summary refs log tree commit diff
diff options
context:
space:
mode:
authorRory& <root@rory.gay>2024-11-03 00:31:17 +0100
committerRory& <root@rory.gay>2024-11-03 00:31:17 +0100
commit8aa83e2bcc11f33eedff9e19fbb32f0bcda4b53e (patch)
tree30c27129e37328e120f4618e63ae9204a67b292f
parentAdd desktop changes (diff)
downloadRory-Open-Architecture-8aa83e2bcc11f33eedff9e19fbb32f0bcda4b53e.tar.xz
Portable changes, email server
Diffstat
-rw-r--r--host/Rory-desktop/configuration.nix1


-rw-r--r--host/Rory-desktop/optional/gui/wayland.nix11


-rwxr-xr-xhost/Rory-nginx/configuration.nix3


-rw-r--r--host/Rory-nginx/services/email/maddy.nix46


-rw-r--r--host/Rory-nginx/services/email/nginx.nix21


-rw-r--r--host/Rory-portable/configuration.nix64


-rw-r--r--host/Rory-portable/optional/gui/wayland.nix37


-rwxr-xr-xhost/Rory-portable/postgres.nix33


-rw-r--r--host/Rory-portable/printing.nix56


9 files changed, 135 insertions, 137 deletions
diff --git a/host/Rory-desktop/configuration.nix b/host/Rory-desktop/configuration.nix
index 0623850..983d771 100644
--- a/host/Rory-desktop/configuration.nix
+++ b/host/Rory-desktop/configuration.nix
@@ -248,7 +248,6 @@ args@{
         "olm-3.2.16"
       ];
     };
-
   };
   security = {
     polkit.enable = true;
diff --git a/host/Rory-desktop/optional/gui/wayland.nix b/host/Rory-desktop/optional/gui/wayland.nix
index 689dee7..eac6391 100644
--- a/host/Rory-desktop/optional/gui/wayland.nix
+++ b/host/Rory-desktop/optional/gui/wayland.nix
@@ -1,7 +1,5 @@
 {
-  config,
   pkgs,
-  lib,
   ...
 }:
 
@@ -20,16 +18,7 @@
       # Fix for some Java AWT applications (e.g. Android Studio),
       # use this if they aren't displayed properly:
       export _JAVA_AWT_WM_NONREPARENTING=1
-      cp ${../../../../modules/users/Rory/wallpaper.webp} ~/.cache/wallpaper.webp
-
     '';
-    #(
-    #sleep 5
-    #${pkgs.swaybg}/bin/swaybg -i ${../../../../modules/users/Rory/wallpaper.webp}
-    #$ {pkgs.swayidle}/bin/swayidle -w timeout 300 'swaylock -f -i ${../../../../modules/users/Rory/wallpaper.webp}' 'swaymsg "output * dpms off"'
-    #$ {pkgs.swaylock}/bin/swaylock -f -i ${../../../../modules/users/Rory/wallpaper.webp}
-    #${pkgs.waybar}/bin/waybar
-    #) &
 
     extraPackages = with pkgs; [
       swaybg
diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix
index a1f3938..c52ab51 100755
--- a/host/Rory-nginx/configuration.nix
+++ b/host/Rory-nginx/configuration.nix
@@ -24,6 +24,9 @@
     ./services/cgit.nix
     #./services/ollama.nix
     ./services/prometheus.nix
+    
+    ./services/email/maddy.nix
+    ./services/email/nginx.nix
   ];
   users.groups.ocp = { };
   networking = {
diff --git a/host/Rory-nginx/services/email/maddy.nix b/host/Rory-nginx/services/email/maddy.nix
new file mode 100644
index 0000000..995d6a2
--- /dev/null
+++ b/host/Rory-nginx/services/email/maddy.nix
@@ -0,0 +1,46 @@
+{
+  pkgs,
+  options,
+  config,
+  ...
+}:
+{
+  services.maddy = {
+    enable = true;
+    primaryDomain = "rory.gay";
+    hostname = "mail.rory.gay";
+    ensureAccounts = [
+      "root@rory.gay"
+    ];
+    ensureCredentials = {
+      "root@rory.gay".passwordFile = "/var/lib/maddy/passwd/root";
+    };
+    config =
+      builtins.replaceStrings
+        [
+          "imap tcp://0.0.0.0:143"
+          "submission tcp://0.0.0.0:587"
+        ]
+        [
+          "imap tls://0.0.0.0:993 tcp://0.0.0.0:143"
+          "submission tls://0.0.0.0:465 tcp://0.0.0.0:587"
+        ]
+        options.services.maddy.config.default;
+
+    tls = {
+      loader = "file";
+      certificates = [
+        "/var/lib/acme/certs/mail.rory.gay/fullchain.pem"
+        "/var/lib/acme/certs/mail.rory.gay/privkey.pem"
+      ];
+    };
+  };
+  networking.firewall.allowedTCPPorts = [
+    993
+    465
+  ];
+
+  security.acme.certs."mail.rory.gay" = {
+    group = config.services.maddy.group;
+  };
+}
diff --git a/host/Rory-nginx/services/email/nginx.nix b/host/Rory-nginx/services/email/nginx.nix
new file mode 100644
index 0000000..a55a65a
--- /dev/null
+++ b/host/Rory-nginx/services/email/nginx.nix
@@ -0,0 +1,21 @@
+{ config, ... }:
+{
+  services.nginx.virtualHosts = {
+    "mta-sts.rory.gay" = {
+      enableACME = true;
+      forceSSL = true;
+      locations = {
+        "/.well-known/mta-sts.txt" = {
+          # age 604800
+          return = ''
+            200 'version: STSv1
+                 mode: enforce
+                 max_age: 120
+                 mx: mail.rory.gay
+                 ';'';
+
+        };
+      };
+    };
+  };
+}
diff --git a/host/Rory-portable/configuration.nix b/host/Rory-portable/configuration.nix
index 0c4fd6d..759379f 100644
--- a/host/Rory-portable/configuration.nix
+++ b/host/Rory-portable/configuration.nix
@@ -10,6 +10,7 @@
   imports = [
     ../../modules/base-client.nix
     ../../modules/packages/vim.nix
+    ./optional/gui/wayland.nix
   ];
 
   boot = {
@@ -74,23 +75,9 @@
     xserver = {
       enable = true;
       updateDbusEnvironment = true;
-      #videoDrivers = ["amdgpu"]; #"nvidia"
-      #desktopManager.gnome.enable = true;
       xkb.layout = "us";
-      windowManager.i3.enable = true;
-      windowManager.i3.extraSessionCommands = ''
-        # output from arandr:
-        #xrandr --output DP-1 --mode 1920x1080 --pos 3840x1080 --rotate normal --output HDMI-1 --mode 3840x2160 --pos 0x0 --rotate normal --output HDMI-2 --off --output DP-2 --off
-        #xrandr --output HDMI-1 --mode 3840x2160 --pos 0x0 --rotate normal --primary --output DP-1 --mode 1920x1080 --pos 3840x1080 --rotate normal --output HDMI-2 --off --output DP-2 --off
-        ${pkgs.polybarFull}/bin/polybar &
-        ${pkgs.dunst}/bin/dunst &
-        ${pkgs.feh}/bin/feh --no-fehbg --bg-fill ${../../modules/users/Rory/wallpaper.webp}
-      '';
     };
     libinput.enable = true;
-    picom.enable = true;
-    picom.vSync = false;
-    picom.backend = "glx";
 
     openssh = {
       enable = true;
@@ -116,32 +103,32 @@
     feh
     easyeffects
     kitty
-    youtube-music
+    #youtube-music
 
     # - IDEs
     #jetbrains-toolbox
-    jetbrains.rider
+    #jetbrains.rider
     #jetbrains.webstorm
     #jetbrains.clion
-    github-copilot-intellij-agent
+    #github-copilot-intellij-agent
 
-    dbeaver-bin
+    #dbeaver-bin
     #insomnia
-    vscode
+    #vscode
 
     # - Utilities
-    inkscape-with-extensions
-    gimp # -with-plugins
+    #inkscape-with-extensions
+    #gimp # -with-plugins
 
     # - Languages
     #dotnet-sdk_7
-    dotnet-sdk_8
+    #dotnet-sdk_8
     #(callPackage ../../modules/packages/dotnet-pack.nix { inherit pkgs; })
 
     #games
-    osu-lazer-bin
+    #osu-lazer-bin
     #steam
-    steam-run
+    #steam-run
 
     # extra packages
     dmenu
@@ -149,9 +136,7 @@
     nemo
     file-roller
     firefox-bin
-    ungoogled-chromium # needed for Rider in order to debug WASM
-
-    peek
+    #ungoogled-chromium # needed for Rider in order to debug WASM
 
     unrar-wrapper
 
@@ -170,8 +155,8 @@
     # (dwarf-fortress-packages.dwarf-fortress-full.override { enableStoneSense = true; enableFPS = true; theme = dwarf-fortress-packages.themes.spacefox; })
   ];
 
-  programs.steam.enable = true;
-  programs.steam.gamescopeSession.enable = true;
+  #programs.steam.enable = true;
+  #programs.steam.gamescopeSession.enable = true;
 
   #environment.gnome.excludePackages = [
   #  pkgs.orca
@@ -180,12 +165,11 @@
   #];
   xdg = {
     portal = {
-
       enable = true;
       extraPortals = with pkgs; [
         #xdg-desktop-portal-gtk
         xdg-desktop-portal-xapp
-        (callPackage ../../modules/packages/xdg-desktop-portal-gtk.nix { })
+#        (callPackage ../../modules/packages/xdg-desktop-portal-gtk.nix { })
       ];
       config = {
         common = {
@@ -193,8 +177,6 @@
         };
       };
       xdgOpenUsePortal = true;
-      #gtkUsePortal = true;
-
     };
     #sounds.enable = true;
     #mime.enable = true;
@@ -203,7 +185,7 @@
     #autostart.enable = true;
   };
   fonts = {
-    fonts = with pkgs; [
+    packages = with pkgs; [
       (nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
       noto-fonts-monochrome-emoji
     ];
@@ -229,8 +211,18 @@
   #};
   # };
 
-  virtualisation.libvirtd.enable = true;
-  programs.virt-manager.enable = true;
+  #virtualisation.libvirtd.enable = true;
+  #programs.virt-manager.enable = true;
 
   system.stateVersion = "22.11"; # DO NOT EDIT!
+
+  nixpkgs = {
+    config = {
+      allowUnfree = true;
+      permittedInsecurePackages = [
+        "electron-25.9.0"
+        "olm-3.2.16"
+      ];
+    };
+  };
 }
diff --git a/host/Rory-portable/optional/gui/wayland.nix b/host/Rory-portable/optional/gui/wayland.nix
new file mode 100644
index 0000000..eac6391
--- /dev/null
+++ b/host/Rory-portable/optional/gui/wayland.nix
@@ -0,0 +1,37 @@
+{
+  pkgs,
+  ...
+}:
+
+{
+  programs.sway = {
+    enable = true;
+
+    wrapperFeatures.gtk = true;
+    extraSessionCommands = ''
+      # -- Wayland fixes
+      # SDL:
+      export SDL_VIDEODRIVER=wayland
+      # QT (needs qt5.qtwayland in systemPackages):
+      export QT_QPA_PLATFORM=wayland-egl
+      export QT_WAYLAND_DISABLE_WINDOWDECORATION="1"
+      # Fix for some Java AWT applications (e.g. Android Studio),
+      # use this if they aren't displayed properly:
+      export _JAVA_AWT_WM_NONREPARENTING=1
+    '';
+
+    extraPackages = with pkgs; [
+      swaybg
+      #swayidle
+      #swaylock
+      waybar
+      wl-clipboard
+      grim
+      slurp
+      easyeffects
+      keepassxc
+    ];
+  };
+
+  xdg.portal.wlr.enable = true;
+}
diff --git a/host/Rory-portable/postgres.nix b/host/Rory-portable/postgres.nix
deleted file mode 100755
index 7223f6a..0000000
--- a/host/Rory-portable/postgres.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ pkgs, ... }:
-
-{
-  #systemd.tmpfiles.rules = [  "d /mnt/postgres/data 0750 postgres postgres" ];
-
-  services.postgresql = {
-    enable = true;
-    package = pkgs.postgresql_16;
-    enableTCPIP = true;
-    authentication = pkgs.lib.mkOverride 10 ''
-      # TYPE, DATABASE, USER, ADDRESS, METHOD
-      local all all trust
-      host all all 127.0.0.1/32 trust
-      host all all ::1/128 trust
-      host discordbots discordbots 192.168.1.2/32 trust
-      host matrix-synapse-rory-gay matrix-synapse-rory-gay 192.168.1.5/32 trust
-      host all all 0.0.0.0/0 md5
-    '';
-    # initialScript = pkgs.writeText "backend-initScript" ''
-    #   CREATE ROLE nixcloud WITH LOGIN PASSWORD 'nixcloud' CREATEDB;
-    #   CREATE DATABASE nixcloud;
-    #   GRANT ALL PRIVILEGES ON DATABASE nixcloud TO nixcloud;
-    # '';
-    #dataDir = "/mnt/postgres/data";
-    settings = {
-      "max_connections" = "100";
-      "shared_buffers" = "128MB";
-      "max_wal_size" = "1GB";
-      "min_wal_size" = "80MB";
-    };
-  };
-
-}
diff --git a/host/Rory-portable/printing.nix b/host/Rory-portable/printing.nix
deleted file mode 100644
index f25580f..0000000
--- a/host/Rory-portable/printing.nix
+++ /dev/null
@@ -1,56 +0,0 @@
-{ pkgs, ... }:
-
-{
-  imports = [ ];
-
-  users.users = {
-    Rory = {
-      extraGroups = [
-        "lp"
-        "scanner"
-      ];
-    };
-  };
-
-  environment.systemPackages = with pkgs; [
-    xsane
-    gnome.simple-scan
-  ];
-
-  hardware = {
-    sane.enable = true;
-    sane.extraBackends = [
-      pkgs.hplipWithPlugin
-      pkgs.sane-airscan
-    ];
-  };
-
-  programs.system-config-printer.enable = true;
-
-  services = {
-    gvfs.enable = true;
-    saned.enable = true;
-    system-config-printer.enable = true;
-    ipp-usb.enable = true;
-    printing = {
-      enable = true;
-      browsing = true;
-      drivers = with pkgs; [ hplip ];
-    };
-    avahi = {
-      enable = true;
-      nssmdns = true;
-      reflector = true;
-      publish = {
-        workstation = true;
-        userServices = true;
-        hinfo = true;
-        enable = true;
-        domain = true;
-        addresses = true;
-      };
-    };
-  };
-
-  system.stateVersion = "22.11"; # DO NOT EDIT!
-}

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-21 09:06:11 +0000