lilith/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: lilith:7fb3e81be76aac00b94f0228c1aa3a3dbab3bc12
Branches Tags
lilith:main
...
compare: lilith:b220ff36bbdb98846cdfa276331ce0d3011de2ff
Branches Tags
lilith:main

3 commits
7fb3e81be7 ... b220ff36bb

Author SHA1 Message Date
Lilith
b220ff36bb
update 2025-12-04 15:49:10 +01:00
Lilith
05a9d96d4e
update 2025-12-04 13:28:25 +01:00
Lilith
a18e244ba5
lab 2025-10-17 13:40:29 +02:00
38 changed files with 913 additions and 248 deletions
Download patch file Download diff file Expand all files Collapse all files

337
flake.lock generated
View file

@ -20,11 +20,11 @@
]
},
"locked": {
"lastModified": 1755946532,
"narHash": "sha256-POePremlUY5GyA1zfbtic6XLxDaQcqHN6l+bIxdT5gc=",
"lastModified": 1764370710,
"narHash": "sha256-7iZklFmziy6Vn5ZFy9mvTSuFopp3kJNuPxL5QAvtmFQ=",
"owner": "hyprwm",
"repo": "aquamarine",
"rev": "81584dae2df6ac79f6b6dae0ecb7705e95129ada",
"rev": "561ae7fbe1ca15dfd908262ec815bf21a13eef63",
"type": "github"
},
"original": {
@ -54,27 +54,28 @@
"base16-fish": {
"flake": false,
"locked": {
"lastModified": 1622559957,
"narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
"lastModified": 1754405784,
"narHash": "sha256-l9xHIy+85FN+bEo6yquq2IjD1rSg9fjfjpyGP1W8YXo=",
"owner": "tomyun",
"repo": "base16-fish",
"rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
"rev": "23ae20a0093dca0d7b39d76ba2401af0ccf9c561",
"type": "github"
},
"original": {
"owner": "tomyun",
"repo": "base16-fish",
"rev": "23ae20a0093dca0d7b39d76ba2401af0ccf9c561",
"type": "github"
}
},
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1752979451,
"narHash": "sha256-0CQM+FkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM=",
"lastModified": 1760703920,
"narHash": "sha256-m82fGUYns4uHd+ZTdoLX2vlHikzwzdu2s2rYM2bNwzw=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "27cf1e66e50abc622fb76a3019012dc07c678fac",
"rev": "d646af9b7d14bff08824538164af99d0c521b185",
"type": "github"
},
"original": {
@ -103,11 +104,11 @@
"firefox-gnome-theme": {
"flake": false,
"locked": {
"lastModified": 1756083905,
"narHash": "sha256-UqYGTBgI5ypGh0Kf6zZjom/vABg7HQocB4gmxzl12uo=",
"lastModified": 1764724327,
"narHash": "sha256-OkFLrD3pFR952TrjQi1+Vdj604KLcMnkpa7lkW7XskI=",
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"rev": "b655eaf16d4cbec9c3472f62eee285d4b419a808",
"rev": "66b7c635763d8e6eb86bd766de5a1e1fbfcc1047",
"type": "github"
},
"original": {
@ -119,11 +120,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
@ -161,11 +162,11 @@
]
},
"locked": {
"lastModified": 1756770412,
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
"lastModified": 1763759067,
"narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "4524271976b625a4a605beefd893f270620fd751",
"rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0",
"type": "github"
},
"original": {
@ -176,11 +177,11 @@
},
"flake-private": {
"locked": {
"lastModified": 1755291684,
"narHash": "sha256-odToLtFoY6GJQWqOksrDW4vCYIvA/utOkwjAedQpJ0w=",
"lastModified": 1764851282,
"narHash": "sha256-3Fiap0wQOUlp2V1YHSzpIqIdR188s5u7jYfBR0B+/wI=",
"ref": "main",
"rev": "88b0a0e5b1bb9bd25803e5c2c4d6aacb54205786",
"revCount": 8,
"rev": "c959ec66d9861b99eeb5948c5108f2b8ed4a3c4b",
"revCount": 9,
"type": "git",
"url": "ssh://git@git.firelilith.org/lilith/flake-private.git"
},
@ -249,18 +250,20 @@
"gnome-shell": {
"flake": false,
"locked": {
"lastModified": 1748186689,
"narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
"host": "gitlab.gnome.org",
"lastModified": 1764524476,
"narHash": "sha256-bTmNn3Q4tMQ0J/P0O5BfTQwqEnCiQIzOGef9/aqAZvk=",
"owner": "GNOME",
"repo": "gnome-shell",
"rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
"type": "github"
"rev": "c0e1ad9f0f703fd0519033b8f46c3267aab51a22",
"type": "gitlab"
},
"original": {
"host": "gitlab.gnome.org",
"owner": "GNOME",
"ref": "48.2",
"ref": "gnome-49",
"repo": "gnome-shell",
"type": "github"
"type": "gitlab"
}
},
"home-manager": {
@ -270,11 +273,11 @@
]
},
"locked": {
"lastModified": 1758719112,
"narHash": "sha256-IsR8OZWlkMNdeWFBV7ONT4id3+PQ1Dv8UQd2yf3pYxg=",
"lastModified": 1764839789,
"narHash": "sha256-QCgaXEj8036JlfyVM2e5fgKIxoF7IgGRcAi8LkehKvo=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d398f95f1e9108f18c7dbe45423c71ccf52497c4",
"rev": "d441981b200305ebb8e2e2921395f51d207fded6",
"type": "github"
},
"original": {
@ -328,11 +331,11 @@
]
},
"locked": {
"lastModified": 1758192433,
"narHash": "sha256-CR6RnqEJSTiFgA6KQY4TTLUWbZ8RBnb+hxQqesuQNzQ=",
"lastModified": 1763733840,
"narHash": "sha256-JnET78yl5RvpGuDQy3rCycOCkiKoLr5DN1fPhRNNMco=",
"owner": "hyprwm",
"repo": "hyprgraphics",
"rev": "c44e749dd611521dee940d00f7c444ee0ae4cfb7",
"rev": "8f1bec691b2d198c60cccabca7a94add2df4ed1a",
"type": "github"
},
"original": {
@ -353,11 +356,11 @@
]
},
"locked": {
"lastModified": 1758631015,
"narHash": "sha256-IN0xWy9AkyMLuWIGZES+VUVD94FgrN7Sd+f1+c7o9X8=",
"lastModified": 1764502778,
"narHash": "sha256-FKbMxf2Y45ZCVG7CCjM/xHF9qndjkl0SZtL8IQ2ijU0=",
"owner": "horriblename",
"repo": "hyprgrass",
"rev": "35eea3b6fc939778170b2b23d4e20a3fec79e96a",
"rev": "0a1780ca3851e6960c4c7c4c66e1e37fefd7b0f3",
"type": "github"
},
"original": {
@ -371,8 +374,8 @@
"aquamarine": "aquamarine",
"hyprcursor": "hyprcursor",
"hyprgraphics": "hyprgraphics",
"hyprland-guiutils": "hyprland-guiutils",
"hyprland-protocols": "hyprland-protocols",
"hyprland-qtutils": "hyprland-qtutils",
"hyprlang": "hyprlang",
"hyprutils": "hyprutils",
"hyprwayland-scanner": "hyprwayland-scanner",
@ -384,11 +387,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1758654510,
"narHash": "sha256-V4hLuM9uB4ecz0sFnnrt0idxpw0kGIw+6tLmBw2X0u8=",
"lastModified": 1764801806,
"narHash": "sha256-AlEo8j1V9S20PJd23DXqR/tjwtUjxMcn87Euei9zFeA=",
"ref": "refs/heads/main",
"rev": "ec9a72d9fbe8372c4cc4e86966f6b13d178b0bba",
"revCount": 6449,
"rev": "9b1891e4765e2c5b84c8c61725e3973ca9940e05",
"revCount": 6669,
"type": "git",
"url": "https://github.com/hyprwm/Hyprland"
},
@ -397,6 +400,52 @@
"url": "https://github.com/hyprwm/Hyprland"
}
},
"hyprland-guiutils": {
"inputs": {
"aquamarine": [
"hyprland",
"aquamarine"
],
"hyprgraphics": [
"hyprland",
"hyprgraphics"
],
"hyprlang": [
"hyprland",
"hyprlang"
],
"hyprtoolkit": "hyprtoolkit",
"hyprutils": [
"hyprland",
"hyprutils"
],
"hyprwayland-scanner": [
"hyprland",
"hyprwayland-scanner"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1764616927,
"narHash": "sha256-wRT0MKkpPo11ijSX3KeMN+EQWnpSeUlRtyF3pFLtlRU=",
"owner": "hyprwm",
"repo": "hyprland-guiutils",
"rev": "25cedbfdc5b3ea391d8307c9a5bea315e5df3c52",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-guiutils",
"type": "github"
}
},
"hyprland-protocols": {
"inputs": {
"nixpkgs": [
@ -409,11 +458,11 @@
]
},
"locked": {
"lastModified": 1749046714,
"narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=",
"lastModified": 1759610243,
"narHash": "sha256-+KEVnKBe8wz+a6dTLq8YDcF3UrhQElwsYJaVaHXJtoI=",
"owner": "hyprwm",
"repo": "hyprland-protocols",
"rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330",
"rev": "bd153e76f751f150a09328dbdeb5e4fab9d23622",
"type": "github"
},
"original": {
@ -422,74 +471,6 @@
"type": "github"
}
},
"hyprland-qt-support": {
"inputs": {
"hyprlang": [
"hyprland",
"hyprland-qtutils",
"hyprlang"
],
"nixpkgs": [
"hyprland",
"hyprland-qtutils",
"nixpkgs"
],
"systems": [
"hyprland",
"hyprland-qtutils",
"systems"
]
},
"locked": {
"lastModified": 1749154592,
"narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=",
"owner": "hyprwm",
"repo": "hyprland-qt-support",
"rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-qt-support",
"type": "github"
}
},
"hyprland-qtutils": {
"inputs": {
"hyprland-qt-support": "hyprland-qt-support",
"hyprlang": [
"hyprland",
"hyprlang"
],
"hyprutils": [
"hyprland",
"hyprland-qtutils",
"hyprlang",
"hyprutils"
],
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1757694755,
"narHash": "sha256-j+w5QUUr2QT/jkxgVKecGYV8J7fpzXCMgzEEr6LG9ug=",
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"rev": "5ffdfc13ed03df1dae5084468d935f0a3f2c9a4c",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"type": "github"
}
},
"hyprlang": {
"inputs": {
"hyprutils": [
@ -506,11 +487,11 @@
]
},
"locked": {
"lastModified": 1756810301,
"narHash": "sha256-wgZ3VW4VVtjK5dr0EiK9zKdJ/SOqGIBXVG85C3LVxQA=",
"lastModified": 1764612430,
"narHash": "sha256-54ltTSbI6W+qYGMchAgCR6QnC1kOdKXN6X6pJhOWxFg=",
"owner": "hyprwm",
"repo": "hyprlang",
"rev": "3d63fb4a42c819f198deabd18c0c2c1ded1de931",
"rev": "0d00dc118981531aa731150b6ea551ef037acddd",
"type": "github"
},
"original": {
@ -519,6 +500,58 @@
"type": "github"
}
},
"hyprtoolkit": {
"inputs": {
"aquamarine": [
"hyprland",
"hyprland-guiutils",
"aquamarine"
],
"hyprgraphics": [
"hyprland",
"hyprland-guiutils",
"hyprgraphics"
],
"hyprlang": [
"hyprland",
"hyprland-guiutils",
"hyprlang"
],
"hyprutils": [
"hyprland",
"hyprland-guiutils",
"hyprutils"
],
"hyprwayland-scanner": [
"hyprland",
"hyprland-guiutils",
"hyprwayland-scanner"
],
"nixpkgs": [
"hyprland",
"hyprland-guiutils",
"nixpkgs"
],
"systems": [
"hyprland",
"hyprland-guiutils",
"systems"
]
},
"locked": {
"lastModified": 1764592794,
"narHash": "sha256-7CcO+wbTJ1L1NBQHierHzheQGPWwkIQug/w+fhTAVuU=",
"owner": "hyprwm",
"repo": "hyprtoolkit",
"rev": "5cfe0743f0e608e1462972303778d8a0859ee63e",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprtoolkit",
"type": "github"
}
},
"hyprutils": {
"inputs": {
"nixpkgs": [
@ -531,11 +564,11 @@
]
},
"locked": {
"lastModified": 1756117388,
"narHash": "sha256-oRDel6pNl/T2tI+nc/USU9ZP9w08dxtl7hiZxa0C/Wc=",
"lastModified": 1764637132,
"narHash": "sha256-vSyiKCzSY48kA3v39GFu6qgRfigjKCU/9k1KTK475gg=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "b2ae3204845f5f2f79b4703b441252d8ad2ecfd0",
"rev": "2f2413801beee37303913fc3c964bbe92252a963",
"type": "github"
},
"original": {
@ -556,11 +589,11 @@
]
},
"locked": {
"lastModified": 1755184602,
"narHash": "sha256-RCBQN8xuADB0LEgaKbfRqwm6CdyopE1xIEhNc67FAbw=",
"lastModified": 1763640274,
"narHash": "sha256-Uan1Nl9i4TF/kyFoHnTq1bd/rsWh4GAK/9/jDqLbY5A=",
"owner": "hyprwm",
"repo": "hyprwayland-scanner",
"rev": "b3b0f1f40ae09d4447c20608e5a4faf8bf3c492d",
"rev": "f6cf414ca0e16a4d30198fd670ec86df3c89f671",
"type": "github"
},
"original": {
@ -586,11 +619,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1758446476,
"narHash": "sha256-5rdAi7CTvM/kSs6fHe1bREIva5W3TbImsto+dxG4mBo=",
"lastModified": 1764794580,
"narHash": "sha256-UMVihg0OQ980YqmOAPz+zkuCEb9hpE5Xj2v+ZGNjQ+M=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a1f79a1770d05af18111fbbe2a3ab2c42c0f6cd0",
"rev": "ebc94f855ef25347c314258c10393a92794e7ab9",
"type": "github"
},
"original": {
@ -624,11 +657,11 @@
]
},
"locked": {
"lastModified": 1758712580,
"narHash": "sha256-0xmCEK2sIjE5ZcmMuJjbvl/Xo5AtB/OqE2oWjQzRefg=",
"lastModified": 1764847781,
"narHash": "sha256-OBuBBqMKXt8xlzJ3z27i9A36sEYAfVmeMxZ5yGFV+4Q=",
"owner": "nix-community",
"repo": "NUR",
"rev": "7f3ecc7eeb5cdfc43c27126200220fc928883e68",
"rev": "6f944b9a614527821456c45421833dd771a0e739",
"type": "github"
},
"original": {
@ -649,11 +682,11 @@
]
},
"locked": {
"lastModified": 1756961635,
"narHash": "sha256-hETvQcILTg5kChjYNns1fD5ELdsYB/VVgVmBtqKQj9A=",
"lastModified": 1764773531,
"narHash": "sha256-mCBl7MD1WZ7yCG6bR9MmpPO2VydpNkWFgnslJRIT1YU=",
"owner": "nix-community",
"repo": "NUR",
"rev": "6ca27b2654ac55e3f6e0ca434c1b4589ae22b370",
"rev": "1d9616689e98beded059ad0384b9951e967a17fa",
"type": "github"
},
"original": {
@ -672,11 +705,11 @@
]
},
"locked": {
"lastModified": 1758108966,
"narHash": "sha256-ytw7ROXaWZ7OfwHrQ9xvjpUWeGVm86pwnEd1QhzawIo=",
"lastModified": 1763988335,
"narHash": "sha256-QlcnByMc8KBjpU37rbq5iP7Cp97HvjRP0ucfdh+M4Qc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "54df955a695a84cd47d4a43e08e1feaf90b1fd9b",
"rev": "50b9238891e388c9fdc6a5c49e49c42533a1b5ce",
"type": "github"
},
"original": {
@ -736,11 +769,11 @@
]
},
"locked": {
"lastModified": 1758425756,
"narHash": "sha256-L3N8zV6wsViXiD8i3WFyrvjDdz76g3tXKEdZ4FkgQ+Y=",
"lastModified": 1764483358,
"narHash": "sha256-EyyvCzXoHrbL467YSsQBTWWg4sR96MH1sPpKoSOelB4=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "e0fdaea3c31646e252a60b42d0ed8eafdb289762",
"rev": "5aca6ff67264321d47856a2ed183729271107c9c",
"type": "github"
},
"original": {
@ -770,11 +803,11 @@
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1758716250,
"narHash": "sha256-PvOo4vSk7WAOhSifgL+rzExihquU9DOIOQPrUVuFHpE=",
"lastModified": 1764798099,
"narHash": "sha256-IIwR5ZWo7tjxjRpkz0tViF9KFbQ1YXs9Wkan46WQbfk=",
"owner": "danth",
"repo": "stylix",
"rev": "526c882800837cce7676f3e11bb3e13e975c6032",
"rev": "4b9e0e7ba3cccb86fe2bf0f4a2dd18256bef1cc6",
"type": "github"
},
"original": {
@ -864,11 +897,11 @@
"tinted-schemes": {
"flake": false,
"locked": {
"lastModified": 1754779259,
"narHash": "sha256-8KG2lXGaXLUE0F/JVwLQe7kOVm21IDfNEo0gfga5P4M=",
"lastModified": 1763914658,
"narHash": "sha256-Hju0WtMf3iForxtOwXqGp3Ynipo0EYx1AqMKLPp9BJw=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "097d751b9e3c8b97ce158e7d141e5a292545b502",
"rev": "0f6be815d258e435c9b137befe5ef4ff24bea32c",
"type": "github"
},
"original": {
@ -880,11 +913,11 @@
"tinted-tmux": {
"flake": false,
"locked": {
"lastModified": 1754788770,
"narHash": "sha256-LAu5nBr7pM/jD9jwFc6/kyFY4h7Us4bZz7dvVvehuwo=",
"lastModified": 1764465359,
"narHash": "sha256-lbSVPqLEk2SqMrnpvWuKYGCaAlfWFMA6MVmcOFJjdjE=",
"owner": "tinted-theming",
"repo": "tinted-tmux",
"rev": "fb2175accef8935f6955503ec9dd3c973eec385c",
"rev": "edf89a780e239263cc691a987721f786ddc4f6aa",
"type": "github"
},
"original": {
@ -896,11 +929,11 @@
"tinted-zed": {
"flake": false,
"locked": {
"lastModified": 1755613540,
"narHash": "sha256-zBFrrTxHLDMDX/OYxkCwGGbAhPXLi8FrnLhYLsSOKeY=",
"lastModified": 1764464512,
"narHash": "sha256-rCD/pAhkMdCx6blsFwxIyvBJbPZZ1oL2sVFrH07lmqg=",
"owner": "tinted-theming",
"repo": "base16-zed",
"rev": "937bada16cd3200bdbd3a2f5776fc3b686d5cba0",
"rev": "907dbba5fb8cf69ebfd90b00813418a412d0a29a",
"type": "github"
},
"original": {
@ -937,11 +970,11 @@
]
},
"locked": {
"lastModified": 1755354946,
"narHash": "sha256-zdov5f/GcoLQc9qYIS1dUTqtJMeDqmBmo59PAxze6e4=",
"lastModified": 1761431178,
"narHash": "sha256-xzjC1CV3+wpUQKNF+GnadnkeGUCJX+vgaWIZsnz9tzI=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "a10726d6a8d0ef1a0c645378f983b6278c42eaa0",
"rev": "4b8801228ff958d028f588f0c2b911dbf32297f9",
"type": "github"
},
"original": {

14
flake.nix
View file

@ -89,17 +89,6 @@
overlays = [
nur.overlays.default
zen-browser.overlay
(final: prev: {
jellyseerr = prev.jellyseerr.overrideAttrs (old: {
src = prev.fetchFromGitHub {
owner = "0-Pierre";
repo = "jellyseer";
rev = "0cc1391b7016ded828670d4525417b59029db351";
hash = "";
};
});
})
];
};
@ -114,9 +103,10 @@
modules = [
./hosts/${host}/default.nix
./hosts/${host}/hardware-configuration.nix
./system
{ networking.hostName = host; }
./system
./server
./home
];
};

11
home/lilith/git.nix
View file

@ -3,14 +3,16 @@
programs.git = {
enable = true;
lfs.enable = true;
userName = "Lilith";
userEmail = "liv@benstem.de";
difftastic.enable = true;
signing = {
key = "B96CE30E7F0B4319DE0025B4272C807BD91F8446";
signByDefault = true;
};
extraConfig = {
settings = {
user = {
name = "Lilith";
email = "liv@benstem.de";
};
diff = {
algorith = "histogram";
submodule = "log";
@ -32,4 +34,5 @@
init.defaultBranch = "main";
};
};
programs.difftastic.enable = true;
}

4
home/lilith/hyprland/default.nix
View file

@ -1,4 +1,4 @@
{ hyprland, ... }:
{ hyprland, pkgs, ... }:
{
imports = [
hyprland.homeManagerModules.default
@ -12,7 +12,7 @@
wayland.windowManager.hyprland = {
enable = true;
# package = hyprland.packages.${pkgs.system}.hyprland;
package = hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
xwayland.enable = true;

2
home/lilith/hyprland/hyprgrass.nix
View file

@ -8,7 +8,7 @@
{
options.desktop.touchSupport = lib.mkEnableOption "Enables touch-related features";
config.wayland.windowManager.hyprland = lib.mkIf config.desktop.touchSupport {
plugins = [ hyprgrass.packages.${pkgs.system}.default ];
plugins = [ hyprgrass.packages.${pkgs.stdenv.hostPlatform.system}.default ];
settings.plugin.touch_gestures = {
sensitivity = 4.0;

61
home/lilith/hyprland/settings.nix
View file

@ -2,49 +2,50 @@
{
wayland.windowManager.hyprland.settings.windowrule = [
# keepass special workplace
"workspace special:keepass,class:org.keepassxc.KeePassXC,title:^(.*)(KeePassXC)(.*)$"
"workspace special:keepass,match:class org.keepassxc.KeePassXC,match:title ^(.*)(KeePassXC)(.*)$"
# show database unlock prompt on all workspaces
"workspace unset silent,class:org.keepassxc.KeePassXC,title:Unlock Database - KeePassXC,"
"center,class:org.keepassxc.KeePassXC,title:Unlock Database - KeePassXC,"
"pin,class:org.keepassxc.KeePassXC,title:Unlock Database - KeePassXC,"
"workspace unset silent,match:class org.keepassxc.KeePassXC,match:title Unlock Database - KeePassXC,"
"center on,match:class org.keepassxc.KeePassXC,match:title Unlock Database - KeePassXC,"
"pin on,match:class org.keepassxc.KeePassXC,match:title Unlock Database - KeePassXC,"
"stay_focused on,match:class org.keepassxc.KeePassXC,match:title Unlock Database - KeePassXC,"
# show inline images with ueberzugpp
"noanim, class:^ueberzugpp_(.*)$"
"no_anim on, match:class ^ueberzugpp_(.*)$"
# clipboard manager clipse
"float,class:(clipse)"
"size 50% 50%,class:(clipse)"
"center, class:(clipse)"
"float on,match:class (clipse)"
"size 50% 50%,match:class (clipse)"
"center on, match:class (clipse)"
# path of exile / poetrade hacks
"tag +poe, class:^(steam_app_238960)$"
"tag +poe, class:^(steam_app_2694490)$"
"tag +poe, title:^(Path of Exile)$"
"fullscreen, tag:poe"
"tag +poe, match:class ^(steam_app_238960)$"
"tag +poe, match:class ^(steam_app_2694490)$"
"tag +poe, match:title ^(Path of Exile)$"
"fullscreen on, match:tag poe"
"tag +awakened-poe-trade,class:^(awakened-poe-trade)$"
"tag +awakened-poe-trade,class:^(exiled-exchange-2)$"
"float,tag:awakened-poe-trade"
"noblur,tag:awakened-poe-trade"
"nofocus,tag:awakened-poe-trade"
"noshadow,tag:awakened-poe-trade"
"noborder,tag:awakened-poe-trade"
"pin,tag:awakened-poe-trade"
"renderunfocused,tag:awakened-poe-trade"
"size 90% 90%,tag:awakened-poe-trade"
"center,tag:awakened-poe-trade"
"tag +awakened-poe-trade,match:class ^(awakened-poe-trade)$"
"tag +awakened-poe-trade,match:class ^(exiled-exchange-2)$"
"float on,match:tag awakened-poe-trade"
"no_blur on,match:tag awakened-poe-trade"
"no_focus on,match:tag awakened-poe-trade"
"no_shadow on,match:tag awakened-poe-trade"
"border_size 0, match:tag awakened-poe-trade"
"pin on,match:tag awakened-poe-trade"
"render_unfocused on,match:tag awakened-poe-trade"
"size 90% 90%,match:tag awakened-poe-trade"
"center on,match:tag awakened-poe-trade"
# "stayfocused,class:^(steam_app_238960)$"
# "stayfocused,match:class ^(steam_app_238960)$"
];
wayland.windowManager.hyprland.settings.bind = [
"SHIFT,Space,pass,class:^(awakened-poe-trade)$"
"CTRL,D,pass,class:^(awakened-poe-trade)$"
"CTRL ALT,D,pass,class:^(awakened-poe-trade)$"
"SHIFT,Space,pass,match:class ^(awakened-poe-trade)$"
"CTRL,D,pass,match:class ^(awakened-poe-trade)$"
"CTRL ALT,D,pass,match:class ^(awakened-poe-trade)$"
"SHIFT,Space,pass,class:^(exiled-exchange-2)$"
"CTRL,D,pass,class:^(exiled-exchange-2)$"
"CTRL ALT,D,pass,class:^(exiled-exchange-2)$"
"SHIFT,Space,pass,match:class ^(exiled-exchange-2)$"
"CTRL,D,pass,match:class ^(exiled-exchange-2)$"
"CTRL ALT,D,pass,match:class ^(exiled-exchange-2)$"
"SUPER, mouse_down, sendshortcut, , mouse:272"
];

2
home/lilith/input.nix
View file

@ -8,7 +8,7 @@
fcitx5 = {
addons = with pkgs; [
fcitx5-gtk
fcitx5-chinese-addons
qt6Packages.fcitx5-chinese-addons
fcitx5-nord
];
ignoreUserConfig = true;

1
home/lilith/messaging.nix
View file

@ -3,6 +3,7 @@
programs.iamb = {
enable = true;
settings = {
default_profile = "fau";
profiles.personal.user_id = "@lilith:matrix.firelilith.org";
profiles.fau.user_id = "@faub1941:fau.org";

3
home/lilith/packages.nix
View file

@ -1,7 +1,7 @@
{ pkgs, rose-pine-hyprcursor, ... }:
{
home.packages = with pkgs; [
rose-pine-hyprcursor.packages.${pkgs.system}.default
rose-pine-hyprcursor.packages.${pkgs.stdenv.hostPlatform.system}.default
gcc
gnumake
@ -45,6 +45,7 @@
btop
htop
grc
nix-output-monitor
nvd

1
home/lilith/ssh.nix
View file

@ -6,6 +6,7 @@
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"hpc" = {

1
home/lilith/stylix.nix
View file

@ -2,5 +2,6 @@
{
stylix.targets = {
firefox.enable = true;
zen-browser.profileNames = [ "lilith" ];
};
}

12
hosts/lilith-lab/default.nix
View file

@ -1,4 +1,4 @@
{ lib, pkgs, ... }:
{ lib, config, ... }:
let
mkHostOverride = lib.mkOverride 75;
in
@ -7,7 +7,11 @@ in
nfs.host.enable = true;
hardware.graphics.extraPackages = [ pkgs.rocmPackages.clr.icd ];
environment.systemPackages = [ pkgs.rocmPackages.clr.icd ];
boot.kernelModules = [ "amdgpu" ];
hardware.nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.stable;
nvidiaSettings = true;
open = false;
modesetting.enable = true;
};
}

6
hosts/lilith-lab/secrets/default.yaml
View file

@ -1,5 +1,5 @@
user:
password: ENC[AES256_GCM,data:0VEVhqf0R/fduL2mX+3MQkZakCbX2mDWTzLyaWjaDbFyZphLsHThFHuh3Zm0wH+6LedwJXpbaUYsxXgwlV2F82dZ2J0aotVY2A==,iv:d23Exq0N9oBLhPVA1OrfQ9TT5Iyr53lnWrsof3rB8Bs=,tag:JeOakCtfczjxzo9JHnHzlQ==,type:str]
password: ENC[AES256_GCM,data:RffjNA5OunSxt0HQfx7A9lPiQl/4XnkeLTTG5zaGsDzIKEJ1kzYkDwsiZ18ZoYaQWGOD6yiN1nknTktfT8b8BFEdNUn4kIacfA==,iv:D6sW541Q86z/KP0S9dzasQ8oL/4Vm/Rdn1mUUCAkXns=,tag:BNQCt/x26oQyrFs8VXWuFg==,type:str]
ssh:
public: ENC[AES256_GCM,data:Nnxczf9a4vdFxd4r7JsFJU0kMG6jqm4eOiVHK4J0cbbHWCthaOvy0x6BjAjzqMpnRrEB0DrvPMxfCesr39yLlCYa26mNYx86AT5vi8taOGRg,iv:XLeEi0Oe7eoUHZBU5TvdxhU02aP2V1VtrnJ3V1Ckznk=,tag:fV+V2S2MOyb64HkTQP3mBw==,type:str]
private: ENC[AES256_GCM,data:Yk+YHVeVBYfl0W+BbauYeuQmNR+MV9G7u5cuVthsC2oNIE8RFUfZ2oj4bzAJsPfzdHIl/gYatbw6N8gxwJLtc4PzapunKtWsCMPdmYKvtvZOvijXsrIZI0u8zf+HzZOVf+QAr0oSTos4CWcskRKl5Ue1dRs3Y6oJfnlj12s3unRMhGSYMq0k+6HZnuiBqAndPLI+YVMH8hQ22r6KBc6kmv+DLKf8saQ+E0oow4lPb9lLu2i1HIWA5s2pghOBWvagq9bOSXFx6L6gydOUdYWUsQPbgylBcd5CSZ1OdULzIFkwavqalwhp4qdhyPKqGKQ0HLypuRe5dgvr1TN92lSrsxqHNDDHTt5JyWiBq3PrXRO7pSZQtT9Sa9/nLia6QS2RTqos7nca1qOIrAGbRCLO3VZ6G2zRk9q0HKjXqR/+I7Hh5loLNAZ1BeRNYfEPEqBdlx2ma2aGFrPYtTWg6EDCXNY0Mh81PSgWEyEDdenVi4nhHSESejkcUyv02Qg4sZDpZn4WAJGi6AKY6ZbF88RIDpbMV5rIwNgqxGSeLyRP6zs=,iv:s91jTBGApdhK6oIfUtndkup6GGpdh3+DTNPfDEFkYoQ=,tag:3VeT0kk7X3OIg/ar6RTh9Q==,type:str]
@ -18,8 +18,8 @@ sops:
Q0lSZ2J3cHM1Zjc3TXMwWDlnaHdWazAKo64uQ1arscAhF4gbq3ly8mCNPzSDPWql
F+75SNZB24Vet5HNf0lsjZw6Iz5xiF43w05/yrSKg49cqAuij+PiCw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-21T19:26:01Z"
mac: ENC[AES256_GCM,data:tZ+hsckQrJlZfVgaFIDcffBH6TNlfZ7nEUQyd+sspaVEuOBGhruBdrAFVWWensooEOoKzHLAeh0L0ryVF1X5w09zoMZvs2hPvQ9GUBJh5U6WjnFGhfqo8MhYwOW4cKuia7dO6PYqVUhRmRdCN6vbmNWmNKsNkGmxveFd7LQA3oM=,iv:uVdd7yBhAE2GIcV3sLETCowXcPV43/e3OkXgzPKUJGg=,tag:KjktUqIOlRbYOKiY6pWeNQ==,type:str]
lastmodified: "2025-10-17T12:27:37Z"
mac: ENC[AES256_GCM,data:Tp1wJp6nZc/SqqUPXmyEpsD02bDAqrCwh3X8jyUPWy2W5O8kUCq17U1rZkd2RErpx1BaSiVQ+wIEofSJ5L8vOtSVUiScRLv+LOjmivutrxRjqkYIrzO831lDqvsYKDI4tXmBPnLh2EpVLwSghhv35+4we9CjTA0LGVxwQZpov6k=,iv:9tviyo8teegHylyP628KxgKSAR0Ec3mHeQg1srXPqEU=,tag:cIP4cELP/FoHQrGr918tjQ==,type:str]
pgp:
- created_at: "2025-08-21T19:07:51Z"
enc: |-

42
hosts/lilith-lab/secrets/networking.yaml Normal file
View file

@ -0,0 +1,42 @@
wireguard:
private: ENC[AES256_GCM,data:NeX0VxXVvrEUAQoRRrjUA44bygWhyvONxp/HZFJmB+kX7bl8N6eixWE569I=,iv:c1knx4eTPZQTqBurrBeHgDEVpmS/BQoLkJzmeuwlL8k=,tag:xTPutJS4eOQq/C7incehgQ==,type:str]
public: ENC[AES256_GCM,data:fQMKK8SidK6PdSqnWyFVHiUI5RKtsyYqVSh8czlS+4pBwphYuWFFR8kArOQ=,iv:gCcTpQBvIzbPuUT0WkE1f6SGU0eIKZTUZRqNA3Yb8rg=,tag:S1/woWnIinnorS9Z4czpfw==,type:str]
preshared:
lilith-phone: ENC[AES256_GCM,data:4FV8Q6A/3zRwPpUMJG4XAkY5d2PvBP/2waEWM0D3A+plgcSE50Ng2lzP5Ak=,iv:bSDfxsDiEyOeZst6lyQsMJQt9cHVbWkZaw8PuFdAUjs=,tag:eLBKYidmZXhkfcXa0ZiueA==,type:str]
lilith-pad: ENC[AES256_GCM,data:enQk/mPhrWBHEAkzIe6WLVx1ipCX5Tthq9ets7J3A470VRAWrfNotajQTGU=,iv:+V3maDCwYizOH2d7jBW6m4Eu+3nefqAgZ3c+81vMOks=,tag:Y99BMLLjJZZ8Fw8KE8QiTA==,type:str]
wireguard-bridge:
private: ENC[AES256_GCM,data:Z/Bf0u+Dgqidq6QB1QymhW7dyK4E8/aTUFjVTQaYEl8K3xU3LByzUu16FV4=,iv:frID3D1VSLQSxwxrV4jX02CG1OYYCJo53SPIBtTWozI=,tag:yD6LeGW9XQuFsFzoDhRBrA==,type:str]
public: ENC[AES256_GCM,data:j2UyFO/ynMAXHqoJh5yUdvTWRxhI3NT4mopfvTBT65E7eULMx+/N6BzcydY=,iv:xZyVkk+dKrpu30vnrq98FEfpK5l7A0u2FpDhFScTG/4=,tag:OVSo1r7DG8WXfvSkhIm2zw==,type:str]
mullvad:
private: ENC[AES256_GCM,data:p03PnOPD5S9m2BXq5Ugv/bw8C4+CrO0/kO7N5gk93fm3h9dvem5D5Kul1T4=,iv:YLJs6BlaMnCWMAmsDEdqYxiQhFMaEgvHl2oNET6ZjdU=,tag:CCP31oZnRw677sHWhDTAcQ==,type:str]
public: ENC[AES256_GCM,data:HMVNaMU04xMn5VRQBYcchW7SnWxQR6fOUFW7piKyW0v0wf61v9tV4Hs7TmU=,iv:0ZZKQatO+BT+54fa+vsAHhGNMGVaVdKT+COc1dQnLeI=,tag:erb87XB+H+tq3H5HVve9JQ==,type:str]
home-assistant:
mosquitto:
hass: ENC[AES256_GCM,data:yzm/ETAQ7y5nCtR40IL0fvnjMyVHMTbF7qpVm5upMqs3v+wdV5H0/bsmTKl3r6PduumU9bT5XrbBHZoBWDfKiCHzCNOLvFCvKxE8pvvMg13nbWYT/5Iq3iqdUpjiQWdAPzN/jgHkOyClkL5JjNki6Q==,iv:Er/sEpydmTyW9CnaObc2XxsgAx2D41K+NWATgsUwiu8=,tag:1Fuu0S7LYnZEQMztdgId+w==,type:str]
sops:
age:
- recipient: age1aqks8n6temvwfnqqk8pua56du4xz8krz8edmslg69pu8hpkla96q5hfxp6
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3WTJvK3RRcjRPVkVoZkEy
bUVTSy9yS2ovOXNxS25KYTNBRjc2R3g3bnlJCjdTdmp2WExaQmV2eWFyN0hQYUtK
MzU5VUVQSVNPTkVpdXlUdWpaRFFXMHMKLS0tIGZXN1Zab2huSlFvQkVLR0tsQTBY
VUJxWUhnbEpGUkFUbDBveEpCTkYrQjAKVrVBFELhFvmLdUc2yIqdHCSUWQUToTGV
qBiwM4u9hjpwTr5zCHWEvXOXoDHuBMy8Ud4ha8wshbgf0iD/axXjOQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-10-17T12:29:14Z"
mac: ENC[AES256_GCM,data:xsh2nmx1M+eCT6sVwJ0JBeBh5d8mz3pmxpSn5RgIWmARfIbnt4Q4ysLNV6SAbJvtHLvOQKZsboHGRjAEpu3H+g3pSB3hu+s+uSNiPUcBO2eq0jA/d0DwtckPMS+9bs/eEKAyPcGbxe5H3erISgZUr3+WtZCnd7XwjCD3mKG+8iw=,iv:DIOnx+6RJ3eYTgaYNI0arzG3R9L0uJu3tlPNsyDZQ8k=,tag:MD6/b/5dugTb3jayL1/VyQ==,type:str]
pgp:
- created_at: "2025-10-17T12:29:08Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hF4DCgMW7d7co2gSAQdA7HgG4AoCCg7Un8w1MIY/WHDaH0D7Ix3dx+X2cLi7mFkw
MgzvF9i9MLQlE2bFknbZdAQL8LW/eBauC3vaUPoIZrDGTCHt7D2sPI4Eap25GRl6
0l4BG1SUmTDjZb5S75QFo7+O6UvO+PDuhXbmjes9926I2ohPfIOGCUjELV8HyNXO
35SadPJ1jcolURhMkSuEdt7lFRPslC3iXRVP7LEnuVP68ZXo7xa1uvFAvkBAtIsv
=oIH1
-----END PGP MESSAGE-----
fp: 35FA53C3B39A778CBD0F0ADD0A0316EDDEDCA368
unencrypted_suffix: _unencrypted
version: 3.10.2

2
hosts/lilith-pad/default.nix
View file

@ -14,7 +14,7 @@ in
nfs.client.enable = true;
auto_styling.enable = true;
ollama.enable = false;
# ollama.enable = false;
home-manager.users."lilith".wayland.windowManager.hyprland.settings = {
monitor = mkHostOverride [

65
server/arr/default.nix Normal file
View file

@ -0,0 +1,65 @@
{ lib, config, ... }:
{
options.server.arr.enable = lib.mkEnableOption "Enable *arr suite";
config = lib.mkIf config.server.arr.enable {
networking.firewall.allowedTCPPorts = [
7878
8191
8686
8989
9696
];
services.radarr = {
user = "jellyfin";
group = "jellyfin";
enable = true;
};
services.sonarr = {
user = "jellyfin";
group = "jellyfin";
enable = true;
};
# services.lidarr = {
# user = "jellyfin";
# group = "jellyfin";
# enable = true;
# };
virtualisation.oci-containers.containers."lidarr" = {
image = "ghcr.io/linuxserver-labs/prarr:lidarr-plugins";
volumes = [
"config:/config"
"/data:/data"
"music:/music"
];
environment = {
"PUID" = "994";
"GUID" = "994";
};
extraOptions = [ "--network=host" ];
};
services.prowlarr = {
enable = true;
};
# services.flaresolverr = {
# enable = true;
# };
services.readarr = {
user = "jellyfin";
group = "jellyfin";
enable = true;
};
virtualisation.oci-containers.containers."flaresolverr" = {
image = "ghcr.io/flaresolverr/flaresolverr:latest";
extraOptions = [ "--network=host" ];
};
};
}

12
server/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ ... }:
{
imports = [
./ollama.nix
./jellyfin
./wireguard.nix
./deluge
./nfs-server.nix
./arr
# ./home-assistant
];
}

154
server/deluge/default.nix Normal file
View file

@ -0,0 +1,154 @@
{
lib,
config,
pkgs,
...
}:
{
options.server.deluge.enable = lib.mkEnableOption "Enable deluge torrent client";
config = lib.mkIf config.server.deluge.enable {
services.deluge = {
enable = true;
web.enable = true;
};
environment.systemPackages = with pkgs; [ libnatpmp ];
networking.firewall.allowedTCPPorts = [ 8112 ];
# creating network namespace
systemd.services."netns@" = {
description = "%I network namespace";
before = [ "network.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${pkgs.iproute2}/bin/ip netns add %I";
ExecStop = "${pkgs.iproute2}/bin/ip netns del %I";
};
};
systemd.services.wg-port-opener = {
description = "port opener for protonvpn";
bindsTo = [ "netns@wg.service" ];
requires = [ "network-online.target" ];
after = [ "netns@wg.service" ];
serviceConfig = {
Type = "exec";
NetworkNamespacePath = [ "/var/run/netns/wg" ];
ExecStart =
with pkgs;
writers.writeBash "port-opening" ''
while true; do
date;
${libnatpmp}/bin/natpmpc -a 1 0 udp 60 -g 10.2.0.1 || { echo -e "ERROR with natpmpc udp command \a" ; break ; };
${libnatpmp}/bin/natpmpc -a 1 0 tcp 60 -g 10.2.0.1 || { echo -e "ERROR with natpmpc tcp command \a" ; break ; };
sleep 45;
done;
'';
};
};
# setting up wireguard interface within network namespace
systemd.services.wg = {
description = "wg network interface";
bindsTo = [ "netns@wg.service" ];
requires = [ "network-online.target" ];
after = [ "netns@wg.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart =
with pkgs;
writers.writeBash "wg-up" ''
${iproute2}/bin/ip link add wg0 type wireguard
${iproute2}/bin/ip link set wg0 netns wg
${iproute2}/bin/ip -n wg address add 10.2.0.2/32 dev wg0
# ${iproute2}/bin/ip -n wg -6 address add fc00:bbbb:bbbb:bb01::a:1674/128 dev wg0
${iproute2}/bin/ip netns exec wg \
${wireguard-tools}/bin/wg setconf wg0 /root/proton.conf
${iproute2}/bin/ip -n wg link set wg0 up
# need to set lo up as network namespace is started with lo down
${iproute2}/bin/ip -n wg link set lo up
${iproute2}/bin/ip -n wg route add default dev wg0
${iproute2}/bin/ip -n wg -6 route add default dev wg0
'';
ExecStop =
with pkgs;
writers.writeBash "wg-down" ''
${iproute2}/bin/ip -n wg route del default dev wg0
${iproute2}/bin/ip -n wg -6 route del default dev wg0
${iproute2}/bin/ip -n wg link del wg0
'';
};
};
# binding deluged to network namespace
systemd.services.deluged.bindsTo = [ "netns@wg.service" ];
systemd.services.deluged.requires = [
"network-online.target"
"wg.service"
];
systemd.services.deluged.serviceConfig.NetworkNamespacePath = [ "/var/run/netns/wg" ];
systemd.services.deluge-port-setter = {
description = "sets deluge ports";
bindsTo = [ "netns@wg.service" ];
requires = [ "network-online.target" ];
after = [ "deluged.service" ];
serviceConfig = {
Type = "oneshot";
User = "deluge";
RemainAfterExit = true;
NetworkNamespacePath = [ "/var/run/netns/wg" ];
ExecStart =
with pkgs;
writers.writeBash "deluge-ports" ''
TCP=($(${libnatpmp}/bin/natpmpc -a 1 0 tcp 60 -g 10.2.0.1 2> /dev/null | grep Mapped))
TCP_PORT=''${TCP[3]}
UDP=($(${libnatpmp}/bin/natpmpc -a 1 0 udp 60 -g 10.2.0.1 2> /dev/null | grep Mapped))
UDP_PORT=''${UDP[3]}
echo "The ports are"
echo "TCP: $TCP_PORT"
echo "UDP: $UDP_PORT"
PORTS="($TCP_PORT, $UDP_PORT)"
${deluge}/bin/deluge-console "config -s random_port false; config -s listen_ports $PORTS"
exit 0
'';
};
};
# allowing delugeweb to access deluged in network namespace, a socket is necesarry
systemd.sockets."proxy-to-deluged" = {
enable = true;
description = "Socket for Proxy to Deluge Daemon";
listenStreams = [ "58846" ];
wantedBy = [ "sockets.target" ];
};
# creating proxy service on socket, which forwards the same port from the root namespace to the isolated namespace
systemd.services."proxy-to-deluged" = {
enable = true;
description = "Proxy to Deluge Daemon in Network Namespace";
requires = [
"deluged.service"
"proxy-to-deluged.socket"
];
after = [
"deluged.service"
"proxy-to-deluged.socket"
];
unitConfig = {
JoinsNamespaceOf = "deluged.service";
};
serviceConfig = {
User = "deluge";
Group = "deluge";
ExecStart = "${pkgs.systemd}/lib/systemd/systemd-socket-proxyd --exit-idle-time=5min 127.0.0.1:58846";
PrivateNetwork = "yes";
};
};
};
}

30
server/home-assistant/bathroom.nix Normal file
View file

@ -0,0 +1,30 @@
{ ... }:
{
services.home-assistant.config = {
"automation" = [
{
alias = "Towel Warmer Timer";
trigger = {
type = "turned_on";
device_id = "bf77f1611d1d9959e967b4e35ba5234c";
entity_id = "b674ce8cc70a4d0c1bfba7c6946ab3e4";
domain = "switch";
trigger = "device";
for = {
hours = 0;
minutes = 60;
seconds = 0;
};
};
action = [
{
type = "turn_off";
device_id = "bf77f1611d1d9959e967b4e35ba5234c";
entity_id = "b674ce8cc70a4d0c1bfba7c6946ab3e4";
domain = "switch";
}
];
}
];
};
}

66
server/home-assistant/default.nix Normal file
View file

@ -0,0 +1,66 @@
{ lib, config, ... }:
{
options.server.home-assistant.enable = lib.mkEnableOption "Enable home-assistant";
config = lib.mkIf config.server.home-assistant.enable {
networking.firewall.allowedTCPPorts = [
8123
5683
];
imports = [
./zones.nix
./wyoming.nix
./mosquitto.nix
./bathroom.nix
./lights.nix
./heating.nix
];
services.home-assistant = {
enable = true;
extraComponents = [
"pushover"
"isal"
"nina"
"jellyfin"
"deluge"
"conversation"
"ollama"
"anthropic"
"mqtt"
"shelly"
"tasmota"
"wyoming"
"whisper"
"piper"
"open_meteo"
"wake_on_lan"
"bluetooth"
"bthome"
"fritz"
];
config = {
default_config = { };
# anthropic = {
# intents = [
# "HassTurnOn"
# "HassTurnOff"
# "HassGetWeather"
# ];
# };
intent = { };
};
};
};
}

16
server/home-assistant/heating.nix Normal file
View file

@ -0,0 +1,16 @@
{...}: {
services.home-assistant.config.automation = [
{
description = "Pause Heating when Window opens";
alias = "Heating Pause";
use_blueprint = {
path = "raffy-ops/hvac_pause.yaml";
input = {
climate_device = "climate.shellyblutrv_286847ef7fc0";
doors_windows = "binary_sensor.shelly_blu_door_window_3a5a_window";
action_first = true;
};
};
}
];
}

55
server/home-assistant/lights.nix Normal file
View file

@ -0,0 +1,55 @@
{...}: {
services.home-assistant.config.automation = [
{
alias = "Wake Up Light";
description = "Turn on the light on alarm ringing";
trigger = {
platform = "time";
at = "sensor.lilith_phone_next_alarm";
};
condition = [];
action = [
{
action = "light.turn_on";
metadata = {};
data = {
transition = 3;
kelvin = 3000;
brightness_pct = 100;
};
target = {
device_id = "7d40ebcac890a2743d7dc2a6dc4ca797";
};
}
];
mode = "single";
}
{
alias = "Automatic Light Off";
description = "Turn off the light after 15 minutes once Liv leaves the house";
trigger = {
platform = "state";
entity_id = "person.liv_benstem";
from = "home";
to = "not_home";
for = {
hours = 0;
minutes = 10;
seconds = 0;
};
};
condition = [];
action = [
{
action = "light.turn_off";
metadata = {};
data = {};
target = {
area_id = "bedroom";
};
}
];
mode = "single";
}
];
}

20
server/home-assistant/mosquitto.nix Normal file
View file

@ -0,0 +1,20 @@
{ sops, config, ...}: {
sops.secrets."home-assistant/mosquitto/hass" = {};
services.mosquitto = {
enable = true;
listeners = [
{
address = "192.168.178.111";
port = 1883;
users.hass = {
acl = [ "readwrite #" ];
hashedPasswordFile = config.sops.secrets."home-assistant/mosquitto/hass".path;
};
}
];
};
networking.firewall.allowedTCPPorts = [ 1883 ];
}

19
server/home-assistant/wyoming.nix Normal file
View file

@ -0,0 +1,19 @@
{...}: {
services.wyoming = {
piper.servers = {
alba = {
enable=true;
uri="tcp://localhost:12001";
voice="en_GB-alba-medium";
};
};
faster-whisper.servers = {
tiny = {
enable=true;
uri="tcp://localhost:12002";
model="tiny-int8";
language="en";
};
};
};
}

27
server/home-assistant/zones.nix Normal file
View file

@ -0,0 +1,27 @@
{
services.home-assistant.config.homeassistant = {
name = "Home";
latitude = "52.405212";
country = "DE";
longitude = "13.047246";
elevation = "45";
unit_system = "metric";
time_zone = "Europe/Berlin";
};
services.home-assistant.config.zone = [
{
name = "University";
icon = "mdi:school";
latitude = "52.408866";
longitude = "12.97513";
radius = "500";
}
{
name = "Parents";
icon = "mdi:human-male-female-child";
latitude = "52.153352";
longitude = "9.919335";
radius = "100";
}
];
}

51
server/jellyfin/default.nix Normal file
View file

@ -0,0 +1,51 @@
{
lib,
config,
pkgs,
...
}:
{
options.server.jellyfin.enable = lib.mkEnableOption "Enable Jellyfin+Jellyseerr";
config = lib.mkIf config.server.jellyfin.enable {
networking.firewall.allowedTCPPorts = [
5055
8096
];
networking.firewall.allowedUDPPorts = [ 8096 ];
# Jellyfin
environment.systemPackages = with pkgs; [
jellyfin
jellyfin-web
jellyfin-ffmpeg
];
services.jellyfin.enable = true;
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver # previously vaapiIntel
vaapiVdpau
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
vpl-gpu-rt # QSV on 11th gen or newer
intel-media-sdk # QSV up to 11th gen
];
};
# services.jellyseerr = {
# enable = true;
# port = 5055;
# openFirewall = true;
# };
virtualisation.oci-containers.containers."jellyseerr-music" = {
image = "fallenbagel/jellyseerr:preview-music-support";
extraOptions = [ "--network=host" ];
volumes = [ "/var/lib/jellyseerr/config:/app/config" ];
};
};
}

33
server/nfs-server.nix Normal file
View file

@ -0,0 +1,33 @@
{ lib, config, ... }:
{
options.server.nfs.enable = lib.mkEnableOption "Enable NFS shares";
config = lib.mkIf config.server.nfs.enable {
services.nfs.server = {
enable = true;
exports = ''
/export 192.168.178.111/24(rw,fsid=0,no_subtree_check)
/export/share 192.168.178.111/24(rw,nohide,insecure,no_subtree_check)
/export/torrent 192.168.178.111/24(rw,nohide,insecure,no_subtree_check)
'';
};
services.nfs.settings.main = {
UDP = false;
vers2 = false;
vers3 = false;
};
fileSystems."/export/share" = {
device = "/data/share";
options = [ "bind" ];
};
fileSystems."/export/torrent" = {
device = "/data/torrent";
options = [ "bind" ];
};
networking.firewall.allowedTCPPorts = [ 2049 ];
};
}

29
server/ollama.nix Normal file
View file

@ -0,0 +1,29 @@
{ config, lib, ... }:
{
options.server.ollama.enable = lib.mkEnableOption "Enable Ollama server /w GPU acceleration";
options.server.ollama.options = lib.mkOption {
description = "additional options to pass to ollama";
default = { };
};
config = lib.mkIf config.server.ollama.enable {
services.ollama = lib.attrsets.recursiveUpdate {
enable = true;
host = "0.0.0.0";
# acceleration = "rocm";
# rocmOverrideGfx = "11.0.0";
} config.server.ollama.options;
networking.firewall.allowedTCPPorts = [ 11434 ];
environment.persistence."/persist/cache".directories = [
{
directory = "/var/lib/private/ollama";
user = "nouser";
group = "nogroup";
mode = "u=rwx,g=,o=";
}
];
};
}

1
server/wireguard.nix Normal file
View file

@ -0,0 +1 @@
{ ... }: { }

2
system/core/default.nix
View file

@ -19,6 +19,4 @@
./virtualization.nix
];
environment.systemPackages = with pkgs; [ distrobox ];
}

4
system/core/packages.nix
View file

@ -6,18 +6,20 @@
duf
eza
bat
fd
file
htop
btop
git
jq
yq
du-dust
dust
ripgrep
sops
wget
wireguard-tools
zip
vpnc
distrobox
];
}

3
system/default.nix
View file

@ -1,4 +1,5 @@
{...}: {
{ ... }:
{
imports = [
./core
./optional

2
system/optional/default.nix
View file

@ -6,7 +6,7 @@
./desktop.nix
./gaming.nix
./stylix.nix
./ollama.nix
./wireguard.nix
./sdr.nix
];
}

2
system/optional/desktop.nix
View file

@ -17,7 +17,7 @@
services.dbus.enable = true;
programs.hyprland.enable = true;
programs.hyprland.package = hyprland.packages.${pkgs.system}.hyprland;
programs.hyprland.package = hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
services.greetd = {
enable = true;

12
system/optional/nfs.nix
View file

@ -13,17 +13,7 @@
"x-systemd.automount"
"noauto"
"x-systemd.idle-timeout=600"
"_netdev"
];
};
fileSystems."/mnt/nas/torrent" = {
device = "nixserver:/torrent";
fsType = "nfs";
options = [
"nfsvers=4.2"
"x-systemd.automount"
"noauto"
"x-systemd.idle-timeout=600"
"x-systemd.device-timeout=1"
"_netdev"
];
};

20
system/optional/ollama.nix
View file

@ -1,20 +0,0 @@
{ config, lib, ... }:
{
options.ollama.enable = lib.mkEnableOption "Enable Ollama server /w GPU acceleration";
config.services.ollama = lib.mkIf config.ollama.enable {
enable = true;
host = "0.0.0.0";
acceleration = "rocm";
rocmOverrideGfx = "11.0.0";
};
config.networking.firewall = lib.mkIf config.ollama.enable { allowedTCPPorts = [ 11434 ]; };
config.environment.persistence."/persist/cache".directories = lib.mkIf config.ollama.enable [
{
directory = "/var/lib/private/ollama";
user = "nouser";
group = "nogroup";
mode = "u=rwx,g=,o=";
}
];
}

31
system/optional/wireguard.nix Normal file
View file

@ -0,0 +1,31 @@
{ lib, config, ... }:
{
options.wireguard.enable = lib.mkEnableOption "Enable wireguard";
options.wireguard.ip = lib.mkOption {
type = with lib.types; uniq string;
descriptions = "Wireguard ip";
};
config = lib.mkIf config.wireguard.enable {
sops.secrets."wireguard/private" = {
sopsFile = ../../hosts/${config.networking.hostname}/secrets/networking.yaml;
};
networking.wireguard.interfaces = {
server-wg = {
ips = [ config.wireguard.ip ];
listenPort = 51821;
privateKeyFile = config.sops.secrets."wireguard/private".path;
peers = [
{
publicKey = "kYJn39tFStvzJ6QOMy3NabNWrJREaYdxwo/GdYD0MRk=";
allowedIPs = [ "10.0.1.2/32" ];
endpoint = "95.217.79.106:51821";
persistentKeepalive = 25;
}
];
};
};
};
}

8
unfree.nix
View file

@ -2,5 +2,13 @@
allowed = [
"steam"
"steam-unwrapped"
"libcublas"
"cuda_cudart"
"cuda_cccl"
"cuda_nvcc"
"nvidia-x11"
"nvidia-settings"
"nvidia-persistenced"
];
}