kp2pml30/dotfiles
1
0
Fork 0
mirror of https://github.com/kp2pml30/dotfiles.git synced 2026-02-16 23:34:42 +04:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: update

Browse source
This commit is contained in:
kp2pml30 2025-09-22 18:37:19 +09:00
parent 8f90650888
commit bbacfb100e
Signed by: kp2pml30
GPG key ID: CD6528BAC23E3E34
11 changed files with 198 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -44,6 +44,7 @@
hostname = "kp2pml30.moe"; hostname = "kp2pml30.moe";
nginx = true; nginx = true;
forgejo = true; forgejo = true;
nix-cache = true;
}; };
} }

24
nix/hardware/mini.nix
View file

@ -1,4 +1,3 @@
{ pkgs { pkgs
, inputs , inputs
, lib , lib
@ -6,7 +5,10 @@
, ... , ...
}: }:
{ {
imports = [ ./common.nix ]; imports = [
./common.nix
# ./nvidia.nix
];
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-uuid/1ec7bbd6-cb83-427a-a901-d5fb7a4ef3ba"; device = "/dev/disk/by-uuid/1ec7bbd6-cb83-427a-a901-d5fb7a4ef3ba";
@ -19,15 +21,15 @@
options = [ "fmask=0077" "dmask=0077" ]; options = [ "fmask=0077" "dmask=0077" ];
}; };
fileSystems."/mnt/d" = { # fileSystems."/mnt/d" = {
device = "/dev/sda1"; # device = "/dev/sda1";
fsType = "exfat"; # fsType = "exfat";
options = [ # options = [
"users" # "users"
"exec" # "exec"
"nofail" # "nofail"
]; # ];
}; # };
swapDevices = [ { device = "/dev/disk/by-uuid/c68daa9f-f165-4e23-8710-2aab0ad8d282"; } ]; swapDevices = [ { device = "/dev/disk/by-uuid/c68daa9f-f165-4e23-8710-2aab0ad8d282"; } ];

16
nix/hardware/nvidia.nix Normal file
View file

@ -0,0 +1,16 @@
{ pkgs
, inputs
, lib
, config
, ...
}:
{
services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.production;
modesetting.enable = true;
open = false;
nvidiaSettings = true;
};
}

19
nix/personal/graphical/messengers.nix
View file

@ -8,10 +8,27 @@
let let
cfg = config.kp2pml30; cfg = config.kp2pml30;
signalSuffix = if system == "x86_64-linux" then "amd64" else "arm64"; signalSuffix = if system == "x86_64-linux" then "amd64" else "arm64";
discord-version = "0.0.160";
in lib.mkIf cfg.messengers.personal { in lib.mkIf cfg.messengers.personal {
users.users.${cfg.username}.packages = with pkgs; [ users.users.${cfg.username}.packages = with pkgs; [
discord-ptb discord-ptb
#(discord-ptb.overrideAttrs(finalAttrs: previousAttrs: {
# src = fetchurl {
# url = "https://ptb.dl2.discordapp.net/apps/linux/${discord-version}/discord-ptb-${discord-version}.tar.gz";
# hash = lib.fakeHash;
# };
#}))
telegram-desktop telegram-desktop
pkgs.signal-desktop # (pkgs.callPackage "${pkgs.path}/pkgs/by-name/si/signal-desktop/generic.nix" { } rec {
# pname = "signal-desktop";
# version = "7.65.0";
#
# libdir = "opt/Signal";
# bindir = libdir;
# extractPkg = "dpkg-deb -x $downloadedFile $out";
#
# url = "https://updates.signal.org/desktop/apt/pool/s/signal-desktop/signal-desktop_${version}_amd64.deb";
# hash = lib.fakeHash;
# })
]; ];
} }

8
nix/personal/graphical/opera.nix
View file

@ -6,10 +6,16 @@
}: }:
let let
cfg = config.kp2pml30; cfg = config.kp2pml30;
version = "122.0.5643.51";
in lib.mkIf cfg.opera { in lib.mkIf cfg.opera {
home-manager.users.${cfg.username}.home = { home-manager.users.${cfg.username}.home = {
packages = with pkgs; [ packages = with pkgs; [
(opera.override { proprietaryCodecs = true; }) ((opera.override { proprietaryCodecs = true; }).overrideAttrs (finalAttrs: previousAttrs: {
src = fetchurl {
url = "https://get.geo.opera.com/pub/opera/desktop/${version}/linux/opera-stable_${version}_amd64.deb";
hash = "sha256-l/NG3UEI1MEu7yVte0wkxsMsIhpCsAT7292u/IsqUL0=";
};
}))
]; ];
}; };
} }

46
nix/personal/graphical/vscode.nix
View file

@ -10,30 +10,36 @@ in lib.mkIf cfg.vscode {
home-manager.users.${cfg.username} = { home-manager.users.${cfg.username} = {
programs.vscode = { programs.vscode = {
enable = true; enable = true;
package = pkgs.vscode; package = (pkgs.vscode.overrideAttrs (oldAttrs: rec {
src = (builtins.fetchTarball {
url = "https://update.code.visualstudio.com/1.104.1/linux-x64/stable";
sha256 = "sha256:109mdk1v323dyhzrq0444gjjhfpjxbllkqkhsapfj44ypjzdjcy8";
});
version = "1.102.2";
}));
mutableExtensionsDir = false; mutableExtensionsDir = false;
userSettings = lib.importJSON("${rootPath}/vscode/settings.json"); userSettings = lib.importJSON("${rootPath}/vscode/settings.json");
extensions = with pkgs; [ # extensions = with pkgs; [
vscode-extensions.eamodio.gitlens # vscode-extensions.eamodio.gitlens
vscode-extensions.editorconfig.editorconfig # vscode-extensions.editorconfig.editorconfig
#
# vscode-extensions.bierner.markdown-mermaid
vscode-extensions.bierner.markdown-mermaid # vscode-extensions.tamasfe.even-better-toml
vscode-extensions.tamasfe.even-better-toml # vscode-extensions.streetsidesoftware.code-spell-checker
# (pkgs.vscode-utils.buildVscodeMarketplaceExtension {
vscode-extensions.streetsidesoftware.code-spell-checker # mktplcRef = {
(pkgs.vscode-utils.buildVscodeMarketplaceExtension { # name = "code-spell-checker-russian";
mktplcRef = { # publisher = "streetsidesoftware";
name = "code-spell-checker-russian"; # version = "0.2.2";
publisher = "streetsidesoftware"; # sha256 = "a3b00c76a4aafecb962d6c292a3b9240a27d84b17de2119bb8007d0ad90ab443";
version = "0.2.2"; # };
sha256 = "a3b00c76a4aafecb962d6c292a3b9240a27d84b17de2119bb8007d0ad90ab443"; # meta = {
}; # license = lib.licenses.mit;
meta = { # };
license = lib.licenses.mit; # })
}; # ];
})
];
}; };
}; };
} }

5
nix/server/default.nix
View file

@ -20,6 +20,9 @@ in {
forgejo = lib.mkEnableOption ""; forgejo = lib.mkEnableOption "";
dns = lib.mkEnableOption "";
nix-cache = lib.mkEnableOption "";
sitePath = lib.mkOption { sitePath = lib.mkOption {
type = lib.types.str; type = lib.types.str;
}; };
@ -31,6 +34,8 @@ in {
./boot.nix ./boot.nix
./site.nix ./site.nix
./forgejo.nix ./forgejo.nix
./dns.nix
./nix-cache.nix
]; ];
config = { config = {

34
nix/server/dns.nix Normal file
View file

@ -0,0 +1,34 @@
{ config
, pkgs
, lib
, self
, nixpkgs
, kp2pml30-moe
, system
, ...
}@args:
let
cfg = config.kp2pml30.server;
in lib.mkIf cfg.nginx {
services.coredns.enable = true;
services.coredns.config = ''
dns://.:53 {
forward . tls://1.1.1.1 {
tls
tls_servername cloudflare-dns.com
}
cache
}
https://.:8003 {
forward . dns://127.0.0.1:53 {
tls
tls_servername cloudflare-dns.com
policy random
}
cache
}
'';
# networking.networkmanager.insertNameservers = [ "127.0.0.1" ];
}

89
nix/server/nginx.nix
View file

@ -14,7 +14,7 @@ in lib.mkIf cfg.nginx {
defaults.email = "kp2pml30@gmail.com"; defaults.email = "kp2pml30@gmail.com";
#defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory"; #defaults.server = "https://acme-staging-v02.api.letsencrypt.org/directory";
certs."${cfg.hostname}" = { certs."${cfg.hostname}" = {
extraDomainNames = [ "pr.${cfg.hostname}" "www.${cfg.hostname}" "git.${cfg.hostname}" "backend.${cfg.hostname}" ]; extraDomainNames = [ "pr.${cfg.hostname}" "www.${cfg.hostname}" "git.${cfg.hostname}" "backend.${cfg.hostname}" "dns.${cfg.hostname}" "cache.nix.${cfg.hostname}" ];
webroot = acmeRoot; webroot = acmeRoot;
group = "nginx"; group = "nginx";
}; };
@ -23,47 +23,74 @@ in lib.mkIf cfg.nginx {
services.nginx = { services.nginx = {
enable = true; enable = true;
virtualHosts."git.${cfg.hostname}" = { virtualHosts = {
enableACME = true; "git.${cfg.hostname}" = {
acmeRoot = acmeRoot; enableACME = true;
acmeRoot = acmeRoot;
listen = [ listen = [
{ addr = "0.0.0.0"; port = 80; } { addr = "0.0.0.0"; port = 80; }
]; ];
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:8002"; proxyPass = "http://127.0.0.1:8002";
};
}; };
};
virtualHosts."backend.${cfg.hostname}" = { "backend.${cfg.hostname}" = {
enableACME = true; enableACME = true;
acmeRoot = acmeRoot; acmeRoot = acmeRoot;
listen = [ listen = [
{ addr = "0.0.0.0"; port = 80; } { addr = "0.0.0.0"; port = 80; }
]; ];
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:8001"; proxyPass = "http://127.0.0.1:8001";
};
}; };
};
virtualHosts."${cfg.hostname}" = { "dns.${cfg.hostname}" = {
# addSSL = true; enableACME = true;
# forceSSL = true; acmeRoot = acmeRoot;
enableACME = true;
acmeRoot = acmeRoot;
listen = [ listen = [
{ addr = "0.0.0.0"; port = 80; } { addr = "0.0.0.0"; port = 80; }
]; ];
locations."/" = { locations."/" = {
root = cfg.sitePath; proxyPass = "http://127.0.0.1:8003";
tryFiles = "$uri $uri/ /index.html"; };
}; };
};
"${cfg.hostname}" = {
# addSSL = true;
# forceSSL = true;
enableACME = true;
acmeRoot = acmeRoot;
listen = [
{ addr = "0.0.0.0"; port = 80; }
];
locations."/" = {
root = cfg.sitePath;
tryFiles = "$uri $uri/ /index.html";
};
};
} // (if cfg.nix-cache then {
"cache.nix.${cfg.hostname}" = {
enableACME = true;
acmeRoot = acmeRoot;
listen = [
{ addr = "0.0.0.0"; port = 80; }
];
locations."/" = {
proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
};
};
} else {});
streamConfig = (builtins.readFile ./stream.nginx); streamConfig = (builtins.readFile ./stream.nginx);
}; };

18
nix/server/nix-cache.nix Normal file
View file

@ -0,0 +1,18 @@
{ config
, pkgs
, lib
, self
, nixpkgs
, kp2pml30-moe
, system
, ...
}@args:
let
cfg = config.kp2pml30.server;
in lib.mkIf cfg.nix-cache {
services.nix-serve = {
enable = true;
secretKeyFile = "/var/cache-priv-key.pem";
};
}

3
nix/server/stream.nginx
View file

@ -14,6 +14,7 @@ map $ssl_preread_server_name $name {
kp2pml30.moe self; kp2pml30.moe self;
git.kp2pml30.moe self; git.kp2pml30.moe self;
cache.nix.kp2pml30.moe self;
default deny; default deny;
} }
@ -83,7 +84,7 @@ server {
server { server {
listen 443 ssl; listen 443 ssl;
server_name kp2pml30.moe git.kp2pml30.moe backend.kp2pml30.moe; server_name kp2pml30.moe git.kp2pml30.moe backend.kp2pml30.moe dns.kp2pml30.moe cache.nix.kp2pml30.moe;
proxy_pass self; proxy_pass self;
ssl_certificate /var/lib/acme/kp2pml30.moe/fullchain.pem; ssl_certificate /var/lib/acme/kp2pml30.moe/fullchain.pem;