karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use overlay

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-08-17 21:24:31 +03:00
parent 795ea28583
commit 09fbf7150c
95 changed files with 546 additions and 735 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -16,6 +16,8 @@ NixOS dotfiles and configuration for various hosts and users.
- [`gui/`](./hosts/common/configs/user/gui): GUI-related settings.
- `<name>/`: Individual host configurations.
- [`overlays/`](./overlays/): Custom patches.
- [`packages/`](./packages/): Custom packages.
- [`scripts/`](./lib/scripts): Utility scripts for managing the repository.

48
flake.lock generated
View File

@@ -185,11 +185,11 @@
]
},
"locked": {
"lastModified": 1754974548,
"narHash": "sha256-XMjUjKD/QRPcqUnmSDczSYdw46SilnG0+wkho654DFM=",
"lastModified": 1755442500,
"narHash": "sha256-RHK4H6SWzkAtW/5WBHsyugaXJX25yr5y7FAZznxcBJs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "27a26be51ff0162a8f67660239f9407dba68d7c5",
"rev": "d2ffdedfc39c591367b1ddf22b4ce107f029dcc3",
"type": "github"
},
"original": {
@@ -235,11 +235,11 @@
]
},
"locked": {
"lastModified": 1755424080,
"narHash": "sha256-twJkLmKjrtIijjo8ov+n+l1jC5DXIU4wlZ8NH756tsw=",
"lastModified": 1755449842,
"narHash": "sha256-u9V4hAryxP626EQlkwrAesyKbFssX7ovGp2wcW5y528=",
"ref": "refs/heads/main",
"rev": "00d04c73f6ab7635d05586447fc350491c25989b",
"revCount": 4,
"rev": "10930e85d60f2eba7509d1f3ab2e54e6a5c0698a",
"revCount": 5,
"type": "git",
"url": "https://git.karaolidis.com/karaolidis/nix-lib.git"
},
@@ -250,11 +250,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1754725699,
"narHash": "sha256-iAcj9T/Y+3DBy2J0N+yF9XQQQ8IEb5swLFzs23CdP88=",
"lastModified": 1755186698,
"narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "85dbfc7aaf52ecb755f87e577ddbe6dbbdbc1054",
"rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
"type": "github"
},
"original": {
@@ -289,11 +289,11 @@
]
},
"locked": {
"lastModified": 1755067854,
"narHash": "sha256-VP+2GVREkB7tg8vGBJ2yOlfwng+TEv45vZGvb4eV17E=",
"lastModified": 1755452770,
"narHash": "sha256-oc8xrqvVIoDxbfTlbkE1XQ7O88TgNZn5FOZKLiuIEmg=",
"owner": "nix-community",
"repo": "NUR",
"rev": "3352304d8f256bb67b5f9662b3493b069b3cac25",
"rev": "eab62298402c7cdfdefda647a4046befa3a84051",
"type": "github"
},
"original": {
@@ -423,11 +423,11 @@
]
},
"locked": {
"lastModified": 1755438221,
"narHash": "sha256-9rZCYTQRQc1YKcCukRYGHMZv4oxOH5cTlrc18Ntf79o=",
"lastModified": 1755453501,
"narHash": "sha256-kdcefjI7uX/B8z0A2ZQ7yH0FHKJxJP0GS5A5XdWU5M8=",
"ref": "refs/heads/main",
"rev": "5ff6864ab10b9cdf3262c97aa670dcf42374278f",
"revCount": 7,
"rev": "2c6c3f6761dde7ec19ae1a1432fd7b83a97ac911",
"revCount": 9,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-sas.git"
},
@@ -439,11 +439,11 @@
"secrets": {
"flake": false,
"locked": {
"lastModified": 1755243351,
"narHash": "sha256-Oa7ASrkHUcNHMf/rXnVokLytKEqiM4X2C7R8gBSy/AM=",
"lastModified": 1755454846,
"narHash": "sha256-tbI+AcQGvtucMKKr+VHM53ZI6upPBjD9kR5PCyF4K60=",
"ref": "refs/heads/main",
"rev": "13b3145cbabcf1d042abdab931cec9042bccc771",
"revCount": 32,
"rev": "c1a835c4f9ba9915671c79b3241f4d4863f11323",
"revCount": 33,
"type": "git",
"url": "ssh://git@karaolidis.com/karaolidis/nix-secrets.git"
},
@@ -482,11 +482,11 @@
]
},
"locked": {
"lastModified": 1754801101,
"narHash": "sha256-oxWjZ/SfhCvHFNePZcUu+LcE5j4xxuIt/yaoaSvMZk0=",
"lastModified": 1755405549,
"narHash": "sha256-0vJD6WhL1jfXbnpH6r8yr1RgzB8mGFWIWokKHaJMJ/4=",
"owner": "Gerg-L",
"repo": "spicetify-nix",
"rev": "fcbfc21572518c68317df992929b28df9a1d8468",
"rev": "df1f5d4c0633040937358755defff9f07e9c0a73",
"type": "github"
},
"original": {

22
flake.nix
View File

@@ -113,14 +113,14 @@
};
outputs =
inputs:
unpatchedInputs:
let
mkInputs =
patchInputs =
system:
let
patcher = inputs.flake-input-patcher.lib.${system};
patcher = unpatchedInputs.flake-input-patcher.lib.${system};
in
patcher.patch inputs (import ./patches.nix { inherit patcher; });
patcher.patch unpatchedInputs (import ./patches.nix { inherit patcher; });
mkNixosConfiguration =
inputs: system: modules:
@@ -129,14 +129,21 @@
specialArgs = { inherit inputs system; };
};
in
(
{
overlays.default = import ./overlays;
}
// (
let
system = "x86_64-linux";
inputs = mkInputs system;
inputs = patchInputs system;
pkgs = import inputs.nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
];
};
treefmt = inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
@@ -151,8 +158,7 @@
};
devShells.${system} = import ./hosts/common/shells { inherit pkgs; };
packages.${system} = import ./packages { inherit pkgs inputs system; };
packages.${system} = import ./packages { inherit pkgs; };
formatter.${system} = treefmt.config.build.wrapper;
checks.${system}.formatting = treefmt.config.build.check inputs.self;
}

4
hosts/common/configs/system/nixpkgs/default.nix
View File

@@ -1,7 +1,5 @@
{ inputs, system, ... }:
{ system, ... }:
{
imports = [ inputs.nur.modules.nixos.default ];
nixpkgs = {
hostPlatform = system;
config.allowUnfree = true;

8
hosts/common/configs/user/console/android/default.nix
View File

@@ -1,14 +1,6 @@
{ user, home }:
{ config, pkgs, ... }:
{
nixpkgs.overlays = [
(final: prev: {
android-tools = prev.android-tools.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./env-var-user-home.patch ];
});
})
];
programs.adb.enable = true;
services.gvfs.enable = true;

19
hosts/common/configs/user/console/ncspot/default.nix
View File

@@ -1,25 +1,6 @@
{ user, home }:
{ lib, pkgs, ... }:
{
# FIXME: https://github.com/hrkfdn/ncspot/issues/1681#issuecomment-3186274719
nixpkgs.overlays = [
(final: prev: {
ncspot = prev.ncspot.overrideAttrs (oldAttrs: rec {
src = pkgs.fetchFromGitHub {
owner = "hrkfdn";
repo = "ncspot";
rev = "aac67d631f25bbc79f509d34aa85e6daff954830";
hash = "sha256-B6BA1ksfDEySZH6gzkU5khOzwXAmeHbMHsx3sXd9lbs=";
};
cargoDeps = pkgs.rustPlatform.fetchCargoVendor {
inherit src;
hash = "sha256-HrQJiIzSvu/vR03UdnCcU6TGToBDKKDC6XscjvX3KPE=";
};
});
})
];
environment.persistence = {
"/persist/state"."${home}/.config/ncspot/userstate.cbor" = { };
"/persist/cache"."${home}/.cache/ncspot" = { };

6
hosts/common/configs/user/console/yazi/default.nix
View File

@@ -3,13 +3,10 @@
config,
lib,
pkgs,
inputs,
system,
...
}:
let
hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in
{
home-manager.users.${user} = {
@@ -187,9 +184,8 @@ in
ouch
mount
mediainfo
custom-shell
;
custom-shell = selfPkgs.yazi-plugin-custom-shell;
};
};

51
hosts/common/configs/user/gui/darktable/default.nix
View File

@@ -1,24 +1,6 @@
{ user, home }:
{ pkgs, ... }:
{
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
nixpkgs.overlays = [
(final: prev: {
darktable = prev.darktable.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./better-copy-and-import.patch ];
});
})
];
environment.persistence = {
"/persist/state" = {
"${home}/.config/darktable/data.db" = { };
@@ -28,21 +10,10 @@ in
};
home-manager.users.${user} = {
home = {
packages =
with pkgs;
with selfPkgs;
[
darktable
exiftool
darktable-ghost-cms-publish
];
sessionVariables = {
GHOST_URL = "https://photos.karaolidis.com";
GHOST_ADMIN_API_KEY_PATH = hmConfig.sops.secrets."jupiter/photos.karaolidis.com/admin".path;
};
};
home.packages = with pkgs; [
darktable
exiftool
];
xdg.configFile = {
"darktable/darktablerc".source = (pkgs.formats.keyValue { }).generate "darktablerc" {
@@ -69,19 +40,13 @@ in
"darktable/luarc".text = ''
require "tools/script_manager"
require "tools/publish"
'';
"darktable/lua/lib".source = "${selfPkgs.darktable-lua-scripts}/lib";
"darktable/lua/lib".source = "${pkgs.darktable-lua-scripts}/lib";
"darktable/lua/tools/script_manager.lua".source =
"${selfPkgs.darktable-lua-scripts}/tools/script_manager.lua";
"darktable/lua/tools/publish.lua".source =
"${selfPkgs.darktable-ghost-cms-publish}/lib/darktable-ghost-cms-publish/publish.lua";
"${pkgs.darktable-lua-scripts}/tools/script_manager.lua";
"darktable/luts".source = selfPkgs.darktable-hald-clut;
"darktable/luts".source = pkgs.darktable-hald-clut;
};
sops.secrets."jupiter/photos.karaolidis.com/admin".sopsFile =
"${inputs.secrets}/domains/personal/secrets.yaml";
};
}

8
hosts/common/configs/user/gui/hyprland/default.nix
View File

@@ -6,14 +6,6 @@
...
}:
{
nixpkgs.overlays = [
(final: prev: {
hyprland = prev.hyprland.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./fix-maxwidth-resolution-mode.patch ];
});
})
];
programs.hyprland = {
enable = true;
withUWSM = true;

6
hosts/common/configs/user/gui/mpv/default.nix
View File

@@ -1,12 +1,6 @@
{ user, home }:
{ pkgs, ... }:
{
nixpkgs.overlays = [
(final: prev: {
mpv = pkgs.mpv-unwrapped.wrapper { mpv = pkgs.mpv-unwrapped.override { cddaSupport = true; }; };
})
];
home-manager.users.${user} = {
programs.mpv = {
enable = true;

30
hosts/common/configs/user/gui/obsidian/default.nix
View File

@@ -4,11 +4,9 @@
lib,
pkgs,
inputs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
@@ -78,9 +76,9 @@ in
}
];
communityPlugins = [
communityPlugins = with pkgs; [
{
pkg = selfPkgs.obsidian-plugin-better-word-count;
pkg = obsidianPlugins.better-word-count;
settings = {
statusBar = [
{
@@ -106,7 +104,7 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-dataview;
pkg = obsidianPlugins.dataview;
settings = {
enableDataviewJs = true;
enableInlineDataviewJs = true;
@@ -116,7 +114,7 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-excalidraw;
pkg = obsidianPlugins.excalidraw;
settings = {
folder = "Inbox";
templateFilePath = "Templates";
@@ -139,7 +137,7 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-kanban;
pkg = obsidianPlugins.kanban;
settings = {
move-tags = true;
move-dates = true;
@@ -153,7 +151,7 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-languagetool;
pkg = obsidianPlugins.languagetool;
settings = {
shouldAutoCheck = true;
pickyMode = true;
@@ -162,7 +160,7 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-linter;
pkg = obsidianPlugins.linter;
settings = {
lintOnSave = true;
displayChanged = false;
@@ -302,7 +300,7 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-map-view;
pkg = obsidianPlugins.map-view;
settings = {
"markerIconRules" = [
{
@@ -388,21 +386,21 @@ in
};
}
{
pkg = selfPkgs.obsidian-plugin-minimal-settings;
pkg = obsidianPlugins.minimal-settings;
settings = {
editorFont = "var(--font-monospace)";
};
}
{
pkg = selfPkgs.obsidian-plugin-outliner;
pkg = obsidianPlugins.outliner;
settings = {
styleLists = false;
stickCursor = "never";
};
}
(selfPkgs.obsidian-plugin-style-settings)
(obsidianPlugins.style-settings)
{
pkg = selfPkgs.obsidian-plugin-tasks;
pkg = obsidianPlugins.tasks;
settings = {
globalQuery = "short mode";
globalFilter = "#todo";
@@ -548,10 +546,10 @@ in
};
};
}
(selfPkgs.obsidian-plugin-url-into-selection)
(obsidianPlugins.url-into-selection)
];
themes = [ selfPkgs.obsidian-theme-minimal ];
themes = with pkgs; [ obsidianThemes.minimal ];
hotkeys = {
"command-palette:open" = [ { key = "F1"; } ];

16
hosts/common/configs/user/gui/spicetify/default.nix
View File

@@ -10,14 +10,6 @@ let
hmConfig = config.home-manager.users.${user};
in
{
nixpkgs.overlays = [
(final: prev: {
spicetify-cli = prev.spicetify-cli.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./user-colors.patch ];
});
})
];
networking.firewall = {
allowedTCPPorts = [ 57621 ];
allowedUDPPorts = [ 5353 ];
@@ -69,9 +61,7 @@ in
"spotify/prefs.init" = {
source = ./config/prefs;
onChange = ''
${
inputs.lib.lib.${system}.runtime.merge.keyValue
} "${home}/.config/spotify/prefs.init" "${home}/.config/spotify/prefs"
${lib.runtime.merge.keyValue} "${home}/.config/spotify/prefs.init" "${home}/.config/spotify/prefs"
'';
};
@@ -79,9 +69,7 @@ in
source = ./config/prefs-user;
onChange = ''
user=$(cat "${hmConfig.sops.secrets."spotify/username".path}")
${
inputs.lib.lib.${system}.runtime.merge.keyValue
} "${home}/.config/spotify/prefs-user.init" "${home}/.config/spotify/Users/''${user}-user/prefs"
${lib.runtime.merge.keyValue} "${home}/.config/spotify/prefs-user.init" "${home}/.config/spotify/Users/''${user}-user/prefs"
'';
};
};

12
hosts/elara/configs/pki/default.nix
View File

@@ -1,15 +1,11 @@
{
config,
inputs,
system,
lib,
pkgs,
...
}:
let
selfPkgs = inputs.self.packages.${system};
in
{
security.pki.certificateFiles = lib.lists.optionals config.sas.build.private [
"${selfPkgs.sas-cacert}/etc/ssl/certs/ca-bundle.crt"
];
security.pki.certificateFiles =
with pkgs;
lib.lists.optionals config.sas.build.private [ "${sas-cacert}/etc/ssl/certs/ca-bundle.crt" ];
}

12
hosts/elara/configs/ssh/default.nix
View File

@@ -1,13 +1,10 @@
{
config,
inputs,
system,
lib,
pkgs,
...
}:
let
selfPkgs = inputs.self.packages.${system};
in
{
sops.secrets = {
"ssh/personal/key" = {
@@ -45,10 +42,7 @@ in
'';
knownHostsFiles =
with selfPkgs;
(
[ ssh-known-hosts-github ]
++ lib.lists.optionals config.sas.build.private [ ssh-known-hosts-sas-gitlab ]
);
with pkgs.sshKnownHosts;
([ github ] ++ lib.lists.optionals config.sas.build.private [ sas-gitlab ]);
};
}

12
hosts/elara/default.nix
View File

@@ -1,5 +1,12 @@
{ config, inputs, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
inputs.sas.overlays.default
];
imports = [
./options.nix
@@ -7,6 +14,8 @@
./format.nix
./hardware
inputs.sas.nixosModules.default
../common/configs/system
../common/configs/system/bluetooth
@@ -47,11 +56,10 @@
../common/configs/system/users
../common/configs/system/zsh
./configs/globalprotect
./configs/pki
./configs/ssh
"${inputs.sas}/hosts/elara/configs/globalprotect"
./users/nikara
];

8
hosts/elara/users/nikara/configs/console/artifactory/default.nix
View File

@@ -1,8 +0,0 @@
{ user, home }:
{ inputs, ... }:
{
home-manager.users.${user}.sops.secrets = {
"artifactory/cdp/user".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"artifactory/cdp/password".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
}

9
hosts/elara/users/nikara/configs/console/c/default.nix
View File

@@ -1,9 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.home.packages = with pkgs; [
gcc
cmake
gnumake
];
}

26
hosts/elara/users/nikara/configs/console/go/default.nix
View File

@@ -1,26 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
environment.persistence."/persist/cache"."${home}/.local/share/go" = { };
home-manager.users.${user} = {
programs.go = {
enable = true;
goPath = ".local/share/go";
};
home = {
packages = with pkgs; [
gopls
go-tools
golangci-lint
golangci-lint-langserver
];
sessionVariables = {
GOPROXY = "goproxy.unx.sas.com";
GONOSUMDB = "*.sas.com,sassoftware.io";
};
};
};
}

23
hosts/elara/users/nikara/configs/console/gradle/default.nix
View File

@@ -1,23 +0,0 @@
{ user, home }:
{ config, pkgs, ... }:
let
hmConfig = config.home-manager.users.${user};
in
{
environment.persistence."/persist/cache"."${home}/.local/share/gradle" = { };
home-manager.users.${user} = {
programs.gradle = {
enable = true;
home = ".local/share/gradle";
};
sops.templates."gradle.properties" = {
content = ''
cdpUser=${hmConfig.sops.placeholder."artifactory/cdp/user"}
cdpPassword=${hmConfig.sops.placeholder."artifactory/cdp/password"}
'';
path = "${home}/.local/share/gradle/gradle.properties";
};
};
}

8
hosts/elara/users/nikara/configs/console/java/default.nix
View File

@@ -1,8 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
home-manager.users.${user}.programs.java = {
enable = true;
package = pkgs.jdk17;
};
}

17
hosts/elara/users/nikara/configs/console/kubernetes/default.nix
View File

@@ -1,17 +0,0 @@
{ user, home }:
{ pkgs, ... }:
{
nixpkgs.overlays = [
(final: prev: {
telepresence = prev.telepresence.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./extend-timeout.patch ];
});
})
];
home-manager.users.${user}.home.packages = with pkgs; [
telepresence
kubeval
calicoctl
];
}

84
hosts/elara/users/nikara/configs/console/sas/default.nix
View File

@@ -1,12 +1,82 @@
{ user, home }:
{ inputs, system, ... }:
{
config,
inputs,
pkgs,
lib,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user}.home.packages = with selfPkgs; [
sagew
sonder
klog
];
environment.persistence."/persist/cache" = {
"${home}/.local/share/go" = { };
"${home}/.local/share/gradle" = { };
};
home-manager.users.${user} = {
sops = {
secrets = {
"artifactory/cdp/user".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"artifactory/cdp/password".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"viya/orders-api/key".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"viya/orders-api/secret".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
templates."gradle.properties" = {
content = ''
cdpUser=${hmConfig.sops.placeholder."artifactory/cdp/user"}
cdpPassword=${hmConfig.sops.placeholder."artifactory/cdp/password"}
'';
path = "${home}/.local/share/gradle/gradle.properties";
};
};
programs = {
go = {
enable = true;
goPath = ".local/share/go";
};
gradle = {
enable = true;
home = ".local/share/gradle";
};
java = {
enable = true;
package = pkgs.jdk17;
};
};
home = {
packages =
with pkgs;
[
gopls
go-tools
golangci-lint
golangci-lint-langserver
]
++ lib.lists.optionals config.sas.build.private [
viya4-orders-cli
sagew
sonder
klog
];
sessionVariables = {
GOPROXY = "goproxy.unx.sas.com";
GONOSUMDB = "*.sas.com,sassoftware.io";
};
};
xdg.configFile."viya4-orders-cli/config.yaml" = lib.mkIf config.sas.build.private {
source = (pkgs.formats.yaml { }).generate "config.yaml" {
clientCredentialsIdFile = hmConfig.sops.secrets."viya/orders-api/key".path;
clientCredentialsSecretFile = hmConfig.sops.secrets."viya/orders-api/secret".path;
};
};
};
}

31
hosts/elara/users/nikara/configs/console/ssh/default.nix
View File

@@ -2,13 +2,12 @@
{
config,
inputs,
system,
pkgs,
lib,
...
}:
let
hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in
{
home-manager.users.${user} = {
@@ -143,18 +142,22 @@ in
};
};
userKnownHostsFiles =
with selfPkgs;
[
ssh-known-hosts-github
ssh-known-hosts-gitlab
]
++ lib.lists.optionals config.sas.build.private [
ssh-known-hosts-sas-cldlgn
ssh-known-hosts-sas-gitlab
ssh-known-hosts-sas-gerrit
ssh-known-hosts-sas-artifact
];
userKnownHostsFile = builtins.concatStringsSep " " (
with pkgs.sshKnownHosts;
(
[
"${home}/.ssh/known_hosts"
github
gitlab
]
++ lib.lists.optionals config.sas.build.private [
sas-cldlgn
sas-gitlab
sas-gerrit
sas-artifact
]
)
);
};
git.extraConfig.url = {

29
hosts/elara/users/nikara/configs/console/viya4-orders-cli/default.nix
View File

@@ -1,29 +0,0 @@
{ user, home }:
{
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
in
{
home-manager.users.${user} = {
sops.secrets = {
"viya/orders-api/key".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
"viya/orders-api/secret".sopsFile = "${inputs.secrets}/domains/sas/secrets.yaml";
};
home.packages = [ selfPkgs.viya4-orders-cli ];
xdg.configFile."viya4-orders-cli/config.yaml".source =
(pkgs.formats.yaml { }).generate "config.yaml"
{
clientCredentialsIdFile = hmConfig.sops.secrets."viya/orders-api/key".path;
clientCredentialsSecretFile = hmConfig.sops.secrets."viya/orders-api/secret".path;
};
};
}

7
hosts/elara/users/nikara/default.nix
View File

@@ -85,17 +85,10 @@ in
(import ../../../common/configs/user/gui/x11 { inherit user home; })
(import ../../../common/configs/user/gui/xdg { inherit user home; })
(import ./configs/console/artifactory { inherit user home; })
(import ./configs/console/c { inherit user home; })
(import ./configs/console/go { inherit user home; })
(import ./configs/console/gpg { inherit user home; })
(import ./configs/console/gradle { inherit user home; })
(import ./configs/console/java { inherit user home; })
(import ./configs/console/kubernetes { inherit user home; })
(import ./configs/console/podman { inherit user home; })
(import ./configs/console/sas { inherit user home; })
(import ./configs/console/ssh { inherit user home; })
(import ./configs/console/viya4-orders-cli { inherit user home; })
(import ./configs/gui/obsidian { inherit user home; })
(import ./configs/gui/vscode { inherit user home; })

6
hosts/himalia/default.nix
View File

@@ -1,5 +1,11 @@
{ inputs, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
];
imports = [
inputs.disko.nixosModules.disko
./format.nix

15
hosts/himalia/users/nick/configs/console/ssh/default.nix
View File

@@ -2,12 +2,11 @@
{
config,
inputs,
system,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in
{
home-manager.users.${user} = {
@@ -62,10 +61,14 @@ in
};
};
userKnownHostsFiles = with selfPkgs; [
ssh-known-hosts-github
ssh-known-hosts-gitlab
];
userKnownHostsFile = builtins.concatStringsSep " " (
with pkgs.sshKnownHosts;
[
"${home}/.ssh/known_hosts"
github
gitlab
]
);
};
clipbook.bookmarks."SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/pass".path;

6
hosts/installer/default.nix
View File

@@ -1,5 +1,11 @@
{ config, inputs, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
];
imports = [
inputs.disko.nixosModules.disko
./format.nix

15
hosts/installer/users/nick/configs/console/ssh/default.nix
View File

@@ -2,12 +2,11 @@
{
config,
inputs,
system,
pkgs,
...
}:
let
hmConfig = config.home-manager.users.${user};
selfPkgs = inputs.self.packages.${system};
in
{
home-manager.users.${user} = {
@@ -61,10 +60,14 @@ in
};
};
userKnownHostsFiles = with selfPkgs; [
ssh-known-hosts-github
ssh-known-hosts-gitlab
];
userKnownHostsFile = builtins.concatStringsSep " " (
with pkgs.sshKnownHosts;
[
"${home}/.ssh/known_hosts"
github
gitlab
]
);
};
};
}

9
hosts/jupiter-vps/configs/podman/prometheus/default.nix
View File

@@ -1,7 +1,4 @@
{ inputs, system, ... }:
let
selfPkgs = inputs.self.packages.${system};
in
{ pkgs, ... }:
{
boot.kernelParams = [ "psi=1" ];
@@ -12,7 +9,7 @@ in
virtualisation.quadlet.containers = {
prometheus-node-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-node-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-node-exporter}";
# Allow collecting host metrics, port :9100 by default
networks = [ "host" ];
podmanArgs = [
@@ -49,7 +46,7 @@ in
};
prometheus-podman-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-podman-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-podman-exporter}";
publishPorts = [ "9882:9882/tcp" ];
volumes = [ "/run/podman/podman.sock:/run/podman/podman.sock:ro" ];
exec = [ "--collector.enable-all" ];

6
hosts/jupiter-vps/default.nix
View File

@@ -1,5 +1,11 @@
{ inputs, lib, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
];
imports = [
inputs.disko.nixosModules.disko
./format.nix

4
hosts/jupiter/configs/tv/default.nix
View File

@@ -2,11 +2,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
inherit (config.virtualisation.quadlet) volumes;
inboundInterface = "wlo1";
inboundGateway = "192.168.1.1";
@@ -92,7 +90,7 @@ in
containers.tv-adguard = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-adguardhome}";
image = "docker-archive:${pkgs.dockerImages.adguardhome}";
volumes =
let
config = (pkgs.formats.yaml { }).generate "config.yaml.default" {

6
hosts/jupiter/default.nix
View File

@@ -1,5 +1,11 @@
{ inputs, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
];
imports = [
inputs.disko.nixosModules.disko
./format.nix

4
hosts/jupiter/hardware/default.nix
View File

@@ -6,10 +6,10 @@
...
}:
{
imports = [ ./display.nix ];
nixpkgs.overlays = [ inputs.nvidia-patch.overlays.default ];
imports = [ ./display.nix ];
hardware = {
enableAllFirmware = true;

9
hosts/jupiter/users/storm/configs/console/podman/authelia/default.nix
View File

@@ -3,12 +3,9 @@
config,
inputs,
pkgs,
system,
lib,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes containers networks;
in
@@ -158,7 +155,7 @@ in
containers = {
authelia = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-authelia}";
image = "docker-archive:${pkgs.dockerImages.authelia}";
volumes = [
"${volumes.authelia.ref}:/etc/authelia"
"${hmConfig.sops.templates.authelia-users.path}:/etc/authelia/users.yaml.default:ro"
@@ -194,7 +191,7 @@ in
authelia-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.authelia.ref ];
volumes = [ "${volumes.authelia-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {
@@ -208,7 +205,7 @@ in
};
authelia-redis.containerConfig = {
image = "docker-archive:${selfPkgs.docker-redis}";
image = "docker-archive:${pkgs.dockerImages.redis}";
networks = [ networks.authelia.ref ];
volumes = [ "${volumes.authelia-redis.ref}:/var/lib/redis" ];
exec = [ "--save 60 1" ];

8
hosts/jupiter/users/storm/configs/console/podman/gitea/default.nix
View File

@@ -4,11 +4,9 @@
inputs,
lib,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
podman = lib.meta.getExe pkgs.podman;
podmanAsUser = "${config.security.wrapperDir}/git-sudo -u ${user} ${podman}";
@@ -218,7 +216,7 @@ in
containers = {
gitea = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-gitea}";
image = "docker-archive:${pkgs.dockerImages.gitea}";
networks = [
networks.gitea.ref
networks.traefik.ref
@@ -259,7 +257,7 @@ in
gitea-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.gitea.ref ];
volumes = [ "${volumes.gitea-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {
@@ -274,7 +272,7 @@ in
gitea-act-runner = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-gitea-act-runner}";
image = "docker-archive:${pkgs.dockerImages.gitea-act-runner}";
networks = [ networks.gitea.ref ];
volumes =
let

6
hosts/jupiter/users/storm/configs/console/podman/grafana/default.nix
View File

@@ -3,12 +3,10 @@
config,
inputs,
pkgs,
system,
lib,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) networks;
autheliaClientId = "4R5ofTZgOjO5Nrbcm9f6KqBLZXy8LwPS5s3E3BUfPS2mRy0wSV41XZGLrLgiR4Z0MblyGzW211AHL7GCCaJu5KonLUKyRjoyuiAr";
@@ -124,7 +122,7 @@ in
containers = {
grafana = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-grafana}";
image = "docker-archive:${pkgs.dockerImages.grafana}";
networks = [
networks.grafana.ref
networks.traefik.ref
@@ -140,7 +138,7 @@ in
};
grafana-image-renderer.containerConfig = {
image = "docker-archive:${selfPkgs.docker-grafana-image-renderer}";
image = "docker-archive:${pkgs.dockerImages.grafana-image-renderer}";
networks = [ networks.grafana.ref ];
};

6
hosts/jupiter/users/storm/configs/console/podman/littlelink/default.nix
View File

@@ -1,19 +1,17 @@
{ user, home }:
{
config,
inputs,
lib,
system,
pkgs,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) networks;
in
{
home-manager.users.${user}.virtualisation.quadlet.containers.littlelink.containerConfig = {
image = "docker-archive:${selfPkgs.docker-littlelink-server}";
image = "docker-archive:${pkgs.dockerImages.littlelink-server}";
networks = [ networks.traefik.ref ];
environments = {
NAME = "Nikolaos Karaolidis";

10
hosts/jupiter/users/storm/configs/console/podman/lore/default.nix
View File

@@ -1,18 +1,12 @@
{ user, home }:
{
config,
inputs,
system,
...
}:
{ config, pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) networks;
in
{
home-manager.users.${user}.virtualisation.quadlet.containers.lore.containerConfig = {
image = "docker-archive:${selfPkgs.docker-nginx}";
image = "docker-archive:${pkgs.dockerImages.nginx}";
networks = [ networks.traefik.ref ];
volumes = [ "${./index.html}:/var/www/nginx/index.html:ro" ];
labels = [

4
hosts/jupiter/users/storm/configs/console/podman/media/jellyfin/default.nix
View File

@@ -3,11 +3,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes networks;
@@ -83,7 +81,7 @@ in
containers = {
jellyfin = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-jellyfin}";
image = "docker-archive:${pkgs.dockerImages.jellyfin}";
networks = [
networks.jellyfin.ref
networks.traefik.ref

4
hosts/jupiter/users/storm/configs/console/podman/media/jellyseerr/default.nix
View File

@@ -9,11 +9,9 @@
inputs,
pkgs,
lib,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
@@ -149,7 +147,7 @@ in
containers = {
jellyseerr = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-jellyseerr}";
image = "docker-archive:${pkgs.dockerImages.jellyseerr}";
networks = [
networks.jellyfin.ref
networks.media.ref

6
hosts/jupiter/users/storm/configs/console/podman/media/prowlarr/default.nix
View File

@@ -8,11 +8,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
arrs = radarrs ++ sonarrs;
@@ -44,13 +42,13 @@ in
containers = {
flaresolverr.containerConfig = {
image = "docker-archive:${selfPkgs.docker-flaresolverr}";
image = "docker-archive:${pkgs.dockerImages.flaresolverr}";
networks = [ networks.flaresolverr.ref ];
};
prowlarr = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-prowlarr}";
image = "docker-archive:${pkgs.dockerImages.prowlarr}";
networks = [
networks.media.ref
networks.transmission.ref

4
hosts/jupiter/users/storm/configs/console/podman/media/radarr/default.nix
View File

@@ -7,11 +7,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
in
@@ -55,7 +53,7 @@ in
name = radarr.hostName;
value = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-radarr}";
image = "docker-archive:${pkgs.dockerImages.radarr}";
networks = [
networks.media.ref
networks.transmission.ref

4
hosts/jupiter/users/storm/configs/console/podman/media/recyclarr/default.nix
View File

@@ -8,11 +8,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers networks;
arrs = radarrs ++ sonarrs;
@@ -32,7 +30,7 @@ in
# FIXME: https://recyclarr.dev/wiki/behavior/quality-profiles/#language
recyclarr = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-recyclarr}";
image = "docker-archive:${pkgs.dockerImages.recyclarr}";
networks = [ networks.media.ref ];
volumes = builtins.map (
arr:

4
hosts/jupiter/users/storm/configs/console/podman/media/sonarr/default.nix
View File

@@ -7,11 +7,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
in
@@ -55,7 +53,7 @@ in
name = sonarr.hostName;
value = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-sonarr}";
image = "docker-archive:${pkgs.dockerImages.sonarr}";
networks = [
networks.media.ref
networks.transmission.ref

4
hosts/jupiter/users/storm/configs/console/podman/media/transmission/default.nix
View File

@@ -3,11 +3,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes networks;
in
@@ -26,7 +24,7 @@ in
containers.transmission = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-transmission-protonvpn}";
image = "docker-archive:${pkgs.dockerImages.transmission-protonvpn}";
networks = [
networks.transmission.ref
networks.traefik.ref

6
hosts/jupiter/users/storm/configs/console/podman/nextcloud/default.nix
View File

@@ -3,11 +3,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
autheliaClientId = "7DXUBtkdLUUkmyV8oSXidP0XiU6W7usLvYRJ9TrbHy7IflFwWPmHVmU26oLahrj8bVURiexGfAr3bIey6vnlvirnYQ8HMo55NnqH";
@@ -164,7 +162,7 @@ in
containers = {
nextcloud = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-nextcloud}";
image = "docker-archive:${pkgs.dockerImages.nextcloud}";
networks = [
networks.nextcloud.ref
networks.traefik.ref
@@ -208,7 +206,7 @@ in
nextcloud-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.nextcloud.ref ];
volumes = [ "${volumes.nextcloud-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {

4
hosts/jupiter/users/storm/configs/console/podman/ntfy/default.nix
View File

@@ -3,11 +3,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes networks;
in
@@ -85,7 +83,7 @@ in
containers = {
ntfy = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-ntfy}";
image = "docker-archive:${pkgs.dockerImages.ntfy}";
networks = [
networks.ntfy.ref
networks.traefik.ref

8
hosts/jupiter/users/storm/configs/console/podman/outline/default.nix
View File

@@ -3,11 +3,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
autheliaClientId = "3U5O3TkoIFb3bz3MMqscGEDx2wkT2G48iLLJalqSKA40zCweSBfgORGNMjDEidz4qiQ93qIoW2UlgTyLfzAwbklTvwHJPcarmXaq";
@@ -90,7 +88,7 @@ in
containers = {
outline = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-outline}";
image = "docker-archive:${pkgs.dockerImages.outline}";
networks = [
networks.outline.ref
networks.traefik.ref
@@ -143,7 +141,7 @@ in
outline-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.outline.ref ];
volumes = [ "${volumes.outline-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {
@@ -157,7 +155,7 @@ in
};
outline-redis.containerConfig = {
image = "docker-archive:${selfPkgs.docker-redis}";
image = "docker-archive:${pkgs.dockerImages.redis}";
networks = [ networks.outline.ref ];
volumes = [ "${volumes.outline-redis.ref}:/var/lib/redis" ];
exec = [ "--save 60 1" ];

14
hosts/jupiter/users/storm/configs/console/podman/prometheus/default.nix
View File

@@ -3,12 +3,10 @@
config,
inputs,
pkgs,
system,
lib,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
jupiterVpsConfig = inputs.self.nixosConfigurations.jupiter-vps.config;
in
@@ -19,7 +17,7 @@ in
# The below containers all need to run as root to collect host metrics.
virtualisation.quadlet.containers = {
prometheus-node-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-node-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-node-exporter}";
# Allow collecting host metrics, port :9100 by default
networks = [ "host" ];
podmanArgs = [
@@ -56,14 +54,14 @@ in
};
prometheus-podman-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-podman-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-podman-exporter}";
publishPorts = [ "9882:9882/tcp" ];
volumes = [ "/run/podman/podman.sock:/run/podman/podman.sock:ro" ];
exec = [ "--collector.enable-all" ];
};
prometheus-smartctl-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-smartctl-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-smartctl-exporter}";
publishPorts = [ "9633:9633/tcp" ];
podmanArgs = [ "--privileged" ];
};
@@ -84,7 +82,7 @@ in
containers = {
prometheus-node-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-node-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-node-exporter}";
networks = [ networks.prometheus.ref ];
volumes =
let
@@ -100,7 +98,7 @@ in
};
prometheus-podman-exporter.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus-podman-exporter}";
image = "docker-archive:${pkgs.dockerImages.prometheus-podman-exporter}";
networks = [ networks.prometheus.ref ];
volumes =
let
@@ -111,7 +109,7 @@ in
};
prometheus.containerConfig = {
image = "docker-archive:${selfPkgs.docker-prometheus}";
image = "docker-archive:${pkgs.dockerImages.prometheus}";
volumes =
let
prometheusConfig = (pkgs.formats.yaml { }).generate "prometheus.yaml" {

8
hosts/jupiter/users/storm/configs/console/podman/shlink/default.nix
View File

@@ -3,11 +3,9 @@
config,
inputs,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) containers volumes networks;
in
@@ -48,7 +46,7 @@ in
containers = {
shlink = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-shlink}";
image = "docker-archive:${pkgs.dockerImages.shlink}";
networks = [
networks.shlink.ref
networks.traefik.ref
@@ -97,7 +95,7 @@ in
shlink-web-client = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-shlink-web-client}";
image = "docker-archive:${pkgs.dockerImages.shlink-web-client}";
networks = [
networks.shlink.ref
networks.traefik.ref
@@ -118,7 +116,7 @@ in
shlink-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.shlink.ref ];
volumes = [ "${volumes.shlink-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {

4
hosts/jupiter/users/storm/configs/console/podman/sish/default.nix
View File

@@ -4,11 +4,9 @@
inputs,
lib,
pkgs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) networks;
in
@@ -23,7 +21,7 @@ in
containers.sish = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-sish}";
image = "docker-archive:${pkgs.dockerImages.sish}";
networks = [
networks.sish.ref
networks.traefik.ref

4
hosts/jupiter/users/storm/configs/console/podman/traefik/default.nix
View File

@@ -2,12 +2,10 @@
{
config,
inputs,
system,
pkgs,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) networks volumes containers;
in
@@ -42,7 +40,7 @@ in
containers = {
traefik = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-traefik}";
image = "docker-archive:${pkgs.dockerImages.traefik}";
networks = [
networks.traefik-ext.ref
networks.traefik.ref

7
hosts/jupiter/users/storm/configs/console/podman/vaultwarden/default.nix
View File

@@ -3,12 +3,9 @@
config,
inputs,
pkgs,
system,
lib,
...
}:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) volumes containers networks;
autheliaClientId = "G9g4cRccYM1tpTO8rLqziThUlZFT4BwlvittHRSbZOJK3rfkpFKUQylI7SI40KmZDzavPrQhEWXWGspS3hxrwH9PesDw5A1EECEZ";
@@ -86,7 +83,7 @@ in
containers = {
vaultwarden = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-oidcwarden}";
image = "docker-archive:${pkgs.dockerImages.oidcwarden}";
volumes = [ "${volumes.vaultwarden.ref}:/var/lib/vaultwarden" ];
networks = [
networks.vaultwarden.ref
@@ -129,7 +126,7 @@ in
vaultwarden-postgresql = {
containerConfig = {
image = "docker-archive:${selfPkgs.docker-postgresql}";
image = "docker-archive:${pkgs.dockerImages.postgresql}";
networks = [ networks.vaultwarden.ref ];
volumes = [ "${volumes.vaultwarden-postgresql.ref}:/var/lib/postgresql/data" ];
environments = {

10
hosts/jupiter/users/storm/configs/console/podman/whoami/default.nix
View File

@@ -1,12 +1,6 @@
{ user, home }:
{
config,
inputs,
system,
...
}:
{ config, pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
hmConfig = config.home-manager.users.${user};
inherit (hmConfig.virtualisation.quadlet) networks;
in
@@ -15,7 +9,7 @@ in
networks.whoami = { };
containers.whoami.containerConfig = {
image = "docker-archive:${selfPkgs.docker-whoami}";
image = "docker-archive:${pkgs.dockerImages.whoami}";
networks = [
networks.whoami.ref
networks.traefik.ref

4
overlays/android-tools/default.nix Normal file
View File

@@ -0,0 +1,4 @@
final: prev:
prev.android-tools.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./env-var-user-home.patch ];
})

0
hosts/common/configs/user/console/android/env-var-user-home.patch → overlays/android-tools/env-var-user-home.patch
View File

0
hosts/common/configs/user/gui/darktable/better-copy-and-import.patch → overlays/darktable/better-copy-and-import.patch
View File

4
overlays/darktable/default.nix Normal file
View File

@@ -0,0 +1,4 @@
final: prev:
prev.darktable.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./better-copy-and-import.patch ];
})

92
overlays/default.nix Normal file
View File

@@ -0,0 +1,92 @@
final: prev:
{
android-tools = import ./android-tools final prev;
darktable = import ./darktable final prev;
hyprland = import ./hyprland final prev;
mpv = import ./mpv final prev;
ncspot = import ./ncspot final prev;
spicetify-cli = import ./spicetify-cli final prev;
telepresence = import ./telepresence final prev;
}
// (import ../packages { pkgs = final; })
// {
dockerImages = prev.dockerImages or { } // {
adguardhome = final.docker-image-adguardhome;
authelia = final.docker-image-authelia;
base = final.docker-image-base;
comentario = final.docker-image-comentario;
flaresolverr = final.docker-image-flaresolverr;
gitea = final.docker-image-gitea;
gitea-act-runner = final.docker-image-gitea-act-runner;
grafana = final.docker-image-grafana;
grafana-image-renderer = final.docker-image-grafana-image-renderer;
jellyfin = final.docker-image-jellyfin;
jellyseerr = final.docker-image-jellyseerr;
littlelink-server = final.docker-image-littlelink-server;
mariadb = final.docker-image-mariadb;
mysql = final.docker-image-mysql;
nextcloud = final.docker-image-nextcloud;
nginx = final.docker-image-nginx;
nginx-receiver = final.docker-image-nginx-receiver;
ntfy = final.docker-image-ntfy;
oidcwarden = final.docker-image-oidcwarden;
outline = final.docker-image-outline;
postgresql = final.docker-image-postgresql;
prometheus = final.docker-image-prometheus;
prometheus-fail2ban-exporter = final.docker-image-prometheus-fail2ban-exporter;
prometheus-node-exporter = final.docker-image-prometheus-node-exporter;
prometheus-podman-exporter = final.docker-image-prometheus-podman-exporter;
prometheus-smartctl-exporter = final.docker-image-prometheus-smartctl-exporter;
prowlarr = final.docker-image-prowlarr;
radarr = final.docker-image-radarr;
recyclarr = final.docker-image-recyclarr;
redis = final.docker-image-redis;
shlink = final.docker-image-shlink;
shlink-web-client = final.docker-image-shlink-web-client;
sish = final.docker-image-sish;
sonarr = final.docker-image-sonarr;
traefik = final.docker-image-traefik;
transmission-protonvpn = final.docker-image-transmission-protonvpn;
whoami = final.docker-image-whoami;
};
jellyfinPlugins = prev.jellyfinPlugins or { } // {
bookshelf = final.jellyfin-plugin-bookshelf-bin;
intro-skipper = final.jellyfin-plugin-intro-skipper-bin;
opensubtitles = final.jellyfin-plugin-opensubtitles-bin;
playbackreporting = final.jellyfin-plugin-playbackreporting-bin;
reports = final.jellyfin-plugin-reports-bin;
sso = final.jellyfin-plugin-sso-bin;
subtitleextract = final.jellyfin-plugin-subtitleextract-bin;
tmdbboxsets = final.jellyfin-plugin-tmdbboxsets-bin;
tvdb = final.jellyfin-plugin-tvdb-bin;
};
obsidianPlugins = prev.obsidianPlugins or { } // {
better-word-count = final.obsidian-plugin-better-word-count;
dataview = final.obsidian-plugin-dataview;
excalidraw = final.obsidian-plugin-excalidraw;
kanban = final.obsidian-plugin-kanban;
languagetool = final.obsidian-plugin-languagetool;
linter = final.obsidian-plugin-linter;
map-view = final.obsidian-plugin-map-view;
minimal-settings = final.obsidian-plugin-minimal-settings;
outliner = final.obsidian-plugin-outliner;
style-settings = final.obsidian-plugin-style-settings;
tasks = final.obsidian-plugin-tasks;
url-into-selection = final.obsidian-plugin-url-into-selection;
};
obsidianThemes = prev.obsidianThemes or { } // {
minimal = final.obsidian-theme-minimal;
};
sshKnownHosts = prev.sshKnownHosts or { } // {
github = final.ssh-known-hosts-github;
gitlab = final.ssh-known-hosts-gitlab;
};
yaziPlugins = prev.yaziPlugins or { } // {
custom-shell = final.yazi-plugin-custom-shell;
};
}

4
overlays/hyprland/default.nix Normal file
View File

@@ -0,0 +1,4 @@
final: prev:
prev.hyprland.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./fix-maxwidth-resolution-mode.patch ];
})

0
hosts/common/configs/user/gui/hyprland/fix-maxwidth-resolution-mode.patch → overlays/hyprland/fix-maxwidth-resolution-mode.patch
View File

2
overlays/mpv/default.nix Normal file
View File

@@ -0,0 +1,2 @@
final: prev:
prev.mpv-unwrapped.wrapper { mpv = prev.mpv-unwrapped.override { cddaSupport = true; }; }

15
overlays/ncspot/default.nix Normal file
View File

@@ -0,0 +1,15 @@
final: prev:
# FIXME: https://github.com/hrkfdn/ncspot/issues/1681#issuecomment-3186274719
prev.ncspot.overrideAttrs (oldAttrs: rec {
src = prev.fetchFromGitHub {
owner = "hrkfdn";
repo = "ncspot";
rev = "aac67d631f25bbc79f509d34aa85e6daff954830";
hash = "sha256-B6BA1ksfDEySZH6gzkU5khOzwXAmeHbMHsx3sXd9lbs=";
};
cargoDeps = prev.rustPlatform.fetchCargoVendor {
inherit src;
hash = "sha256-HrQJiIzSvu/vR03UdnCcU6TGToBDKKDC6XscjvX3KPE=";
};
})

4
overlays/spicetify-cli/default.nix Normal file
View File

@@ -0,0 +1,4 @@
final: prev:
prev.spicetify-cli.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./user-colors.patch ];
})

0
hosts/common/configs/user/gui/spicetify/user-colors.patch → overlays/spicetify-cli/user-colors.patch
View File

4
overlays/telepresence/default.nix Normal file
View File

@@ -0,0 +1,4 @@
final: prev:
prev.telepresence.overrideAttrs (oldAttrs: {
patches = oldAttrs.patches or [ ] ++ [ ./extend-timeout.patch ];
})

0
hosts/elara/users/nikara/configs/console/kubernetes/extend-timeout.patch → overlays/telepresence/extend-timeout.patch
View File

28
packages/darktable/ghost-cms-publish/default.nix
View File

@@ -1,28 +0,0 @@
{ pkgs, ... }:
# AUTO-UPDATE: nix-update --flake --version=branch=main darktable-ghost-cms-publish
pkgs.buildNpmPackage (finalAttrs: {
pname = "darktable-ghost-cms-publish";
version = "0-unstable-2025-02-23";
src = pkgs.fetchFromGitea {
domain = "git.karaolidis.com";
owner = "karaolidis";
repo = finalAttrs.pname;
rev = "26780273b2a093c6e6a3140d0220d252f0bc709e";
hash = "sha256-5aoGkqxMyvyK8EDsSE6kZa+dpExxVH2GRx2n87VusKE=";
};
nativeBuildInputs = with pkgs; [ makeWrapper ];
npmDepsHash = "sha256-K/x9ZEMNO8D+SkvVPfqVJtZaDXY5gDApRRocg/POY68=";
dontNpmBuild = true;
# FIXME: https://github.com/NixOS/nixpkgs/issues/255890
installPhase = ''
mkdir -p $out/bin $out/lib/${finalAttrs.pname}
cp -r publish.lua src $out/lib/${finalAttrs.pname}/
makeWrapper ${pkgs.bun}/bin/bun $out/bin/${finalAttrs.pname} \
--add-flag "$out/lib/${finalAttrs.pname}/src/index.ts"
'';
})

162
packages/default.nix
View File

@@ -1,95 +1,93 @@
{ pkgs, ... }:
{
pkgs,
inputs,
system,
...
}:
let
callPackage = pkgs.lib.callPackageWith { inherit pkgs inputs system; };
in
{
comentario = callPackage ./comentario { };
comentario = import ./comentario { inherit pkgs; };
darktable-ghost-cms-publish = callPackage ./darktable/ghost-cms-publish { };
darktable-hald-clut = callPackage ./darktable/hald-clut { };
darktable-lua-scripts = callPackage ./darktable/lua-scripts { };
darktable-hald-clut = import ./darktable/hald-clut { inherit pkgs; };
darktable-lua-scripts = import ./darktable/lua-scripts { inherit pkgs; };
docker-adguardhome = callPackage ./docker/adguardhome { };
docker-authelia = callPackage ./docker/authelia { };
docker-base = callPackage ./docker/base { };
docker-comentario = callPackage ./docker/comentario { };
docker-flaresolverr = callPackage ./docker/flaresolverr { };
docker-gitea = callPackage ./docker/gitea { };
docker-gitea-act-runner = callPackage ./docker/gitea-act-runner { };
docker-grafana = callPackage ./docker/grafana { };
docker-grafana-image-renderer = callPackage ./docker/grafana-image-renderer { };
docker-jellyfin = callPackage ./docker/jellyfin { };
docker-jellyseerr = callPackage ./docker/jellyseerr { };
docker-littlelink-server = callPackage ./docker/littlelink-server { };
docker-mariadb = callPackage ./docker/mariadb { };
docker-mysql = callPackage ./docker/mysql { };
docker-nextcloud = callPackage ./docker/nextcloud { };
docker-nginx = callPackage ./docker/nginx { };
docker-nginx-receiver = callPackage ./docker/nginx-receiver { };
docker-ntfy = callPackage ./docker/ntfy { };
docker-oidcwarden = callPackage ./docker/oidcwarden { };
docker-outline = callPackage ./docker/outline { };
docker-postgresql = callPackage ./docker/postgresql { };
docker-prometheus = callPackage ./docker/prometheus { };
docker-prometheus-fail2ban-exporter = callPackage ./docker/prometheus-fail2ban-exporter { };
docker-prometheus-node-exporter = callPackage ./docker/prometheus-node-exporter { };
docker-prometheus-podman-exporter = callPackage ./docker/prometheus-podman-exporter { };
docker-prometheus-smartctl-exporter = callPackage ./docker/prometheus-smartctl-exporter { };
docker-prowlarr = callPackage ./docker/prowlarr { };
docker-radarr = callPackage ./docker/radarr { };
docker-recyclarr = callPackage ./docker/recyclarr { };
docker-redis = callPackage ./docker/redis { };
docker-shlink = callPackage ./docker/shlink { };
docker-shlink-web-client = callPackage ./docker/shlink-web-client { };
docker-sish = callPackage ./docker/sish { };
docker-sonarr = callPackage ./docker/sonarr { };
docker-traefik = callPackage ./docker/traefik { };
docker-transmission-protonvpn = callPackage ./docker/transmission-protonvpn { };
docker-whoami = callPackage ./docker/whoami { };
docker-image-adguardhome = import ./docker/adguardhome { inherit pkgs; };
docker-image-authelia = import ./docker/authelia { inherit pkgs; };
docker-image-base = import ./docker/base { inherit pkgs; };
docker-image-comentario = import ./docker/comentario { inherit pkgs; };
docker-image-flaresolverr = import ./docker/flaresolverr { inherit pkgs; };
docker-image-gitea = import ./docker/gitea { inherit pkgs; };
docker-image-gitea-act-runner = import ./docker/gitea-act-runner { inherit pkgs; };
docker-image-grafana = import ./docker/grafana { inherit pkgs; };
docker-image-grafana-image-renderer = import ./docker/grafana-image-renderer { inherit pkgs; };
docker-image-jellyfin = import ./docker/jellyfin { inherit pkgs; };
docker-image-jellyseerr = import ./docker/jellyseerr { inherit pkgs; };
docker-image-littlelink-server = import ./docker/littlelink-server { inherit pkgs; };
docker-image-mariadb = import ./docker/mariadb { inherit pkgs; };
docker-image-mysql = import ./docker/mysql { inherit pkgs; };
docker-image-nextcloud = import ./docker/nextcloud { inherit pkgs; };
docker-image-nginx = import ./docker/nginx { inherit pkgs; };
docker-image-nginx-receiver = import ./docker/nginx-receiver { inherit pkgs; };
docker-image-ntfy = import ./docker/ntfy { inherit pkgs; };
docker-image-oidcwarden = import ./docker/oidcwarden { inherit pkgs; };
docker-image-outline = import ./docker/outline { inherit pkgs; };
docker-image-postgresql = import ./docker/postgresql { inherit pkgs; };
docker-image-prometheus = import ./docker/prometheus { inherit pkgs; };
docker-image-prometheus-fail2ban-exporter = import ./docker/prometheus-fail2ban-exporter {
inherit pkgs;
};
docker-image-prometheus-node-exporter = import ./docker/prometheus-node-exporter { inherit pkgs; };
docker-image-prometheus-podman-exporter = import ./docker/prometheus-podman-exporter {
inherit pkgs;
};
docker-image-prometheus-smartctl-exporter = import ./docker/prometheus-smartctl-exporter {
inherit pkgs;
};
docker-image-prowlarr = import ./docker/prowlarr { inherit pkgs; };
docker-image-radarr = import ./docker/radarr { inherit pkgs; };
docker-image-recyclarr = import ./docker/recyclarr { inherit pkgs; };
docker-image-redis = import ./docker/redis { inherit pkgs; };
docker-image-shlink = import ./docker/shlink { inherit pkgs; };
docker-image-shlink-web-client = import ./docker/shlink-web-client { inherit pkgs; };
docker-image-sish = import ./docker/sish { inherit pkgs; };
docker-image-sonarr = import ./docker/sonarr { inherit pkgs; };
docker-image-traefik = import ./docker/traefik { inherit pkgs; };
docker-image-transmission-protonvpn = import ./docker/transmission-protonvpn { inherit pkgs; };
docker-image-whoami = import ./docker/whoami { inherit pkgs; };
jellyfin-plugin-bookshelf-bin = callPackage ./jellyfin/plugins/bookshelf { };
jellyfin-plugin-intro-skipper-bin = callPackage ./jellyfin/plugins/intro-skipper { };
jellyfin-plugin-opensubtitles-bin = callPackage ./jellyfin/plugins/opensubtitles { };
jellyfin-plugin-playbackreporting-bin = callPackage ./jellyfin/plugins/playbackreporting { };
jellyfin-plugin-reports-bin = callPackage ./jellyfin/plugins/reports { };
jellyfin-plugin-sso-bin = callPackage ./jellyfin/plugins/sso { };
jellyfin-plugin-subtitleextract-bin = callPackage ./jellyfin/plugins/subtitleextract { };
jellyfin-plugin-tmdbboxsets-bin = callPackage ./jellyfin/plugins/tmdbboxsets { };
jellyfin-plugin-tvdb-bin = callPackage ./jellyfin/plugins/tvdb { };
jellyfin-plugin-bookshelf-bin = import ./jellyfin/plugins/bookshelf { inherit pkgs; };
jellyfin-plugin-intro-skipper-bin = import ./jellyfin/plugins/intro-skipper { inherit pkgs; };
jellyfin-plugin-opensubtitles-bin = import ./jellyfin/plugins/opensubtitles { inherit pkgs; };
jellyfin-plugin-playbackreporting-bin = import ./jellyfin/plugins/playbackreporting {
inherit pkgs;
};
jellyfin-plugin-reports-bin = import ./jellyfin/plugins/reports { inherit pkgs; };
jellyfin-plugin-sso-bin = import ./jellyfin/plugins/sso { inherit pkgs; };
jellyfin-plugin-subtitleextract-bin = import ./jellyfin/plugins/subtitleextract { inherit pkgs; };
jellyfin-plugin-tmdbboxsets-bin = import ./jellyfin/plugins/tmdbboxsets { inherit pkgs; };
jellyfin-plugin-tvdb-bin = import ./jellyfin/plugins/tvdb { inherit pkgs; };
littlelink-server = callPackage ./littlelink-server { };
littlelink-server = import ./littlelink-server { inherit pkgs; };
obsidian-plugin-better-word-count = callPackage ./obsidian/plugins/better-word-count { };
obsidian-plugin-dataview = callPackage ./obsidian/plugins/dataview { };
obsidian-plugin-excalidraw = callPackage ./obsidian/plugins/excalidraw { };
obsidian-plugin-kanban = callPackage ./obsidian/plugins/kanban { };
obsidian-plugin-languagetool = callPackage ./obsidian/plugins/languagetool { };
obsidian-plugin-linter = callPackage ./obsidian/plugins/linter { };
obsidian-plugin-map-view = callPackage ./obsidian/plugins/map-view { };
obsidian-plugin-minimal-settings = callPackage ./obsidian/plugins/minimal-settings { };
obsidian-plugin-outliner = callPackage ./obsidian/plugins/outliner { };
obsidian-plugin-style-settings = callPackage ./obsidian/plugins/style-settings { };
obsidian-plugin-tasks = callPackage ./obsidian/plugins/tasks { };
obsidian-plugin-url-into-selection = callPackage ./obsidian/plugins/url-into-selection { };
obsidian-plugin-better-word-count = import ./obsidian/plugins/better-word-count { inherit pkgs; };
obsidian-plugin-dataview = import ./obsidian/plugins/dataview { inherit pkgs; };
obsidian-plugin-excalidraw = import ./obsidian/plugins/excalidraw { inherit pkgs; };
obsidian-plugin-kanban = import ./obsidian/plugins/kanban { inherit pkgs; };
obsidian-plugin-languagetool = import ./obsidian/plugins/languagetool { inherit pkgs; };
obsidian-plugin-linter = import ./obsidian/plugins/linter { inherit pkgs; };
obsidian-plugin-map-view = import ./obsidian/plugins/map-view { inherit pkgs; };
obsidian-plugin-minimal-settings = import ./obsidian/plugins/minimal-settings { inherit pkgs; };
obsidian-plugin-outliner = import ./obsidian/plugins/outliner { inherit pkgs; };
obsidian-plugin-style-settings = import ./obsidian/plugins/style-settings { inherit pkgs; };
obsidian-plugin-tasks = import ./obsidian/plugins/tasks { inherit pkgs; };
obsidian-plugin-url-into-selection = import ./obsidian/plugins/url-into-selection { inherit pkgs; };
obsidian-theme-minimal = callPackage ./obsidian/themes/minimal { };
obsidian-theme-minimal = import ./obsidian/themes/minimal { inherit pkgs; };
oidcwarden = callPackage ./oidcwarden { };
oidcwarden = import ./oidcwarden { inherit pkgs; };
prometheus-fail2ban-exporter = callPackage ./prometheus-fail2ban-exporter { };
prometheus-podman-exporter = callPackage ./prometheus-podman-exporter { };
prometheus-fail2ban-exporter = import ./prometheus-fail2ban-exporter { inherit pkgs; };
prometheus-podman-exporter = import ./prometheus-podman-exporter { inherit pkgs; };
shlink = callPackage ./shlink { };
shlink-web-client = callPackage ./shlink-web-client { };
shlink = import ./shlink { inherit pkgs; };
shlink-web-client = import ./shlink-web-client { inherit pkgs; };
ssh-known-hosts-github = callPackage ./ssh/known-hosts/github { };
ssh-known-hosts-gitlab = callPackage ./ssh/known-hosts/gitlab { };
ssh-known-hosts-github = import ./ssh/known-hosts/github { inherit pkgs; };
ssh-known-hosts-gitlab = import ./ssh/known-hosts/gitlab { inherit pkgs; };
yazi-plugin-custom-shell = callPackage ./yazi/plugins/custom-shell { };
yazi-plugin-custom-shell = import ./yazi/plugins/custom-shell { inherit pkgs; };
}
// (import "${inputs.sas}/packages" { inherit pkgs inputs system; })

12
packages/docker/comentario/default.nix
View File

@@ -1,19 +1,11 @@
{
pkgs,
inputs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
in
{ pkgs, ... }:
pkgs.dockerTools.buildImage {
name = "comentario";
fromImage = import ../base { inherit pkgs; };
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with selfPkgs; [ comentario ];
paths = with pkgs; [ comentario ];
pathsToLink = [
"/bin"
"/lib"

96
packages/docker/jellyfin/default.nix
View File

@@ -1,12 +1,5 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
jellyfin = pkgs.jellyfin.overrideAttrs (_: {
makeWrapperArgs = [
"--add-flags"
@@ -19,55 +12,6 @@ let
cp -r ${pkgs.jellyfin-web}/share/jellyfin-web $out/var/www/jellyfin
'';
jellyfin-plugin-bookshelf-bin = pkgs.runCommandLocal "jellyfin-plugin-bookshelf-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-bookshelf-bin} $out/var/lib/jellyfin/plugins/bookshelf
'';
jellyfin-plugin-intro-skipper-bin = pkgs.runCommandLocal "jellyfin-plugin-intro-skipper-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-intro-skipper-bin} $out/var/lib/jellyfin/plugins/intro-skipper
'';
jellyfin-plugin-opensubtitles-bin = pkgs.runCommandLocal "jellyfin-plugin-opensubtitles-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-opensubtitles-bin} $out/var/lib/jellyfin/plugins/opensubtitles
'';
jellyfin-plugin-playbackreporting-bin =
pkgs.runCommandLocal "jellyfin-plugin-playbackreporting-bin" { }
''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-playbackreporting-bin} $out/var/lib/jellyfin/plugins/playbackreporting
'';
jellyfin-plugin-reports-bin = pkgs.runCommandLocal "jellyfin-plugin-reports-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-reports-bin} $out/var/lib/jellyfin/plugins/reports
'';
jellyfin-plugin-sso-bin = pkgs.runCommandLocal "jellyfin-plugin-sso-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-sso-bin} $out/var/lib/jellyfin/plugins/sso
'';
jellyfin-plugin-subtitleextract-bin =
pkgs.runCommandLocal "jellyfin-plugin-subtitleextract-bin" { }
''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-subtitleextract-bin} $out/var/lib/jellyfin/plugins/subtitleextract
'';
jellyfin-plugin-tmdbboxsets-bin = pkgs.runCommandLocal "jellyfin-plugin-tmdbboxsets-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-tmdbboxsets-bin} $out/var/lib/jellyfin/plugins/tmdbboxsets
'';
jellyfin-plugin-tvdb-bin = pkgs.runCommandLocal "jellyfin-plugin-tvdb-bin" { } ''
mkdir -p $out/var/lib/jellyfin/plugins
cp -r ${selfPkgs.jellyfin-plugin-tvdb-bin} $out/var/lib/jellyfin/plugins/tvdb
'';
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
@@ -81,23 +25,27 @@ pkgs.dockerTools.buildImage {
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with pkgs; [
entrypoint
jellyfin
jellyfin-web
jellyfin-plugin-bookshelf-bin
jellyfin-plugin-intro-skipper-bin
jellyfin-plugin-opensubtitles-bin
jellyfin-plugin-playbackreporting-bin
jellyfin-plugin-reports-bin
jellyfin-plugin-sso-bin
jellyfin-plugin-subtitleextract-bin
jellyfin-plugin-tmdbboxsets-bin
jellyfin-plugin-tvdb-bin
jellyfin-ffmpeg
curl
jq
];
paths =
with pkgs;
[
entrypoint
jellyfin
jellyfin-web
jellyfin-ffmpeg
curl
jq
]
++ (with jellyfinPlugins; [
bookshelf
intro-skipper
opensubtitles
playbackreporting
reports
sso
subtitleextract
tmdbboxsets
tvdb
]);
pathsToLink = [
"/bin"
"/lib"

12
packages/docker/littlelink-server/default.nix
View File

@@ -1,19 +1,11 @@
{
pkgs,
inputs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
in
{ pkgs, ... }:
pkgs.dockerTools.buildImage {
name = "littlelink-server";
fromImage = import ../base { inherit pkgs; };
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with selfPkgs; [ littlelink-server ];
paths = with pkgs; [ littlelink-server ];
pathsToLink = [ "/bin" ];
};

14
packages/docker/oidcwarden/default.nix
View File

@@ -1,19 +1,11 @@
{
pkgs,
inputs,
system,
...
}:
let
selfPkgs = inputs.self.packages.${system};
in
{ pkgs, ... }:
pkgs.dockerTools.buildImage {
name = "oidcwarden";
fromImage = import ../base { inherit pkgs; };
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with selfPkgs; [
paths = with pkgs; [
oidcwarden
oidcwarden.webvault
];
@@ -26,7 +18,7 @@ pkgs.dockerTools.buildImage {
config = {
Entrypoint = [ "oidcwarden" ];
Env = [
"WEB_VAULT_FOLDER=${selfPkgs.oidcwarden.webvault}/share/vaultwarden/vault"
"WEB_VAULT_FOLDER=${pkgs.oidcwarden.webvault}/share/vaultwarden/vault"
"DATA_FOLDER=/var/lib/vaultwarden"
"ROCKET_PROFILE=release"
"ROCKET_ADDRESS=0.0.0.0"

11
packages/docker/prometheus-fail2ban-exporter/default.nix
View File

@@ -1,12 +1,5 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
@@ -20,7 +13,7 @@ pkgs.dockerTools.buildImage {
copyToRoot = pkgs.buildEnv {
name = "root";
paths = with selfPkgs; [
paths = with pkgs; [
entrypoint
prometheus-fail2ban-exporter
];

13
packages/docker/prometheus-podman-exporter/default.nix
View File

@@ -1,12 +1,5 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
entrypoint = pkgs.writeTextFile {
name = "entrypoint";
executable = true;
@@ -20,9 +13,9 @@ pkgs.dockerTools.buildImage {
copyToRoot = pkgs.buildEnv {
name = "root";
paths = [
paths = with pkgs; [
entrypoint
selfPkgs.prometheus-podman-exporter
prometheus-podman-exporter
];
pathsToLink = [ "/bin" ];
};

11
packages/docker/shlink-web-client/default.nix
View File

@@ -1,15 +1,8 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
shlink-web-client = pkgs.runCommandLocal "shlink-web-client" { } ''
mkdir -p $out/var/www
cp -r ${selfPkgs.shlink-web-client} $out/var/www/shlink-web-client
cp -r ${pkgs.shlink-web-client} $out/var/www/shlink-web-client
'';
nginxConfig = pkgs.writeTextDir "/etc/nginx/nginx.conf" ''

11
packages/docker/shlink/default.nix
View File

@@ -1,12 +1,5 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
let
selfPkgs = inputs.self.packages.${system};
php = pkgs.php84.buildEnv {
extensions =
{ all, ... }:
@@ -32,7 +25,7 @@ let
shlink = pkgs.runCommandLocal "shlink" { } ''
mkdir -p $out/var/www
cp -r ${selfPkgs.shlink} $out/var/www/shlink
cp -r ${pkgs.shlink} $out/var/www/shlink
rr_config_path="$out/var/www/shlink/config/roadrunner/.rr.yml"
original_mode="$(stat -c "%a" "$rr_config_path")"

3
packages/jellyfin/plugins/bookshelf/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/bookshelf
'';
})

3
packages/jellyfin/plugins/intro-skipper/default.nix
View File

@@ -16,6 +16,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/intro-skipper
'';
})

3
packages/jellyfin/plugins/opensubtitles/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/opensubtitles
'';
})

3
packages/jellyfin/plugins/playbackreporting/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/playbackreporting
'';
})

3
packages/jellyfin/plugins/reports/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/reports
'';
})

3
packages/jellyfin/plugins/sso/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/sso
'';
})

3
packages/jellyfin/plugins/subtitleextract/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/subtitleextract
'';
})

3
packages/jellyfin/plugins/tmdbboxsets/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/tmdbboxsets
'';
})

3
packages/jellyfin/plugins/tvdb/default.nix
View File

@@ -11,6 +11,7 @@ pkgs.stdenv.mkDerivation (finalAttrs: {
};
installPhase = ''
cp -r $src $out
mkdir -p $out/var/lib/jellyfin/plugins
cp -r $src $out/var/lib/jellyfin/plugins/tvdb
'';
})

9
packages/ssh/known-hosts/github/default.nix
View File

@@ -1,14 +1,9 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
pkgs.stdenv.mkDerivation {
pname = "ssh-known-hosts-github";
version = "0-unstable-2025-02-25";
src = inputs.lib.lib.${system}.fetchers.sshKnownHosts {
src = pkgs.lib.fetchers.sshKnownHosts {
host = "github.com";
hash = "sha256-wkNdynz7rhZvfXSAXDpQ2sk40afKAPeYHQ8Ei44CICI=";
};

9
packages/ssh/known-hosts/gitlab/default.nix
View File

@@ -1,14 +1,9 @@
{
pkgs,
inputs,
system,
...
}:
{ pkgs, ... }:
pkgs.stdenv.mkDerivation {
pname = "ssh-known-hosts-github";
version = "0-unstable-2025-02-25";
src = inputs.lib.lib.${system}.fetchers.sshKnownHosts {
src = pkgs.lib.fetchers.sshKnownHosts {
host = "gitlab.com";
hash = "sha256-5flUNj4vKn1Y2YE8bkUcsW3kQLRKn8WB3uPUxlhZMTk=";
};

20
patches.nix
View File

@@ -1,19 +1 @@
{ patcher, ... }:
{
nixpkgs.patches = [
# FIXME: https://github.com/NixOS/nixpkgs/pull/429473
(patcher.fetchpatch {
name = "osm-gps-map: patch libsoup 2.4 -> 3.0";
url = "https://patch-diff.githubusercontent.com/raw/NixOS/nixpkgs/pull/429473.diff";
hash = "sha256-PPCB4VzANYuQLWelY2rvMQCqLG7tJ7RF9t967MNVFbU=";
})
];
home-manager.patches = [
(patcher.fetchpatch {
name = "ssh: make userKnownHostsFiles consistent with nixpkgs";
url = "https://github.com/nix-community/home-manager/compare/master...karaolidis:home-manager:consistent-ssh-known-hosts-files.diff";
hash = "sha256-5EHdNqezDVF1xOO8g+qQj40GuS8XR1Vgm4D5zlDQo4I=";
})
];
}
{ patcher, ... }: { }

6
scripts/add-host.sh
View File

@@ -162,6 +162,12 @@ EOF
cat <<EOF > "./hosts/$host/default.nix"
{ inputs, ... }:
{
nixpkgs.overlays = [
inputs.lib.overlays.default
inputs.self.overlays.default
inputs.nur.overlays.default
];
imports = [
inputs.disko.nixosModules.disko
./format.nix

2
scripts/update.sh
View File

@@ -4,7 +4,7 @@ set -o errexit
set -o nounset
set -o pipefail
find . -type f -name "*.nix" | while read -r file; do
find . -type f -name '*.nix' ! -path './submodules/*' | while read -r file; do
update_command=$(grep -oP '^#\s*AUTO-UPDATE:\s*\K.+' "$file" || true)
if [[ -n "$update_command" ]]; then
echo "Running update command in: $file"

2
submodules/lib

Submodule submodules/lib updated: 00d04c73f6...10930e85d6

2
submodules/sas

Submodule submodules/sas updated: 5ff6864ab1...2c6c3f6761

2
submodules/secrets

Submodule submodules/secrets updated: 13b3145cba...c1a835c4f9