 --- a/modules/hosts/audio/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - config, - lib, - ... -}: - -let - inherit (lib) mkOption types mkIf; - cfg = config.nx.services.audio; -in -{ - options.nx.services.audio = { - enable = mkOption { - description = "enable sound"; - type = types.bool; - default = false; - }; - }; - config = mkIf cfg.enable { - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - wireplumber.enable = true; - }; - }; -} diff --git a/modules/hosts/default.nix b/modules/hosts/default.nix deleted file mode 100644 index d8a8927..0000000 --- a/modules/hosts/default.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ ... }: - -{ - imports = [ - ./audio - ./desktop - ./dns - ./openssh - ./printer - ./server - ./wooting - ./steam - ./mullvad-vpn - ]; -} diff --git a/modules/hosts/desktop/cinnamon/default.nix b/modules/hosts/desktop/cinnamon/default.nix deleted file mode 100644 index 5233ad1..0000000 --- a/modules/hosts/desktop/cinnamon/default.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -let - inherit (lib) mkEnableOption mkIf mkForce; - cfg = config.nx.desktop.cinnamon; -in -{ - options.nx.desktop.cinnamon.enable = mkEnableOption "Enable Cinnamon desktop environment"; - - config = mkIf cfg.enable { - services.xserver.enable = true; - services.xserver.displayManager.lightdm.enable = true; - services.xserver.desktopManager.cinnamon.enable = true; - - services.speechd.enable = mkForce false; - services.orca.enable = mkForce false; - - environment.systemPackages = with pkgs; [ - nemo-preview - ]; - }; -} diff --git a/modules/hosts/desktop/default.nix b/modules/hosts/desktop/default.nix deleted file mode 100644 index 7d7f3ae..0000000 --- a/modules/hosts/desktop/default.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ useHomeManager ? true, ... }: - -{ - imports = [ - # NixOS-only modules (no home-manager) - ./cinnamon - ./gnome - ./kde - ] ++ (if useHomeManager then [ - # Modules that require home-manager - ./hyprland - ./labwc - ./sway - ./dunst.nix - ./waybar.nix - ] else [ ]); -} diff --git a/modules/hosts/desktop/dunst.nix b/modules/hosts/desktop/dunst.nix deleted file mode 100644 index 4c5f74e..0000000 --- a/modules/hosts/desktop/dunst.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - config, - lib, - pkgs, - username, - ... -}: - -let - inherit (lib) mkEnableOption mkIf; - cfg = config.nx.desktop.dunst; -in -{ - options.nx.desktop.dunst.enable = mkEnableOption "Enable dunst notification"; - config = mkIf cfg.enable { - home-manager.users.${username} = { - home.packages = with pkgs; [ - libnotify - ]; - - services.dunst = { - enable = true; - settings = { - global = { - font = "monospace 10"; - offset = "(15, 15)"; - frame_width = 0; - }; - urgency_low = { - foreground = "#FFFFFF"; - background = "#000000E6"; - }; - - urgency_normal = { - foreground = "#FFFFFF"; - background = "#000000E6"; - }; - - urgency_critical = { - foreground = "#FFFFFF"; - background = "#000000E6"; - }; - }; - }; - }; - }; -} diff --git a/modules/hosts/desktop/gnome/default.nix b/modules/hosts/desktop/gnome/default.nix deleted file mode 100644 index 268fdc7..0000000 --- a/modules/hosts/desktop/gnome/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: - -let - inherit (lib) mkEnableOption mkIf; - cfg = config.nx.desktop.gnome; -in -{ - options.nx.desktop.gnome.enable = mkEnableOption "Enable GNOME desktop environment"; - - config = mkIf cfg.enable { - services.displayManager.gdm.enable = true; - services.desktopManager.gnome.enable = true; - services.gnome.core-developer-tools.enable = false; - services.gnome.games.enable = false; - - environment.gnome.excludePackages = with pkgs; [ - gnome-tour - gnome-user-docs - epiphany - ]; - - environment.systemPackages = with pkgs; [ - gnomeExtensions.pop-shell - gnomeExtensions.blur-my-shell - gnome-tweaks - ]; - }; -} diff --git a/modules/hosts/desktop/hyprland/default.nix b/modules/hosts/desktop/hyprland/default.nix deleted file mode 100644 index 1750a59..0000000 --- a/modules/hosts/desktop/hyprland/default.nix +++ /dev/null @@ -1,283 +0,0 @@ -{ - config, - username, - lib, - pkgs, - ... -}: - -let - inherit (lib) mkEnableOption mkOption mkIf types optionals; - cfg = config.nx.desktop.hyprland; -in -{ - options.nx.desktop.hyprland = { - enable = mkEnableOption "Enable hyprland"; - monitors = mkOption { - type = types.listOf types.str; - default = [ ]; - description = "Monitor configuration strings for Hyprland"; - example = [ "DP-1,highrr,0x0,auto" ]; - }; - lockscreen = { - background = mkOption { - type = types.nullOr types.path; - default = null; - description = "Background image for hyprlock"; - }; - profileImage = mkOption { - type = types.nullOr types.path; - default = null; - description = "Profile image for hyprlock"; - }; - }; - }; - - config = mkIf cfg.enable { - programs.hyprlock.enable = true; - - home-manager.users.${username} = { - home.packages = with pkgs; [ - hyprshot - hyprpicker - ]; - - programs.hyprlock = { - enable = true; - settings = { - general = { - immediate_render = true; - }; - - background = [ - ({ - monitor = ""; - color = "rgba(0, 0, 0, 1.0)"; - } // (if cfg.lockscreen.background != null then { path = "${cfg.lockscreen.background}"; } else { })) - ]; - - input-field = [ - { - monitor = ""; - size = "300, 30"; - outline_thickness = 0; - dots_size = 0.25; - dots_spacing = 0.55; - dots_center = true; - dots_rounding = -1; - outer_color = "rgba(242, 243, 244, 0)"; - inner_color = "rgba(242, 243, 244, 0)"; - font_color = "rgba(242, 243, 244, 0.75)"; - fade_on_empty = false; - placeholder_text = ""; - hide_input = false; - check_color = "rgba(204, 136, 34, 0)"; - fail_color = "rgba(204, 34, 34, 0)"; - fail_text = "$FAIL <b>($ATTEMPTS)</b>"; - fail_transition = 300; - capslock_color = -1; - numlock_color = -1; - bothlock_color = -1; - invert_numlock = false; - swap_font_color = false; - position = "0, -468"; - halign = "center"; - valign = "center"; - } - ]; - - label = [ - { - monitor = ""; - text = ''cmd[update:1000] echo "$(date +"%A, %B %d")"''; - color = "rgba(242, 243, 244, 0.75)"; - font_size = 20; - position = "0, 405"; - halign = "center"; - valign = "center"; - } - { - monitor = ""; - text = ''cmd[update:1000] echo "$(date +"%k:%M")"''; - color = "rgba(242, 243, 244, 0.75)"; - font_size = 93; - position = "0, 310"; - halign = "center"; - valign = "center"; - } - ] ++ optionals (cfg.lockscreen.profileImage != null) [ - { - monitor = ""; - text = "${username}"; - color = "rgba(242, 243, 244, 0.75)"; - font_size = 12; - position = "0, -407"; - halign = "center"; - valign = "center"; - } - { - monitor = ""; - text = "Enter Password"; - color = "rgba(242, 243, 244, 0.75)"; - font_size = 10; - position = "0, -438"; - halign = "center"; - valign = "center"; - } - ]; - - image = optionals (cfg.lockscreen.profileImage != null) [ - { - monitor = ""; - path = "${cfg.lockscreen.profileImage}"; - border_color = "0xffdddddd"; - border_size = 0; - size = 73; - rounding = -1; - rotate = 0; - reload_time = -1; - reload_cmd = ""; - position = "0, -353"; - halign = "center"; - valign = "center"; - } - ]; - }; - }; - - wayland.windowManager.hyprland = { - enable = true; - systemd.enable = true; - xwayland.enable = true; - settings = { - monitor = if cfg.monitors != [ ] then cfg.monitors else [ ",preferred,auto,auto" ]; - - "$background" = "rgba(000000FF)"; - "$accent" = "rgba(FFFFFFFF)"; - - env = [ - "XCURSOR_SIZE,24" - ]; - - input = { - kb_layout = config.console.keyMap; - follow_mouse = 1; - touchpad = { - natural_scroll = true; - }; - }; - - general = { - gaps_in = 5; - gaps_out = 10; - border_size = 2; - "col.active_border" = "$accent"; - "col.inactive_border" = "$background"; - layout = "dwindle"; - }; - - decoration = { - rounding = 5; - active_opacity = 0.8; - inactive_opacity = 0.7; - - blur = { - enabled = true; - size = 4; - passes = 4; - ignore_opacity = true; - contrast = 1.1; - brightness = 1.0; - }; - }; - - animations = { - enabled = true; - bezier = "myBezier, 0.05, 0.9, 0.1, 1.05"; - animation = [ - "windows, 1, 7, myBezier" - "windowsOut, 1, 7, default, popin 80%" - "border, 1, 10, default" - "fade, 1, 7, default" - "workspaces, 1, 6, default" - ]; - }; - - misc = { - disable_hyprland_logo = true; - vrr = 1; - }; - - dwindle = { - pseudotile = true; - preserve_split = true; - }; - - xwayland = { - force_zero_scaling = true; - }; - - "$mod" = "SUPER"; - - bind = [ - "$mod, l, exec, hyprlock" - "$mod, s, exec, hyprshot --mode region" - "$mod, r, exec, wofi --show run" - "$mod, d, exec, wofi --show drun" - "$mod, c, exec, hyprpicker -r -a" - "$mod, return, exec, kitty" - "$mod, q, killactive," - "$mod, m, exit," - "$mod, f, fullscreen" - "$mod, v, togglefloating," - "$mod, P, pseudo," - - ", XF86AudioRaiseVolume, exec, wpctl set-volume -l 1.0 @DEFAULT_AUDIO_SINK@ 5%+" - ", XF86AudioLowerVolume, exec, wpctl set-volume -l 1.0 @DEFAULT_AUDIO_SINK@ 5%-" - ", XF86AudioMute, exec, wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle" - - ", XF86AudioPlay, exec, playerctl play-pause" - ", XF86AudioNext, exec, playerctl next" - ", XF86AudioPrev, exec, playerctl previous" - ", XF86Audiostop, exec, playerctl stop" - - "$mod, left, movefocus, l" - "$mod, right, movefocus, r" - "$mod, up, movefocus, u" - "$mod, down, movefocus, d" - - "$mod, 1, workspace, 1" - "$mod, 2, workspace, 2" - "$mod, 3, workspace, 3" - "$mod, 4, workspace, 4" - "$mod, 5, workspace, 5" - "$mod, 6, workspace, 6" - "$mod, 7, workspace, 7" - "$mod, 8, workspace, 8" - "$mod, 9, workspace, 9" - "$mod, 0, workspace, 10" - - "$mod SHIFT, 1, movetoworkspace, 1" - "$mod SHIFT, 2, movetoworkspace, 2" - "$mod SHIFT, 3, movetoworkspace, 3" - "$mod SHIFT, 4, movetoworkspace, 4" - "$mod SHIFT, 5, movetoworkspace, 5" - "$mod SHIFT, 6, movetoworkspace, 6" - "$mod SHIFT, 7, movetoworkspace, 7" - "$mod SHIFT, 8, movetoworkspace, 8" - "$mod SHIFT, 9, movetoworkspace, 9" - "$mod SHIFT, 0, movetoworkspace, 10" - - "$mod, mouse_down, workspace, e+1" - "$mod, mouse_up, workspace, e-1" - ]; - - bindm = [ - "$mod, mouse:272, movewindow" - "$mod, mouse:273, resizewindow" - ]; - }; - }; - }; - }; -} diff --git a/modules/hosts/desktop/kde/default.nix b/modules/hosts/desktop/kde/default.nix deleted file mode 100644 index d53e1c8..0000000 --- a/modules/hosts/desktop/kde/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -let - inherit (lib) mkEnableOption mkIf; - cfg = config.nx.desktop.kde; -in -{ - - options.nx.desktop.kde.enable = mkEnableOption "Enable kde"; - config = mkIf cfg.enable { - services.displayManager.sddm.enable = true; - services.displayManager.sddm.wayland.enable = true; - services.desktopManager.plasma6.enable = true; - security.pam.services.sddm.enableKwallet = true; - - environment.plasma6.excludePackages = with pkgs.kdePackages; [ - elisa - kate - ]; - }; -} diff --git a/modules/hosts/desktop/labwc/default.nix b/modules/hosts/desktop/labwc/default.nix deleted file mode 100644 index b62dbbe..0000000 --- a/modules/hosts/desktop/labwc/default.nix +++ /dev/null @@ -1,296 +0,0 @@ -{ - config, - username, - pkgs, - lib, - ... -}: - -let - inherit (lib) mkEnableOption mkOption mkIf types optional; - cfg = config.nx.desktop.labwc; - - gruvbox-openbox = pkgs.stdenv.mkDerivation { - pname = "gruvbox-openbox"; - version = "0-unstable-2024-02-14"; - - src = pkgs.fetchFromGitHub { - owner = "nathanielevan"; - repo = "gruvbox-openbox"; - rev = "master"; - hash = "sha256-61BsD/DK6OOJLKwdY03HL1pCG1DJcIE9bsFPAVFfcIY="; - }; - - installPhase = '' - mkdir -p $out/share/themes - cp -r gruvbox-dark $out/share/themes/ - cp -r gruvbox-material-dark $out/share/themes/ - cp -r gruvbox-material-dark-blocks $out/share/themes/ - ''; - }; -in -{ - options.nx.desktop.labwc = { - enable = mkEnableOption "Enable labwc"; - monitors = mkOption { - type = types.attrsOf (types.submodule { - options = { - mode = mkOption { - type = types.str; - description = "Monitor resolution and refresh rate"; - example = "1920x1080@240"; - }; - position = mkOption { - type = types.str; - default = "0,0"; - description = "Monitor position"; - example = "1920,0"; - }; - }; - }); - default = { }; - description = "Monitor configuration for kanshi"; - }; - wallpaper = mkOption { - type = types.nullOr types.path; - default = null; - description = "Wallpaper image path"; - }; - theme = { - gtk = mkOption { - type = types.str; - default = "Gruvbox-Material-Dark"; - description = "GTK theme name"; - }; - icons = mkOption { - type = types.str; - default = "Gruvbox-Dark"; - description = "Icon theme name"; - }; - cursor = mkOption { - type = types.str; - default = "Adwaita"; - description = "Cursor theme name"; - }; - openbox = mkOption { - type = types.str; - default = "gruvbox-material-dark-blocks"; - description = "Openbox/LabWC theme name"; - }; - }; - }; - - config = mkIf cfg.enable { - home-manager.users.${username} = { - home.packages = with pkgs; [ - labwc-tweaks - labwc-gtktheme - gruvbox-material-gtk-theme - gruvbox-dark-icons-gtk - wl-clipboard - sfwbar - gtk-layer-shell - ] ++ optional (cfg.wallpaper != null) swaybg - ++ [ gruvbox-openbox ]; - - services.cliphist.enable = true; - - gtk = { - enable = true; - theme = { - name = cfg.theme.gtk; - package = pkgs.gruvbox-material-gtk-theme; - }; - iconTheme = { - name = cfg.theme.icons; - package = pkgs.gruvbox-dark-icons-gtk; - }; - cursorTheme = { - name = cfg.theme.cursor; - package = pkgs.adwaita-icon-theme; - }; - gtk3.extraConfig = { - gtk-application-prefer-dark-theme = 1; - }; - gtk4.extraConfig = { - gtk-application-prefer-dark-theme = 1; - }; - }; - - services.kanshi = mkIf (cfg.monitors != { }) { - enable = true; - profiles = { - default = { - outputs = lib.mapAttrsToList (name: monitor: { - criteria = name; - mode = monitor.mode; - position = monitor.position; - }) cfg.monitors; - }; - }; - }; - - wayland.windowManager.labwc = { - enable = true; - autostart = [ - "${pkgs.sfwbar}/bin/sfwbar" - ] ++ optional (cfg.wallpaper != null) "${pkgs.swaybg}/bin/swaybg -m fill -i ${cfg.wallpaper} & disown"; - environment = [ - "XKB_DEFAULT_LAYOUT=${config.console.keyMap}" - "XCURSOR_SIZE=24" - "XDG_CURRENT_DESKTOP=wlroots" - ]; - - rc = { - core = { - decoration = "server"; - gap = 5; - }; - - theme = { - name = cfg.theme.openbox; - }; - - keyboard = { - default = true; - keybind = [ - { - "@key" = "W-Return"; - action = { - "@name" = "Execute"; - "@command" = "kitty"; - }; - } - { - "@key" = "W-F4"; - action = { - "@name" = "None"; - }; - } - ]; - }; - - mouse = { - default = true; - context = { - "@name" = "Root"; - mousebind = { - "@button" = "Right"; - "@action" = "Press"; - action = { - "@name" = "ShowMenu"; - "@menu" = "root-menu"; - }; - }; - }; - }; - }; - }; - - # sfwbar configuration - xdg.configFile."sfwbar/sfwbar.config".text = '' - # Term setup - Set Term = "foot" - Set ThicknessHint = "20px" - - # Actions - TriggerAction "SIGRTMIN+1", SwitcherEvent "forward" - TriggerAction "SIGRTMIN+2", SwitcherEvent "back" - - # Initialization - Function("SfwbarInit") { - SetLayer "top" - SetMirror "*" - SetExclusiveZone "auto" - } - - # Placer (Window positioning) - placer { - xorigin = 5 - yorigin = 5 - xstep = 5 - ystep = 5 - children = true - } - - # Task Switcher - switcher { - interval = 700 - icons = true - labels = false - cols = 5 - } - - # Load Standard Library Winops - include("${pkgs.sfwbar}/share/sfwbar/winops.widget") - - # Main Layout - layout { - - # Start Menu - include("${pkgs.sfwbar}/share/sfwbar/startmenu.widget") - - # Show Desktop - include("${pkgs.sfwbar}/share/sfwbar/showdesktop.widget") - - # Taskbar - taskbar { - rows = 1 - icons = true - labels = false - sort = false - action[3] = Menu "winops" - action[Drag] = Focus - } - - # Spacer - label { - value = "" - style = "spacer" - } - - # Pager - pager { - rows = 1 - pins = "1","2","3","4" - preview = true - action[Drag] = WorkspaceActivate - } - - # Tray - tray { - rows = 1 - } - - # Modules - include("${pkgs.sfwbar}/share/sfwbar/volume.widget") - - # Clock - grid { - style = "clock_grid" - label { - value = Time("%H:%M") - tooltip = Time("%H:%M\n%x") - } - } - } - - #CSS - #spacer { - -GtkWidget-hexpand: true; - } - - button#taskbar_item { - padding: 5px; - border-radius: 0px; - border-width: 0px; - -GtkWidget-hexpand: false; - } - - button#taskbar_item:hover { - background-color: rgba(255, 255, 255, 0.1); - } - ''; - }; - }; -} diff --git a/modules/hosts/desktop/sway/default.nix b/modules/hosts/desktop/sway/default.nix deleted file mode 100644 index b9cec12..0000000 --- a/modules/hosts/desktop/sway/default.nix +++ /dev/null @@ -1,181 +0,0 @@ -{ - config, - username, - lib, - pkgs, - ... -}: - -let - inherit (lib) mkEnableOption mkOption mkIf mkOptionDefault types; - cfg = config.nx.desktop.sway; - mod = "Mod4"; -in -{ - options.nx.desktop.sway = { - enable = mkEnableOption "Enable sway"; - monitors = mkOption { - type = types.attrsOf (types.submodule { - options = { - resolution = mkOption { - type = types.str; - description = "Monitor resolution and refresh rate"; - example = "1920x1080@240Hz"; - }; - position = mkOption { - type = types.str; - default = "0 0"; - description = "Monitor position"; - example = "1920 0"; - }; - }; - }); - default = { }; - description = "Monitor configuration"; - }; - wallpaper = mkOption { - type = types.nullOr types.path; - default = null; - description = "Wallpaper image path"; - }; - }; - - config = mkIf cfg.enable { - home-manager.users.${username} = { - home.packages = with pkgs; [ - wmenu - swaybg - sway-contrib.grimshot - wl-clipboard - xdg-utils - ]; - - wayland.windowManager.sway = { - enable = true; - systemd = { - enable = true; - xdgAutostart = true; - }; - config = { - input = { - "*" = { - xkb_layout = config.console.keyMap; - }; - }; - - output = lib.mapAttrs (name: monitor: { - resolution = monitor.resolution; - position = monitor.position; - } // (if cfg.wallpaper != null then { bg = "${cfg.wallpaper} fill"; } else { })) cfg.monitors; - - gaps = { - inner = 15; - }; - - window = { - titlebar = false; - border = 0; - }; - - modifier = mod; - - keybindings = mkOptionDefault { - "${mod}+q" = "kill"; - "${mod}+Shift+s" = "exec grimshot savecopy area"; - "XF86AudioPlay" = "exec playerctl play-pause"; - "XF86AudioPrev" = "exec playerctl previous"; - "XF86AudioNext" = "exec playerctl next"; - "XF86AudioRaiseVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_DEVICE@ +5%"; - "XF86AudioLowerVolume" = "exec wpctl set-volume @DEFAULT_AUDIO_DEVICE@ -5%"; - "XF86AudioMute" = "exec wpctl set-mute @DEFAULT_AUDIO_DEVICE@ toggle"; - }; - - menu = "${pkgs.wmenu}/bin/wmenu-run -b -N 000000E6"; - terminal = "${pkgs.foot}/bin/foot"; - defaultWorkspace = "workspace number 1"; - - bars = [ - { - command = "${pkgs.waybar}/bin/waybar"; - } - ]; - }; - checkConfig = false; - wrapperFeatures.base = true; - wrapperFeatures.gtk = true; - }; - - home.sessionVariables = { - XDG_CURRENT_DESKTOP = "sway"; - XDG_SCREENSHOTS_DIR = "~/Pictures/Screenshots/"; - }; - - gtk = { - enable = true; - theme = { - name = "Adwaita-dark"; - package = pkgs.gnome-themes-extra; - }; - gtk3.extraConfig = { - Settings = '' - gtk-application-prefer-dark-theme=1 - ''; - }; - gtk4.extraConfig = { - Settings = '' - gtk-application-prefer-dark-theme=1 - ''; - }; - }; - - home.pointerCursor = { - gtk.enable = true; - name = "Adwaita"; - package = pkgs.adwaita-icon-theme; - size = 24; - }; - - # swaylock - programs.swaylock = { - enable = true; - settings = { - font = "monospace 12"; - color = "00000000"; - ring-color = "ffffffff"; - key-hl-color = "ff0000ff"; - bs-hl-color = "ff0000ff"; - }; - }; - - # swayidle - services.swayidle = { - enable = true; - timeouts = [ - { - timeout = 300; - command = "${pkgs.swaylock}/bin/swaylock -f -c 000000"; - } - { - timeout = 600; - command = "${pkgs.sway}/bin/swaymsg 'output * dpms off'"; - resumeCommand = "${pkgs.sway}/bin/swaymsg output * dpms on"; - } - { - timeout = 900; - command = "${pkgs.systemd}/bin/systemctl suspend"; - } - ]; - events = [ - { - event = "after-resume"; - command = "${pkgs.sway}/bin/swaymsg output * dpms on"; - } - { - event = "before-sleep"; - command = "${pkgs.swaylock}/bin/swaylock -f -c 000000"; - } - ]; - }; - }; - }; -} diff --git a/modules/hosts/desktop/waybar.nix b/modules/hosts/desktop/waybar.nix deleted file mode 100644 index aebc0f7..0000000 --- a/modules/hosts/desktop/waybar.nix +++ /dev/null @@ -1,119 +0,0 @@ -{ - config, - lib, - username, - ... -}: - -let - inherit (lib) mkEnableOption mkIf; - cfg = config.nx.desktop.waybar; -in -{ - options.nx.desktop.waybar.enable = mkEnableOption "Enable and configure Waybar"; - - config = mkIf cfg.enable { - home-manager.users.${username} = { - programs.waybar = { - enable = true; - settings = { - mainBar = { - height = 32; - layer = "top"; - position = "bottom"; - modules-center = [ "mpris" ]; - modules-left = [ "wlr/workspaces" ]; - modules-right = [ - "privacy" - "tray" - "battery" - "pulseaudio" - "network" - "bluetooth" - "clock" - ]; - - mpris = { - format = "{title}"; - tooltip-format = "{artist} - {album}"; - }; - - tray = { - spacing = 10; - }; - - privacy = { - icon-size = 16; - }; - - network = { - format-disconnect = ""; - format-ethernet = ""; - format-wifi = "{icon}"; - format-icons = [ - "" - "" - "" - "" - ]; - tooltip-format-wifi = "{essid} | {signalStrength}%"; - tooltip-format-ethernet = "{ifname}"; - }; - - bluetooth = { - format = " {status}"; - format-disabled = ""; - format-no-controller = ""; - format-connected = " {device_alias}"; - }; - - clock = { - format-alt = "{:%Y-%m-%d}"; - tooltip-format = "{:%Y-%m-%d | %H:%M}"; - }; - - pulseaudio = { - format = "{icon}"; - format-icons = { - default = [ - "" - "" - "" - ]; - }; - tooltip-format = "{desc} | {volume}%"; - }; - }; - }; - - style = '' - * { - border: none; - border-radius: 0; - font-family: monospace; - font-size: 12px; - background: none; - } - - window#waybar { - background: rgba(0, 0, 0, 0.9); - } - - #workspaces button { - padding-left: 5px; - padding-right: 5px; - } - - #workspaces button.focused { - font-weight: bold; - } - - #clock, #pulseaudio, #tray, #network, #battery, #bluetooth { - padding-left: 10px; - padding-right: 10px; - } - ''; - }; - }; - }; -} diff --git a/modules/hosts/dns/default.nix b/modules/hosts/dns/default.nix deleted file mode 100644 index 8463367..0000000 --- a/modules/hosts/dns/default.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ - config, - lib, - ... -}: - -let - inherit (lib) mkOption types mkIf; - cfg = config.nx.dns; -in -{ - options.nx.dns = { - enable = mkOption { - description = "enable DNS-over-TLS using systemd-resolved"; - type = types.bool; - default = false; - }; - servers = mkOption { - description = "list of DNS-over-TLS servers to use"; - type = types.listOf types.str; - default = [ - "1.1.1.1#cloudflare-dns.com" - "1.0.0.1#cloudflare-dns.com" - "9.9.9.9#dns.quad9.net" - "149.112.112.112#dns.quad9.net" - ]; - }; - fallbackServers = mkOption { - description = "fallback DNS servers"; - type = types.listOf types.str; - default = [ - "8.8.8.8#dns.google" - "8.8.4.4#dns.google" - ]; - }; - }; - - config = mkIf cfg.enable { - services.resolved = { - enable = true; - dnssec = "true"; - dnsovertls = "true"; - domains = [ "~." ]; - extraConfig = '' - DNSStubListener=yes - Cache=yes - ''; - }; - - networking = { - nameservers = cfg.servers; - networkmanager.dns = lib.mkDefault "systemd-resolved"; - }; - - systemd.services.systemd-resolved.environment = { - DNS = lib.concatStringsSep " " cfg.servers; - FallbackDNS = lib.concatStringsSep " " cfg.fallbackServers; - }; - }; -} diff --git a/modules/hosts/mullvad-vpn/default.nix b/modules/hosts/mullvad-vpn/default.nix deleted file mode 100644 index 80451a5..0000000 --- a/modules/hosts/mullvad-vpn/default.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ config, lib, pkgs, ... }: -let - cfg = config.nx.mullvad-vpn; - inherit (lib) mkOption types mkIf; -in -{ - options.nx.mullvad-vpn = { - enable = mkOption { - description = "Privacy focues vpn"; - type = types.bool; - default = false; - }; - }; - config = mkIf cfg.enable { - services.mullvad-vpn.enable = true; - environment.systemPackages = [ pkgs.mullvad-vpn ]; - }; -} diff --git a/modules/hosts/openssh/default.nix b/modules/hosts/openssh/default.nix deleted file mode 100644 index 49c0527..0000000 --- a/modules/hosts/openssh/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - username, - lib, - ... -}: -let - inherit (lib) mkOption types mkIf; - cfg = config.nx.services.openssh; -in -{ - options.nx.services.openssh.enable = mkOption { - description = "Setup openssh server"; - type = types.bool; - default = false; - }; - config = mkIf cfg.enable { - services.openssh = { - enable = true; - settings = { - AllowUsers = [ username ]; - }; - }; - }; -} diff --git a/modules/hosts/printer/default.nix b/modules/hosts/printer/default.nix deleted file mode 100644 index d094c21..0000000 --- a/modules/hosts/printer/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -let - inherit (lib) mkOption types mkIf; - cfg = config.nx.printer; -in -{ - - options.nx.printer = { - enable = mkOption { - description = "Setup printer service"; - type = types.bool; - default = false; - }; - }; - config = mkIf cfg.enable { - services.printing = { - enable = true; - drivers = [ pkgs.brlaser ]; - }; - # printer autodiscovery - services.avahi = { - enable = true; - nssmdns4 = true; - openFirewall = true; - }; - }; -} diff --git a/modules/hosts/server/default.nix b/modules/hosts/server/default.nix deleted file mode 100644 index ca3ca4f..0000000 --- a/modules/hosts/server/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - lib, - ... -}: -let - inherit (lib) mkOption types; -in -{ - options.nx.server = { - enable = mkOption { - description = "Set this host as server"; - type = types.bool; - default = false; - }; - timeZone = mkOption { - description = "Time Zone of the server"; - type = types.str; - default = "Europe/Berlin"; - }; - }; - - imports = [ - ./openssh - ./nginx - ./fail2ban - ./nextcloud - ./site - ]; -} diff --git a/modules/hosts/server/fail2ban/default.nix b/modules/hosts/server/fail2ban/default.nix deleted file mode 100644 index 09fcdf2..0000000 --- a/modules/hosts/server/fail2ban/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - config, - pkgs, - options, - lib, - ... -}: -let - cfg = config.nx.server.fail2ban; - inherit (lib) mkOption types mkIf; -in -{ - options.nx.server.fail2ban = { - enable = mkOption { - description = "Setup fail2ban service"; - type = types.bool; - default = false; - }; - bantime = mkOption { - description = "default bantime"; - type = types.str; - default = "1h"; - }; - }; - config = mkIf cfg.enable { - services.fail2ban = { - enable = true; - bantime = cfg.bantime; - }; - }; -} diff --git a/modules/hosts/server/nextcloud/default.nix b/modules/hosts/server/nextcloud/default.nix deleted file mode 100644 index a527de2..0000000 --- a/modules/hosts/server/nextcloud/default.nix +++ /dev/null @@ -1,156 +0,0 @@ -{ - pkgs, - config, - username, - options, - lib, - ... -}: -let - cfg = config.nx.server.nextcloud; - inherit (lib) mkOption types mkIf; -in -{ - options.nx.server.nextcloud = { - enable = mkOption { - description = "Setup nextcloud server"; - type = types.bool; - default = false; - }; - adminUser = mkOption { - description = "Admin user"; - type = types.str; - default = "schererleander"; - }; - adminPassFile = mkOption { - description = "Admin user key file"; - type = types.str; - default = "/etc/nextcloud-admin-pass"; - }; - hostName = mkOption { - description = "Nextcloud hostname"; - type = types.str; - default = "cloud.schererleander.de"; - }; - backup = mkOption { - description = "enable borgbase backups"; - type = types.bool; - default = true; - }; - jail = mkOption { - description = "setup fail2ban jail"; - type = types.bool; - default = config.nx.server.fail2ban.enable; - }; - }; - - config = mkIf cfg.enable { - services.nextcloud = { - enable = true; - package = pkgs.nextcloud32; - hostName = cfg.hostName; - https = true; - database.createLocally = true; - maxUploadSize = "16G"; - config = { - dbtype = "mysql"; - adminuser = cfg.adminUser; - adminpassFile = cfg.adminPassFile; - }; - settings = { - maintenance_window_start = 2; # 02:00 - default_phone_region = "de"; - overwriteProtocol = "https"; - trusted_domains = [ cfg.hostName ]; - logtimezone = config.nx.server.timeZone; - log_type = "file"; - }; - phpOptions."opcache.interned_strings_buffer" = "64"; - }; - - services.nginx.virtualHosts = mkIf ((config.nx.server.nginx or { }).enable or false) { - "${cfg.hostName}" = { - forceSSL = true; - sslCertificate = config.nx.server.nginx.sslCertificate; - sslCertificateKey = config.nx.server.nginx.sslCertificateKey; - }; - }; - - services.borgbackup.jobs.nextcloud = mkIf cfg.backup { - paths = [ - "/var/lib/nextcloud" - "/var/lib/backup/nextcloud/db" - ]; - repo = "h8xn8qvo@h8xn8qvo.repo.borgbase.com:repo"; - encryption.mode = "none"; - environment = { - BORG_RSH = "ssh -i /home/${username}/.ssh/borgbase-nextcloud -o StrictHostKeyChecking=accept-new"; - TMPDIR = "/var/tmp"; - }; - compression = "auto,lzma"; - startAt = "daily"; - readWritePaths = [ - "/var/lib/backup" - "/var/lib/nextcloud" - ]; - preHook = '' - set -euo pipefail - INSTALL="${pkgs.coreutils}/bin/install" - FIND="${pkgs.findutils}/bin/find" - MYSQLDUMP="${pkgs.mariadb.client}/bin/mysql-dump" - GZIP="${pkgs.gzip}/bin/gzip" - OCC="${lib.getExe config.services.nextcloud.occ}" - - # This command requires write access to /var/lib/backup. - $INSTALL -d -m 0750 -o root -g root /var/lib/backup/nextcloud/db - - trap "$OCC maintenance:mode --off >/dev/null 2>&1 || true" EXIT - - $OCC maintenance:mode --on - - # Make a consistent database dump without locking the site. - $MYSQLDUMP --single-transaction --quick --lock-tables=false --databases nextcloud \ - | $GZIP -c > /var/lib/backup/nextcloud/db/nextcloud-$(date +%F-%H%M%S).sql.gz - - # Delete local dump files older than 14 days. - $FIND /var/lib/backup/nextcloud/db -type f -name "*.sql.gz" -mtime +14 -delete || true - ''; - postHook = '' - set -euo pipefail - ${lib.getExe config.services.nextcloud.occ} maintenance:mode --off || true - ''; - }; - - services.fail2ban = mkIf cfg.jail { - jails = { - nextcloud = { - enabled = true; - settings = { - backend = "systemd"; - journalmatch = "SYSLOG_IDENTIFIER=Nextcloud"; - # END modification to work with syslog instead of logile - port = 443; - protocol = "tcp"; - filter = "nextcloud"; - maxretry = 3; - bantime = 86400; - findtime = 43200; - }; - }; - }; - }; - - environment.etc = mkIf cfg.jail { - # Adapted failregex for syslogs - "fail2ban/filter.d/nextcloud.local".text = pkgs.lib.mkDefault ( - pkgs.lib.mkAfter '' - [Definition] - _groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*) - failregex = ^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed: - ^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error. - datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?" - '' - ); - }; - }; -} diff --git a/modules/hosts/server/nginx/default.nix b/modules/hosts/server/nginx/default.nix deleted file mode 100644 index 438ab49..0000000 --- a/modules/hosts/server/nginx/default.nix +++ /dev/null @@ -1,56 +0,0 @@ -{ - config, - lib, - ... -}: -let - cfg = config.nx.server.nginx; - inherit (lib) mkOption types mkIf; -in -{ - options.nx.server.nginx = { - enable = mkOption { - description = "Setup nginx reverse proxy"; - type = types.bool; - default = true; - }; - hostName = mkOption { - description = "url of server"; - type = types.str; - default = "schererleander.de"; - }; - sslCertificate = mkOption { - description = "ssl certificate to use"; - type = types.nullOr types.str; - default = "/etc/ssl/${cfg.hostName}/fullchain.pem"; - }; - sslCertificateKey = mkOption { - description = "ssl certificate key to use"; - type = types.nullOr types.str; - default = "/etc/ssl/${cfg.hostName}/privkey.key"; - }; - }; - config = mkIf cfg.enable { - services.nginx = { - enable = true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - appendHttpConfig = '' - map $scheme $hsts_header { - https "max-age=31536000; includeSubdomains; preload"; - } - add_header Strict-Transport-Security $hsts_header; - #add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; img-src 'self' data:; font-src 'self'; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'self';" always; - add_header 'Referrer-Policy' 'same-origin'; - add_header X-Frame-Options DENY; - add_header X-Content-Type-Options nosniff; - ''; - }; - networking.firewall.allowedTCPPorts = [ - 80 - 443 - ]; - }; -} diff --git a/modules/hosts/server/openssh/default.nix b/modules/hosts/server/openssh/default.nix deleted file mode 100644 index fbb15db..0000000 --- a/modules/hosts/server/openssh/default.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ - config, - username, - lib, - ... -}: -let - cfg = config.nx.server.openssh; - inherit (lib) mkOption types mkIf; -in -{ - options.nx.server.openssh = { - enable = mkOption { - description = "Setup openssh for server"; - type = types.bool; - default = false; - }; - port = mkOption { - description = "Port for openssh"; - type = types.port; - default = 8693; - }; - }; - - config = mkIf cfg.enable { - services.openssh = { - enable = true; - ports = [ cfg.port ]; - settings = { - PasswordAuthentication = false; - AllowUsers = [ username ]; - X11Forwarding = false; - PermitRootLogin = "yes"; - }; - }; - networking.firewall.allowedTCPPorts = [ cfg.port ]; - - services.fail2ban = { - jails = { - sshd = { - enabled = true; - settings = { - port = 8693; - backend = "systemd"; - maxretry = 4; - findtime = "10m"; - bantime = "1h"; - }; - }; - }; - }; - }; -} diff --git a/modules/hosts/server/site/default.nix b/modules/hosts/server/site/default.nix deleted file mode 100644 index 24807d3..0000000 --- a/modules/hosts/server/site/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - inputs, - ... -}: -let - cfg = config.nx.server.site; - inherit (lib) mkOption types mkIf; -in -{ - imports = [ - inputs.site.nixosModules.default - ]; - - options.nx.server.site = { - enable = mkOption { - description = "Setup personal website"; - type = types.bool; - default = false; - }; - }; - - config = mkIf cfg.enable { - services.site = { - enable = true; - domain = "schererleander.de"; - sslCertificate = "/etc/ssl/schererleander.de/fullchain.pem"; - sslCertificateKey = "/etc/ssl/schererleander.de/privkey.key"; - }; - }; -} diff --git a/modules/hosts/steam/default.nix b/modules/hosts/steam/default.nix deleted file mode 100644 index 05a3703..0000000 --- a/modules/hosts/steam/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: -let - cfg = config.nx.steam; - inherit (lib) mkOption types mkIf; -in -{ - options.nx.steam = { - enable = mkOption { - description = "Digital distribution platfrom from vavle"; - type = types.bool; - default = false; - }; - useProtontricks = mkOption { - description = "Whether to enable protontricks"; - type = types.bool; - default = true; - }; - useGamescope = mkOption { - description = "SteamOS session compositing window manager"; - type = types.bool; - default = false; - }; - }; - config = mkIf cfg.enable { - programs.steam = { - enable = true; - protontricks.enable = cfg.useProtontricks; - gamescopeSession.enable = cfg.useGamescope; - extraCompatPackages = with pkgs; [ - proton-ge-bin - ]; - }; - }; -} diff --git a/modules/hosts/wooting/default.nix b/modules/hosts/wooting/default.nix deleted file mode 100644 index b2b78c0..0000000 --- a/modules/hosts/wooting/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -let - inherit (lib) mkOption types mkIf; - cfg = config.nx.wooting; -in -{ - options.nx.wooting = { - enable = mkOption { - description = "Setup wootility, udev rules to discover keyboards"; - type = types.bool; - default = false; - }; - }; - config = mkIf cfg.enable { - services.udev.packages = [ pkgs.wooting-udev-rules ]; - environment.systemPackages = with pkgs; [ - wootility - ]; - }; -} |