iiogama/confix
iiogama/confix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Created cmus_refresh_library systemd user timer.

Browse Source
This commit is contained in:
Thai Noodles 2023-12-03 18:25:44 -08:00
parent 40a75aa619
commit 101ba89cb1
17 changed files with 343 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@ -15,6 +15,8 @@ sudo nixos-rebuild switch --flake ".#<hostname>" --update-input nixpkgs --commit
## How to install new system with flake
### Method 1
1. Boot into live NixOS disk and run the following commands:
```
sudo su
@ -28,6 +30,31 @@ sudo rm -r /etc/nixos/configuration.nix
```
3. Move build to desired location.
### Method 2
1. Boot into live NixOS disk
2. Install NixOS
3. Add the following changes:
```/etc/nixos/configuration.nix
environment.systemPackages = with pkgs; [
git
];
services.openssh.enable = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
```
4. Run the following command:
```
sudo nixos-rebuild switch
```
5. Grab the IP address with the following command:
```
ip addr
```
6. Copy a flake repo from the host machine:
```
rsync -avz <repo directory> <user>@<ip addr>:
```
## Nix commands to remember
```

6
flake.lock
View File

@ -22,11 +22,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1698611440,
"narHash": "sha256-jPjHjrerhYDy3q9+s5EAsuhyhuknNfowY6yt6pjn9pc=",
"lastModified": 1701253981,
"narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "0cbe9f69c234a7700596e943bfae7ef27a31b735",
"rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58",
"type": "github"
},
"original": {

4
home-manager/all.nix
View File

@ -54,8 +54,8 @@
set relativenumber
set splitbelow
set splitright
set tabstop=4
set shiftwidth=4
set tabstop=2
set shiftwidth=2
'';
};
programs.lf = {

7
home-manager/dots/bspwm/bspwmrc
View File

@ -25,12 +25,9 @@ bspc rule -a Wrapper-2.0 \
state=floating border=off focus=on
bspc rule -a mpv \
state=floating sticky=on follow=off focus=on \
rectangle=640x360+1920+1080
rectangle=640x360+1920+1080 monitor=DP-1
bspc rule -a "*:Toolkit:Picture-in-Picture" \
state=floating sticky=on follow=off focus=on \
rectangle=640x360+1920+1080
bspc rule -a discord:discord: desktop='2'
bspc rule -a Signal:signal: desktop='2'
bspc rule -a steam:steamwebhelper: desktop='9'
rectangle=640x360+1920+1080 monitor=DP-1
bspc rule -a trayer:panel: border=off manage=off
bspc rule -a xdragon:Xdragon state=floating sticky=on

19
home-manager/dots/sxhkd/sxhkdrc
View File

@ -27,19 +27,14 @@ super + shift + bracket{left,right}
notify-desktop "Volume is now $(amixer sset Master 5%{-,+} | awk -F '[][]' '/Right:/ \{ print $2 \}')"
# make sxhkd reload its configuration files:
super + shift + r
super + r
pkill -USR1 -x sxhkd; notify-desktop "sxhkd config reloaded"
#
# bspwm hotkeys
#
# quit/restart bspwm
super + alt + {q,r}
bspc {quit,wm -r}
super + shift + r
bspc wm -r; notify-desktop "bspwm config reloaded"
# close and kill
super + {_,shift + }w
super + {_,shift + }q
bspc node -{c,k}
# alternate between the tiled and monocle layout
@ -59,8 +54,10 @@ super + g
#
# set the window state
super + {t,shift + t,f,shift + f}
bspc node -t {\~tiled,\~pseudo_tiled,\~fullscreen,\~floating}
super + {t,shift + t,f}
bspc node -t {\~tiled,\~pseudo_tiled,\~floating}
F11
bspc node -t \~fullscreen
# set the node flags
super + ctrl + {m,x,y,z}

4
home-manager/dots/xinitrc
View File

@ -3,8 +3,9 @@ test -z "$DBUS_SESSION_BUS_ADDRESS" && eval $(dbus-launch --exit-with-session --
systemctl --user import-environment DISPLAY XAUTHORITY
command -v dbus-update-activation-environment >/dev/null 2>&1 && dbus-update-activation-environment DISPLAY XAUTHORITY
xrdb ~/.Xresources &
hsetroot -solid "#282a36" &
xrandr --output DP-1 --primary --mode 2560x1440 --rotate normal --rate "164.99" --output DP-2 --mode 2560x1440 --rotate left --rate "164.99" --right-of DP-1 &
picom &
hsetroot -solid "#282a36" &
xbanish &
dunst &
clipmenud &
@ -12,5 +13,4 @@ trayer --edge bottom --align right --margin 0 --widthtype request --SetDockType
nm-applet &
mullvad-gui &
sxhkd &
xrandr --output DP-1 --primary --mode 2560x1440 --rotate normal --rate "164.99" --output DP-2 --mode 2560x1440 --rotate normal --rate "164.99" --right-of DP-1 &
exec bspwm

56
home-manager/gui.nix
View File

@ -40,13 +40,57 @@
target = ".xinitrc";
};
};
xdg.configFile = {
"bspwm" = {
source = ./dots/bspwm;
target = "bspwm";
recursive = true;
executable = true;
xsession.windowManager.bspwm = {
enable = true;
rules = {
"Wrapper-2.0" = {
state = "floating";
border = false;
focus = true;
};
"mpv" = {
state = "floating";
sticky = true;
follow = false;
focus = true;
};
"*:Toolkit:Picture-in-Picture" = {
state = "floating";
sticky = true;
follow = false;
focus = true;
};
"trayer:panel:" = {
border = false;
manage = false;
};
"xdragon:Xdragon:" = {
state = "floating";
sticky = true;
};
};
settings = {
automatic_scheme = "alternate";
split_ratio = 0.5;
focus_follows_pointer = true;
pointer_follows_focus = false;
border_width = 1;
top_padding = 0;
window_gap = 24;
borderless_monocle = false;
gapless_monocle = false;
focused_border_color = "#bd93f9";
normal_border_color = "#282a36";
presel_feedback_color = "#282a36";
};
};
xdg.configFile = {
#"bspwm" = {
# source = ./dots/bspwm;
# target = "bspwm";
# recursive = true;
# executable = true;
#};
"dunst" = {
source = ./dots/dunst;
target = "dunst";

8
hosts/buckwheat/configuration.nix
View File

@ -45,6 +45,11 @@ in
virt-manager
];
};
environment = {
systemPackages = with pkgs; [
virtiofsd
];
};
services = {
davfs2 = {
enable = true;
@ -71,12 +76,14 @@ in
services.borgbackup.jobs."daily" = {
paths = [
"/home"
#"/var"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/daily/buckwheat";
#repo = "/mnt/backups/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
@ -85,6 +92,7 @@ in
startAt = "daily";
prune.keep = {
within = "7d";
#within = "14d";
};
};
services.borgbackup.jobs."weekly" = {

16
hosts/buckwheat/hardware-configuration.nix
View File

@ -22,6 +22,16 @@
fsType = "vfat";
};
#fileSystems."/mnt/home" = {
# device = "";
# fsType = "ext4";
#};
#fileSystems."/mnt/backups" = {
# device = "";
# fsType = "ext4";
#};
fileSystems."/mnt/daily" = {
device = "/dev/disk/by-uuid/bfdd61f6-2d26-4140-94ac-e60c21636dde";
fsType = "ext4";
@ -37,12 +47,6 @@
fsType = "ext4";
};
#fileSystems."/media" =
# { device = "/mnt/videos";
# fsType = "none";
# options = [ "bind" ];
# };
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

57
hosts/buckwheat/home.nix
View File

@ -1,6 +1,32 @@
# Buckwheat home.nix
{ config, lib, pkgs, inputs, user, ... }:
{
xsession.windowManager.bspwm = {
monitors = {
DP-1 = [
"1"
"2"
"3"
"4"
"5"
];
DP-2 = [
"6"
"7"
"8"
"9"
"0"
];
};
rules = {
"mpv" = {
rectangle = "640x360+1920+1080";
};
"*:Toolkit:Picture-in-Picture" = {
rectangle = "640x360+1920+1080";
};
};
};
services = {
udiskie = {
enable = true;
@ -16,4 +42,35 @@
};
};
};
systemd.user.services = {
cmus-library-refresh = {
Unit = {
Description = "cmus library refresh to add any new songs";
};
Service = {
Type = "oneshot";
ExecStart = toString (
pkgs.writeShellScript "cmus-library-refresh" ''
set -eou pipefail
${pkgs.bash}/bin/bash "/home/${user.name}/.local/bin/cmus_library_refresh.sh";
''
);
};
Install.WantedBy = [ "default.target" ];
};
};
systemd.user.timers = {
cmus_library_refresh = {
Unit = {
Description = "cmus library refresh to add any new songs";
Documentation = [ "man:cmus-remote(1)" ];
};
Timer = {
Unit = "cmus_library_refresh";
OnBootSec = "5m";
OnUnitActiveSec = "1h";
};
Install.WantedBy = [ "timers.target" ];
};
};
}

123
hosts/vm/configuration.nix_ Normal file
View File

@ -0,0 +1,123 @@
# Buckwheat configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
let
hostname="buckwheat";
in
{
imports = [
./hardware-configuration.nix
];
boot = {
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
};
efi.canTouchEfiVariables = true;
efi.efiSysMountPoint = "/boot/efi";
timeout = 2;
};
# Hardware-configuration edits
kernel.sysctl."net.ipv4.ip_forward" = 1;
# Clean /tmp at boot
tmp.cleanOnBoot = true;
};
networking = {
hostName = "${hostname}"; # Define your hostname.
firewall = {
# To disable the firewall altogether:
# enable = false;
allowedTCPPorts = [ 445 139 ];
allowedUDPPorts = [ 137 138 ];
};
# Proxy configuration
# proxy = {
# default = "http://user:password@proxy:port/";
# noProxy = "127.0.0.1,localhost,internal.domain";
# };
};
users.users.${user.name} = {
extraGroups = [ "davfs2" "libvirtd" "transmission" ];
packages = with pkgs; [
mixxx
virt-manager
];
};
services = {
davfs2 = {
enable = true;
};
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
transmission = {
enable = true;
openFirewall = true;
};
udisks2 = {
enable = true;
mountOnMedia = true;
};
# Enable automatic login for the user.
# getty.autologinUser = "${user.name}";
};
virtualisation.libvirtd.enable = true;
# Borg backup configuration
services.borgbackup.jobs."daily" = {
paths = [
"/home"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/daily/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "daily";
prune.keep = {
within = "7d";
};
};
services.borgbackup.jobs."weekly" = {
paths = [
"/home"
];
exclude = [
"/home/*/go/bin"
"/home/*/go/pkg"
];
repo = "/mnt/weekly/buckwheat";
encryption = {
mode = "repokey-blake2";
passCommand = "cat /root/borgbackup/passphrase";
};
compression = "auto,lzma";
startAt = "weekly";
};
#services.borgbackup.jobs."borgbase" = {
# paths = [
# "/home"
# ];
# exclude = [
# "/home/*/go/bin"
# "/home/*/go/pkg"
# ];
# repo = "<repo_hash>.repo.borgbase.com:repo";
# encryption = {
# mode = "repokey-blake2";
# passCommand = "cat /root/borgbackup/passphrase";
# };
# environment.BORG_RSH = "ssh -i /root/borgbackup/ssh_key";
# compression = "auto,lzma";
# startAt = "daily";
#};
}

98
hosts/vm/default-configuration.nix
View File

@ -1,98 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Bootloader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/vda";
boot.loader.grub.useOSProber = true;
networking.hostName = "nixos"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Set your time zone.
time.timeZone = "America/Los_Angeles";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
# Configure keymap in X11
services.xserver = {
layout = "us";
xkbVariant = "";
};
# Define a user account. Don't forget to set a password with passwd.
users.users.user = {
isNormalUser = true;
description = "user";
extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [];
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}

BIN
nixos.qcow2 Normal file
View File

Binary file not shown.

2
nixos/cli.nix
View File

@ -72,7 +72,7 @@
catgirl
cava
cifs-utils
#cmus
cmus
curlie
dig
dogdns

2
nixos/gui.nix
View File

@ -73,6 +73,7 @@
glib
lagrange
libreoffice
librewolf
mangal
mpv
mullvad-browser
@ -80,7 +81,6 @@
#onionshare-gui
scrot
signal-desktop
surf
tor-browser-bundle-bin
urlview
];

35
nixos/server_defense.nix Normal file
View File

@ -0,0 +1,35 @@
# All configuration.nix
{ config, lib, pkgs, inputs, user, ... }:
{
services = {
openssh = {
enable = true;
ports = [
22
8282
];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
allowSFTP = false; # Don't set this if you need sftp
extraConfig = ''
AllowTcpForwarding yes
X11Forwarding no
AllowAgentForwarding no
AllowStreamLocalForwarding no
AuthenticationMethods publickey
'';
};
endlessh = {
enable = true;
openFirewall = true;
port = 22;
extraOptions = [
"-6"
"-d 9000"
"-v"
];
};
}
}

14
shell.nix Normal file
View File

@ -0,0 +1,14 @@
let
nixpkgs = fetchTarball "https://github.com/NixOS/nixpkgs/tarball/nixos-23.05";
pkgs = import nixpkgs { config = {}; overlays = []; };
in
pkgs.mkShell {
packages = with pkgs; [
cowsay
];
GIT_EDITOR = "${pkgs.neovim}/bin/nvim";
shellHook = ''
git status
'';
}