Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: notebook configration

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2025-06-02 01:04:43 +02:00
parent 0df4a4c1ec
commit d4438c8585
37 changed files with 212 additions and 418 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
hosts/nb/configuration.nix
View File

@@ -21,7 +21,7 @@ in {
./utils/modules/nur.nix
./modules/appimage.nix
./modules/desktop
./modules/sway/sway.nix
./modules/development/default.nix
# ./modules/printer.nix
# ./modules/cyberghost.nix
./utils/modules/autoupgrade.nix
@@ -33,8 +33,6 @@ in {
./users
# coding
./modules/nvim/default.nix
./modules/coding.nix
# ./modules/steam.nix
./modules/fingerprint.nix
@@ -67,20 +65,6 @@ in {
creality-print
];
services.mysql = {
enable = true; # Enable the MySQL service
package = pkgs.mariadb; # Use MariaDB as the package
dataDir = "/var/lib/mysql"; # Specify the data directory
};
services.mysql.ensureUsers = [
{
name = "dominik";
ensurePermissions = {
"*.*" = "ALL PRIVILEGES";
};
}
];
programs.zsh = {
enable = true;
ohMyZsh = {
@@ -200,6 +184,7 @@ in {
};
environment.systemPackages = with pkgs; [
alsa-utils
bento
docker-compose
drone-cli
@@ -207,6 +192,7 @@ in {
nix-prefetch-git
openaudible
openmanus
unzip
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
wireguard-tools
@@ -223,7 +209,16 @@ in {
services.blueman.enable = true;
system.stateVersion = "24.05"; # Did you read the comment?
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
hardware.sane.enable = true;
security.polkit.enable = true;
systemd = {
@@ -244,13 +239,7 @@ in {
networking.wireguard.interfaces = {
wg0 = {
# Determines the IP address and subnet of the client's end of the tunnel interface.
ips = [ "10.42.98.201/32" ];
# Path to the private key file.
#
# Note: The private key can also be included inline via the privateKey option,
# but this makes the private key world-readable; thus, using privateKeyFile is
# recommended.
# publicKey: YdlRGsjh4hS3OMJI+t6SZ2eGXKbs0wZBXWudHW4NyS8=
privateKeyFile = config.sops.secrets.wg-cloonar-key.path;
@@ -264,7 +253,8 @@ in {
"10.254.235.0/24"
# epicenter.works
"10.14.0.0/16"
"10.25.0.0/16" ];
"10.25.0.0/16"
];
endpoint = "vpn.cloonar.com:51820"; # ToDo: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577
persistentKeepalive = 25;
}
@@ -283,46 +273,6 @@ in {
pinentryPackage = pkgs.pinentry-curses;
};
# networking.networkmanager.insertNameservers = [ "9.9.9.9" "149.112.112.11" "2620:fe::fe" "2620:fe::9" ];
# services.avahi.enable = false;
# networking.resolvconf.enable = lib.mkForce false;
# services.resolved = {
# enable = true;
# dnssec = "true";
# domains = [ "~." ];
# fallbackDns = [ "9.9.9.9" "149.112.112.11" "2620:fe::fe" "2620:fe::9" ];
# dnsovertls = "true";
# };
# networking.wg-quick.interfaces = {
# wg0 = {
# address = [ "10.42.98.201/32" ];
# privateKeyFile = config.sops.secrets.wg-cloonar-key.path;
#
# postUp = ''
# ${pkgs.systemd}/bin/resolvectl dns wg0 10.42.97.1
# ${pkgs.systemd}/bin/resolvectl domain wg0 cloonar.com
# ${pkgs.systemd}/bin/resolvectl dnsovertls wg0 true
# '';
#
# peers = [
# {
# publicKey = "TKQVDmBnf9av46kQxLQSBDhAeaK8r1zh8zpU64zuc1Q=";
# allowedIPs = [
# "10.42.96.0/20"
# # wohnservice-wien
# "10.254.240.0/24"
# # epicenter.works
# "10.14.0.0/16"
# "10.25.0.0/16"
# ];
# endpoint = "vpn.cloonar.com:51822";
# persistentKeepalive = 25;
# }
# ];
# };
# };
nix = {
settings.auto-optimise-store = true;
settings.experimental-features = [ "nix-command" "flakes" ];
@@ -344,5 +294,6 @@ in {
cursor-size=24
'';
system.stateVersion = "24.05"; # Did you read the comment?
}