diff options
117 files changed, 2413 insertions, 2027 deletions
diff --git a/data/domain_lists/airelle.nix b/data/domain_lists/airelle.nix index a1a7e4c..5c5dfe5 100644 --- a/data/domain_lists/airelle.nix +++ b/data/domain_lists/airelle.nix @@ -1,16 +1,16 @@ { - domains = - builtins.filter (x: x != "" && x != [] && x != null) - (builtins.split "\n" (builtins.readFile ./airelle/ads.domains.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/ads.hosts.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/malware.domains.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/malware.hosts.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/miscellaneous.domains.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/miscellaneous.hosts.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/phishing.domains.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/phishing.hosts.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/porn.domains.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/porn.hosts.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/trackers.domains.list) - ++ builtins.split "\n" (builtins.readFile ./airelle/trackers.hosts.list)); -} \ No newline at end of file + domains = builtins.filter (x: x != "" && x != [ ] && x != null) ( + builtins.split "\n" (builtins.readFile ./airelle/ads.domains.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/ads.hosts.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/malware.domains.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/malware.hosts.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/miscellaneous.domains.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/miscellaneous.hosts.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/phishing.domains.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/phishing.hosts.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/porn.domains.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/porn.hosts.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/trackers.domains.list) + ++ builtins.split "\n" (builtins.readFile ./airelle/trackers.hosts.list) + ); +} diff --git a/flake.nix b/flake.nix index 0f2e89a..f72ff9c 100755 --- a/flake.nix +++ b/flake.nix @@ -45,115 +45,123 @@ }; }; - outputs = inputs: with inputs; { - nixosConfigurations = { - #NIXPKGS FORK - Rory-nginx = nixpkgs-rory.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./host/Rory-nginx/configuration.nix - ./hardware-configuration.nix - home-manager.nixosModules.home-manager - grapevine.nixosModules.default - ]; - specialArgs = { - inherit botcore-v4; - inherit home-manager; - inherit grapevine; - inherit conduit; - #inherit conduwuit; + outputs = + inputs: with inputs; { + nixosConfigurations = { + #NIXPKGS FORK + Rory-nginx = nixpkgs-rory.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./host/Rory-nginx/configuration.nix + ./hardware-configuration.nix + home-manager.nixosModules.home-manager + grapevine.nixosModules.default + ]; + specialArgs = { + inherit botcore-v4; + inherit home-manager; + inherit grapevine; + inherit conduit; + #inherit conduwuit; + }; }; - }; - #UNSTABLE - Rory-devenv = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./host/Rory-devenv/configuration.nix - ./hardware-configuration.nix - home-manager.nixosModules.home-manager - ]; - specialArgs = { - inherit home-manager; + #UNSTABLE + Rory-devenv = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./host/Rory-devenv/configuration.nix + ./hardware-configuration.nix + home-manager.nixosModules.home-manager + ]; + specialArgs = { + inherit home-manager; + }; }; - }; - Rory-desktop = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./host/Rory-desktop/configuration.nix - ./hardware-configuration.nix - home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops - ({...}: { - nix = { - registry.nixpkgs.flake = nixpkgs; - nixPath = [ - "nixpkgs=${nixpkgs.outPath}" - ]; - }; - }) - ]; - specialArgs = { - inherit home-manager; - inherit (inputs) mtxclientSrc; - inherit (inputs) nhekoSrc; + Rory-desktop = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./host/Rory-desktop/configuration.nix + ./hardware-configuration.nix + home-manager.nixosModules.home-manager + sops-nix.nixosModules.sops + ( + { ... }: + { + nix = { + registry.nixpkgs.flake = nixpkgs; + nixPath = [ "nixpkgs=${nixpkgs.outPath}" ]; + }; + } + ) + ]; + specialArgs = { + inherit home-manager; + inherit (inputs) mtxclientSrc; + inherit (inputs) nhekoSrc; + }; }; - }; - Rory-portable = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./host/Rory-portable/configuration.nix - ./hardware-configuration.nix - home-manager.nixosModules.home-manager - ({...}: { - nix = { - registry.nixpkgs.flake = nixpkgs; - nixPath = [ - "nixpkgs=${nixpkgs.outPath}" - ]; - }; - }) - # ... add this line to the rest of your configuration modules - #nix-ld.nixosModules.nix-ld + Rory-portable = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./host/Rory-portable/configuration.nix + ./hardware-configuration.nix + home-manager.nixosModules.home-manager + ( + { ... }: + { + nix = { + registry.nixpkgs.flake = nixpkgs; + nixPath = [ "nixpkgs=${nixpkgs.outPath}" ]; + }; + } + ) + # ... add this line to the rest of your configuration modules + #nix-ld.nixosModules.nix-ld - # The module in this repository defines a new module under (programs.nix-ld.dev) instead of (programs.nix-ld) - # to not collide with the nixpkgs version. - #{ programs.nix-ld.dev.enable = true; } - ]; - specialArgs = { - inherit home-manager; - inherit (inputs) mtxclientSrc; - inherit (inputs) nhekoSrc; + # The module in this repository defines a new module under (programs.nix-ld.dev) instead of (programs.nix-ld) + # to not collide with the nixpkgs version. + #{ programs.nix-ld.dev.enable = true; } + ]; + specialArgs = { + inherit home-manager; + inherit (inputs) mtxclientSrc; + inherit (inputs) nhekoSrc; + }; }; - }; - #STABLE - RoryNix = nixpkgs-RoryNix.lib.nixosSystem { - system = "i686-linux"; - modules = [ - ./host/RoryNix/configuration.nix - ./hardware-configuration.nix - ({...}: { nix.registry.nixpkgs.flake = nixpkgs-RoryNix; }) - ]; - }; + #STABLE + RoryNix = nixpkgs-RoryNix.lib.nixosSystem { + system = "i686-linux"; + modules = [ + ./host/RoryNix/configuration.nix + ./hardware-configuration.nix + ( + { ... }: + { + nix.registry.nixpkgs.flake = nixpkgs-RoryNix; + } + ) + ]; + }; - #WSL - Rory-wsl = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - nixos-wsl.nixosModules.default - ./host/Rory-wsl/configuration.nix -# ./hardware-configuration.nix - home-manager.nixosModules.home-manager - #nur.nixosModules.nur - ]; - specialArgs = { - inherit (inputs) mtxclientSrc; - inherit (inputs) nhekoSrc; + #WSL + Rory-wsl = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + nixos-wsl.nixosModules.default + ./host/Rory-wsl/configuration.nix + # ./hardware-configuration.nix + home-manager.nixosModules.home-manager + #nur.nixosModules.nur + ]; + specialArgs = { + inherit (inputs) mtxclientSrc; + inherit (inputs) nhekoSrc; + }; }; }; }; - }; } diff --git a/host/Rory-desktop/configuration.nix b/host/Rory-desktop/configuration.nix index 756a894..73b361f 100644 --- a/host/Rory-desktop/configuration.nix +++ b/host/Rory-desktop/configuration.nix @@ -1,26 +1,32 @@ -args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +args@{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ - # base imports - ../../modules/base-client.nix - # (import ../../modules/base-secrets.nix { path = "/home/rory/.config/sops/config.yaml"; }) - ../../modules/packages/vim.nix -# ../../modules/environments/home.nix - ../../modules/software-templates/profilers.nix - ./postgres.nix - ./nginx.nix - - # hardware-specific imports - ./optional/hardware-specific/amd.nix - - ./optional/gui/x11.nix - ./optional/gui/wayland.nix - - #./printing.nix - ./ollama.nix - ]; + imports = [ + # base imports + ../../modules/base-client.nix + # (import ../../modules/base-secrets.nix { path = "/home/rory/.config/sops/config.yaml"; }) + ../../modules/packages/vim.nix + # ../../modules/environments/home.nix + ../../modules/software-templates/profilers.nix + ./postgres.nix + ./nginx.nix + + # hardware-specific imports + ./optional/hardware-specific/amd.nix + + ./optional/gui/x11.nix + ./optional/gui/wayland.nix + + #./printing.nix + ./ollama.nix + ]; boot = { kernelPackages = pkgs.linuxPackages_latest; @@ -63,10 +69,12 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: # allowedUDPPorts = [ ... ]; }; - interfaces.enp34s0.ipv4.addresses = [ { - address = "192.168.0.3"; - prefixLength = 24; - } ]; + interfaces.enp34s0.ipv4.addresses = [ + { + address = "192.168.0.3"; + prefixLength = 24; + } + ]; defaultGateway = "192.168.0.1"; # useDHCP = true; @@ -85,14 +93,14 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: wacom.enable = true; }; libinput.enable = true; - + openssh = { enable = true; extraConfig = '' MaxAuthTries 32 - ''; + ''; settings.PermitRootLogin = "yes"; - }; + }; pipewire = { enable = true; audio.enable = true; @@ -121,15 +129,14 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: #jetbrains.webstorm #jetbrains.clion github-copilot-intellij-agent - - + dbeaver-bin #insomnia vscode # - Utilities inkscape-with-extensions - gimp #-with-plugins + gimp # -with-plugins # - Languages #dotnet-sdk_7 @@ -159,7 +166,11 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: unrar-wrapper #(schildichat-desktop.override { electron = electron; }) - (callPackage ../../modules/packages/nheko-git.nix { inherit nhekoSrc; inherit mtxclientSrc; voipSupport = false; }) + (callPackage ../../modules/packages/nheko-git.nix { + inherit nhekoSrc; + inherit mtxclientSrc; + voipSupport = false; + }) #(callPackage ../../modules/packages/mc/server/modpack/curseforge/techopolis-2/5.4.nix { }) #vesktop @@ -178,7 +189,7 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: #]; xdg = { portal = { - + enable = true; extraPortals = with pkgs; [ #xdg-desktop-portal-gtk @@ -205,33 +216,26 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) noto-fonts-monochrome-emoji ]; - fontconfig.defaultFonts.monospace = with pkgs; [ - "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" - ]; - fontconfig.defaultFonts.sansSerif = with pkgs; [ - "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" - ]; - fontconfig.defaultFonts.serif = with pkgs; [ - "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" - ]; - fontconfig.defaultFonts.emoji = with pkgs; [ - "freefont" - ]; + fontconfig.defaultFonts.monospace = with pkgs; [ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" ]; + fontconfig.defaultFonts.sansSerif = with pkgs; [ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" ]; + fontconfig.defaultFonts.serif = with pkgs; [ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" ]; + fontconfig.defaultFonts.emoji = with pkgs; [ "freefont" ]; enableDefaultPackages = lib.mkForce false; enableGhostscriptFonts = lib.mkForce false; }; nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; auto-optimise-store = true; }; }; nixpkgs = { config = { allowUnfree = true; - permittedInsecurePackages = [ - "electron-25.9.0" - ]; + permittedInsecurePackages = [ "electron-25.9.0" ]; }; }; @@ -249,17 +253,16 @@ args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: nameserver 8.4.4.8 nameserver 1.1.1.1 nameserver 1.0.0.1 - ''; + ''; - #networking.wireguard.interfaces = { - # wg-KP-Ran = { + #networking.wireguard.interfaces = { + # wg-KP-Ran = { - #}; - # }; + #}; + # }; virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-desktop/mariadb.nix b/host/Rory-desktop/mariadb.nix index 3ebbb0b..758cb3d 100644 --- a/host/Rory-desktop/mariadb.nix +++ b/host/Rory-desktop/mariadb.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.mysql = { @@ -7,4 +12,3 @@ }; } - diff --git a/host/Rory-desktop/nginx.nix b/host/Rory-desktop/nginx.nix index fc2adca..31ec0ea 100644 --- a/host/Rory-desktop/nginx.nix +++ b/host/Rory-desktop/nginx.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services = { @@ -14,26 +19,24 @@ #defaultMimeTypes = ../../../../modules/packages/nginx/mime.types; appendConfig = '' worker_processes 16; - ''; - eventsConfig = '' + ''; + eventsConfig = '' #use kqueue; worker_connections 512; - ''; + ''; appendHttpConfig = '' #sendfile on; disable_symlinks off; ''; - additionalModules = with pkgs.nginxModules; [ - moreheaders - ]; + additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "discord.localhost" = import ./nginx/discord.localhost.nix { inherit pkgs; }; - + }; }; }; systemd.services.nginx.serviceConfig = { - LimitNOFILE=5000000; + LimitNOFILE = 5000000; }; } diff --git a/host/Rory-desktop/nginx/discord.localhost.nix b/host/Rory-desktop/nginx/discord.localhost.nix index 149d2b1..b40e13c 100755 --- a/host/Rory-desktop/nginx/discord.localhost.nix +++ b/host/Rory-desktop/nginx/discord.localhost.nix @@ -8,7 +8,6 @@ # We don't care about certificates around here... sslCertificate = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.cert.pem"; sslCertificateKey = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.key.pem"; - extraConfig = '' autoindex on; diff --git a/host/Rory-desktop/ollama.nix b/host/Rory-desktop/ollama.nix index a302d1c..bae196e 100755 --- a/host/Rory-desktop/ollama.nix +++ b/host/Rory-desktop/ollama.nix @@ -1,7 +1,12 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { -# systemd.tmpfiles.rules = [ "d /data/ollama 0750 ostgres postgres" ]; + # systemd.tmpfiles.rules = [ "d /data/ollama 0750 ostgres postgres" ]; #overlays #nixpkgs.overlays = [ diff --git a/host/Rory-desktop/optional/gui/wayland.nix b/host/Rory-desktop/optional/gui/wayland.nix index 74cb192..fd0cd90 100644 --- a/host/Rory-desktop/optional/gui/wayland.nix +++ b/host/Rory-desktop/optional/gui/wayland.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { programs.sway = { @@ -16,15 +21,15 @@ # use this if they aren't displayed properly: export _JAVA_AWT_WM_NONREPARENTING=1 cp ${../../../../modules/users/Rory/wallpaper.webp} ~/.cache/wallpaper.webp - + ''; #( - #sleep 5 - #${pkgs.swaybg}/bin/swaybg -i ${../../../../modules/users/Rory/wallpaper.webp} - #$ {pkgs.swayidle}/bin/swayidle -w timeout 300 'swaylock -f -i ${../../../../modules/users/Rory/wallpaper.webp}' 'swaymsg "output * dpms off"' - #$ {pkgs.swaylock}/bin/swaylock -f -i ${../../../../modules/users/Rory/wallpaper.webp} - #${pkgs.waybar}/bin/waybar - #) & + #sleep 5 + #${pkgs.swaybg}/bin/swaybg -i ${../../../../modules/users/Rory/wallpaper.webp} + #$ {pkgs.swayidle}/bin/swayidle -w timeout 300 'swaylock -f -i ${../../../../modules/users/Rory/wallpaper.webp}' 'swaymsg "output * dpms off"' + #$ {pkgs.swaylock}/bin/swaylock -f -i ${../../../../modules/users/Rory/wallpaper.webp} + #${pkgs.waybar}/bin/waybar + #) & extraPackages = with pkgs; [ swaybg @@ -40,4 +45,3 @@ }; } - diff --git a/host/Rory-desktop/optional/gui/x11.nix b/host/Rory-desktop/optional/gui/x11.nix index 0f55862..9070298 100644 --- a/host/Rory-desktop/optional/gui/x11.nix +++ b/host/Rory-desktop/optional/gui/x11.nix @@ -1,8 +1,14 @@ -{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ ]; + imports = [ ]; services = { xserver = { @@ -28,4 +34,3 @@ }; } - diff --git a/host/Rory-desktop/optional/hardware-specific/amd.nix b/host/Rory-desktop/optional/hardware-specific/amd.nix index 45bea66..3ae47d2 100644 --- a/host/Rory-desktop/optional/hardware-specific/amd.nix +++ b/host/Rory-desktop/optional/hardware-specific/amd.nix @@ -1,10 +1,16 @@ -{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ ]; + imports = [ ]; -boot.initrd.kernelModules = [ "amdgpu" ]; + boot.initrd.kernelModules = [ "amdgpu" ]; services = { xserver = { @@ -28,16 +34,11 @@ boot.initrd.kernelModules = [ "amdgpu" ]; rocmPackages.clr.icd amdvlk ]; - extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk - ]; + extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; }; }; - systemd.tmpfiles.rules = [ - "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" - ]; + systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" ]; system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-desktop/optional/hardware-specific/nvidia.nix b/host/Rory-desktop/optional/hardware-specific/nvidia.nix index 66b328f..c146c3a 100644 --- a/host/Rory-desktop/optional/hardware-specific/nvidia.nix +++ b/host/Rory-desktop/optional/hardware-specific/nvidia.nix @@ -1,17 +1,22 @@ -{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ - - ]; + imports = [ + ]; services = { xserver = { - videoDrivers = ["nvidia"]; + videoDrivers = [ "nvidia" ]; #windowManager.i3.extraSessionCommands = '' - # todo: restore + # todo: restore #''; }; picom.backend = "glx"; @@ -37,4 +42,3 @@ system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-desktop/postgres.nix b/host/Rory-desktop/postgres.nix index e1e4432..60fd8d6 100755 --- a/host/Rory-desktop/postgres.nix +++ b/host/Rory-desktop/postgres.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { #systemd.tmpfiles.rules = [ "d /mnt/postgres/data 0750 postgres postgres" ]; @@ -31,4 +36,3 @@ }; } - diff --git a/host/Rory-desktop/printing.nix b/host/Rory-desktop/printing.nix index fd33aaa..2480610 100644 --- a/host/Rory-desktop/printing.nix +++ b/host/Rory-desktop/printing.nix @@ -1,11 +1,19 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ ]; users.users = { Rory = { - extraGroups = [ "lp" "scanner" ]; + extraGroups = [ + "lp" + "scanner" + ]; }; }; @@ -16,7 +24,10 @@ hardware = { sane.enable = true; - sane.extraBackends = [ pkgs.hplipWithPlugin pkgs.sane-airscan ]; + sane.extraBackends = [ + pkgs.hplipWithPlugin + pkgs.sane-airscan + ]; }; programs.system-config-printer.enable = true; @@ -48,4 +59,3 @@ system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-devenv/configuration.nix b/host/Rory-devenv/configuration.nix index 108ff82..f361ed1 100755 --- a/host/Rory-devenv/configuration.nix +++ b/host/Rory-devenv/configuration.nix @@ -1,24 +1,31 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - ../../modules/base-server.nix - ./software.nix - ]; + imports = [ + ../../modules/base-server.nix + ./software.nix + ]; networking = { hostName = "Rory-devenv"; - interfaces.ens18.ipv4.addresses = [ { - address = "192.168.1.254"; - prefixLength = 24; - } ]; - interfaces.ens19.ipv4.addresses = [ { - address = "10.10.10.254"; - prefixLength = 16; - } ]; + interfaces.ens18.ipv4.addresses = [ + { + address = "192.168.1.254"; + prefixLength = 24; + } + ]; + interfaces.ens19.ipv4.addresses = [ + { + address = "10.10.10.254"; + prefixLength = 16; + } + ]; }; system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-devenv/software.nix b/host/Rory-devenv/software.nix index 63aed74..afcc751 100755 --- a/host/Rory-devenv/software.nix +++ b/host/Rory-devenv/software.nix @@ -1,12 +1,14 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - ../../modules/base-server.nix - ]; + imports = [ ../../modules/base-server.nix ]; - systemd.tmpfiles.rules = [ "d /data/pg 0750 postgres postgres" ]; + systemd.tmpfiles.rules = [ "d /data/pg 0750 postgres postgres" ]; services = { postgresql = { @@ -40,7 +42,15 @@ desktopManager.plasma5 = { enable = true; #phonon-backend = "gstreamer"; - excludePackages = with pkgs.libsForQt5; [ konsole print-manager khelpcenter oxygen okular gwenview elisa ]; + excludePackages = with pkgs.libsForQt5; [ + konsole + print-manager + khelpcenter + oxygen + okular + gwenview + elisa + ]; }; displayManager.sddm.enable = true; displayManager.sddm.autoLogin = { @@ -67,9 +77,6 @@ vscode-with-extensions nodejs ]; - fonts.packages = with pkgs; [ - (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) - ]; + fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) ]; } - diff --git a/host/Rory-fosscord/configuration.nix b/host/Rory-fosscord/configuration.nix index 84c997e..ce93fc2 100755 --- a/host/Rory-fosscord/configuration.nix +++ b/host/Rory-fosscord/configuration.nix @@ -1,24 +1,32 @@ -{ config, pkgs, lib, discord-client-proxy, ... }: +{ + config, + pkgs, + lib, + discord-client-proxy, + ... +}: { - imports = - [ - ../../modules/base-server.nix - ./software.nix - ]; + imports = [ + ../../modules/base-server.nix + ./software.nix + ]; networking = { hostName = "Rory-fosscord"; - interfaces.ens18.ipv4.addresses = [ { - address = "192.168.1.100"; - prefixLength = 24; - } ]; - interfaces.ens19.ipv4.addresses = [ { - address = "10.10.10.100"; - prefixLength = 16; - } ]; + interfaces.ens18.ipv4.addresses = [ + { + address = "192.168.1.100"; + prefixLength = 24; + } + ]; + interfaces.ens19.ipv4.addresses = [ + { + address = "10.10.10.100"; + prefixLength = 16; + } + ]; }; system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-fosscord/software.nix b/host/Rory-fosscord/software.nix index 231b74d..f58d211 100755 --- a/host/Rory-fosscord/software.nix +++ b/host/Rory-fosscord/software.nix @@ -1,11 +1,16 @@ -{ config, pkgs, lib, discord-client-proxy, ... }: +{ + config, + pkgs, + lib, + discord-client-proxy, + ... +}: { - imports = - [ - ../../modules/base-server.nix - # ./services.nix - discord-client-proxy.modules.proxy - discord-client-proxy.modules.users - ]; -} \ No newline at end of file + imports = [ + ../../modules/base-server.nix + # ./services.nix + discord-client-proxy.modules.proxy + discord-client-proxy.modules.users + ]; +} diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix index 648d8d5..b85a75e 100755 --- a/host/Rory-nginx/configuration.nix +++ b/host/Rory-nginx/configuration.nix @@ -1,43 +1,57 @@ -{ config, pkgs, lib, grapevine, conduit, conduwuit, ... }: +{ + config, + pkgs, + lib, + grapevine, + conduit, + conduwuit, + ... +}: { - imports = - [ - ../../modules/base-server.nix - ../../modules/users/levi.nix - ../../modules/users/db2k.nix - ../../modules/users/ks.nix - ../../modules/users/Alice.nix + imports = [ + ../../modules/base-server.nix + ../../modules/users/levi.nix + ../../modules/users/db2k.nix + ../../modules/users/ks.nix + ../../modules/users/Alice.nix - ./services/postgres.nix - ./services/discordbots.nix - ./services/matrix/root.nix - ./services/nginx/nginx.nix - #./services/jitsi.nix - ./services/cgit.nix - #./services/ollama.nix - ./services/prometheus.nix - ]; - users.groups.ocp = {}; + ./services/postgres.nix + ./services/discordbots.nix + ./services/matrix/root.nix + ./services/nginx/nginx.nix + #./services/jitsi.nix + ./services/cgit.nix + #./services/ollama.nix + ./services/prometheus.nix + ]; + users.groups.ocp = { }; networking = { hostName = "Rory-nginx"; - interfaces.ens18.ipv4.addresses = [ { - address = "192.168.1.2"; - prefixLength = 24; - } ]; - interfaces.ens19.ipv4.addresses = [ { - address = "10.10.10.2"; - prefixLength = 16; - } ]; + interfaces.ens18.ipv4.addresses = [ + { + address = "192.168.1.2"; + prefixLength = 24; + } + ]; + interfaces.ens19.ipv4.addresses = [ + { + address = "10.10.10.2"; + prefixLength = 16; + } + ]; defaultGateway.interface = "ens18"; -# extraHosts = '' -# 127.0.0.1 rory.gay -# 127.0.0.1 matrix.rory.gay -# 127.0.0.1 conduit.rory.gay -# ''; + # extraHosts = '' + # 127.0.0.1 rory.gay + # 127.0.0.1 matrix.rory.gay + # 127.0.0.1 conduit.rory.gay + # ''; nat = { enable = true; - internalInterfaces = [ "ve-+" "vb-+" ]; + internalInterfaces = [ + "ve-+" + "vb-+" + ]; externalInterface = "ens18"; #enableIPv6 = true; }; diff --git a/host/Rory-nginx/services/cgit.nix b/host/Rory-nginx/services/cgit.nix index dbab79c..72ee221 100644 --- a/host/Rory-nginx/services/cgit.nix +++ b/host/Rory-nginx/services/cgit.nix @@ -1,54 +1,63 @@ -{ config, pkgs, lib, ... }: - -let base_cgit_config = { - enable = true; - nginx.virtualHost = "cgit.rory.gay"; - package = pkgs.cgit-pink; - scanPath = "/data/nginx/html_git"; - settings = { - css = "/cgit.css"; - logo = "/cgit.png"; - favicon = "/favicon.ico"; - readme = ":README.MD"; - about-filter = "${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh"; - source-filter = "${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py"; - clone-url = (lib.concatStringsSep " " [ - "https://cgit.rory.gay/$CGIT_REPO_URL" - "ssh://<user>@git.rory.gay:$CGIT_REPO_URL" - ]); - enable-log-filecount = 1; - enable-log-linecount = 1; - enable-git-config = 1; -#testing - enable-blame = 1; - enable-commit-graph = 1; - enable-follow-links = 1; - enable-http-clone = 1; - enable-index-links = 1; - enable-remote-branches = 1; - enable-subject-links = 1; - enable-tree-linenumbers = 1; - max-atom-items = 100; - max-commit-count = 250; - max-repo-count = 500; - snapshots = "tar.xz"; - #side-by-side-diffs = 1; +{ + config, + pkgs, + lib, + ... +}: +let + base_cgit_config = { + enable = true; + nginx.virtualHost = "cgit.rory.gay"; + package = pkgs.cgit-pink; + scanPath = "/data/nginx/html_git"; + settings = { + css = "/cgit.css"; + logo = "/cgit.png"; + favicon = "/favicon.ico"; + readme = ":README.MD"; + about-filter = "${pkgs.cgit-pink}/lib/cgit/filters/about-formatting.sh"; + source-filter = "${pkgs.cgit-pink}/lib/cgit/filters/syntax-highlighting.py"; + clone-url = ( + lib.concatStringsSep " " [ + "https://cgit.rory.gay/$CGIT_REPO_URL" + "ssh://<user>@git.rory.gay:$CGIT_REPO_URL" + ] + ); + enable-log-filecount = 1; + enable-log-linecount = 1; + enable-git-config = 1; + #testing + enable-blame = 1; + enable-commit-graph = 1; + enable-follow-links = 1; + enable-http-clone = 1; + enable-index-links = 1; + enable-remote-branches = 1; + enable-subject-links = 1; + enable-tree-linenumbers = 1; + max-atom-items = 100; + max-commit-count = 250; + max-repo-count = 500; + snapshots = "tar.xz"; + #side-by-side-diffs = 1; - root-title = "cgit.rory.gay"; - root-desc = "Rory&s Git Repositories"; + root-title = "cgit.rory.gay"; + root-desc = "Rory&s Git Repositories"; + }; }; -}; in { +in +{ services.cgit."main" = base_cgit_config; services.cgit."ocp" = lib.attrsets.recursiveUpdate base_cgit_config { scanPath = "/data/nginx/html_git/.ocp"; nginx.location = "/.ocp/"; - settings.clone-url = (lib.concatStringsSep " " [ - "https://cgit.rory.gay/.ocp/$CGIT_REPO_URL" - "ssh://<user>@git.rory.gay:.ocp/$CGIT_REPO_URL" - ]); + settings.clone-url = ( + lib.concatStringsSep " " [ + "https://cgit.rory.gay/.ocp/$CGIT_REPO_URL" + "ssh://<user>@git.rory.gay:.ocp/$CGIT_REPO_URL" + ] + ); }; } - - diff --git a/host/Rory-nginx/services/containers/matrixunittests-conduit/container.nix b/host/Rory-nginx/services/containers/matrixunittests-conduit/container.nix index 28309b5..08e6760 100755 --- a/host/Rory-nginx/services/containers/matrixunittests-conduit/container.nix +++ b/host/Rory-nginx/services/containers/matrixunittests-conduit/container.nix @@ -1,26 +1,41 @@ -{ pkgs, lib, conduit, ... }: +{ + pkgs, + lib, + conduit, + ... +}: { privateNetwork = true; autoStart = true; specialArgs = { inherit conduit; - }; - config = { lib, pkgs, conduit, ... }: { - imports = [ ./root.nix ]; - environment.etc."resolv.conf".text = '' - nameserver 8.8.8.8 - nameserver 8.4.4.8 - nameserver 1.1.1.1 - nameserver 1.0.0.1 + }; + config = + { + lib, + pkgs, + conduit, + ... + }: + { + imports = [ ./root.nix ]; + environment.etc."resolv.conf".text = '' + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 ''; - networking.firewall = { - enable = true; - allowedTCPPorts = [ 80 5432 ]; + networking.firewall = { + enable = true; + allowedTCPPorts = [ + 80 + 5432 + ]; + }; }; - }; hostAddress = "192.168.100.14"; localAddress = "192.168.100.15"; hostAddress6 = "fc00::5"; localAddress6 = "fc00::6"; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/containers/matrixunittests-conduit/root.nix b/host/Rory-nginx/services/containers/matrixunittests-conduit/root.nix index c248559..a9929d2 100755 --- a/host/Rory-nginx/services/containers/matrixunittests-conduit/root.nix +++ b/host/Rory-nginx/services/containers/matrixunittests-conduit/root.nix @@ -1,12 +1,17 @@ -{ config, pkgs, lib, conduit, ... }: +{ + config, + pkgs, + lib, + conduit, + ... +}: { - imports = - [ - ./services/nginx.nix - ./services/conduit.nix - ./services/pantalaimon.nix - ]; + imports = [ + ./services/nginx.nix + ./services/conduit.nix + ./services/pantalaimon.nix + ]; environment.systemPackages = with pkgs; [ wget @@ -27,4 +32,4 @@ dig cloud-utils ]; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/containers/matrixunittests-conduit/services/conduit.nix b/host/Rory-nginx/services/containers/matrixunittests-conduit/services/conduit.nix index e01b1d0..6713b26 100755 --- a/host/Rory-nginx/services/containers/matrixunittests-conduit/services/conduit.nix +++ b/host/Rory-nginx/services/containers/matrixunittests-conduit/services/conduit.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, conduit, ... }: +{ + config, + pkgs, + lib, + conduit, + ... +}: { services.matrix-conduit = { @@ -18,4 +24,3 @@ }; }; } - diff --git a/host/Rory-nginx/services/containers/matrixunittests-conduit/services/nginx.nix b/host/Rory-nginx/services/containers/matrixunittests-conduit/services/nginx.nix index a33c784..0678047 100755 --- a/host/Rory-nginx/services/containers/matrixunittests-conduit/services/nginx.nix +++ b/host/Rory-nginx/services/containers/matrixunittests-conduit/services/nginx.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services = { @@ -13,22 +18,20 @@ recommendedOptimisation = true; appendConfig = '' worker_processes 16; - ''; - eventsConfig = '' + ''; + eventsConfig = '' #use kqueue; worker_connections 512; - ''; + ''; appendHttpConfig = '' #sendfile on; disable_symlinks off; ''; - additionalModules = with pkgs.nginxModules; [ - moreheaders - ]; + additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "conduit.matrixunittests.rory.gay" = { locations."/" = { - proxyPass = "http://127.0.0.1:6167"; + proxyPass = "http://127.0.0.1:6167"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; @@ -50,23 +53,19 @@ locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.server" = "conduit.matrixunittests.rory.gay:443"; - }}'; - ''; + return 200 '${builtins.toJSON { "m.server" = "conduit.matrixunittests.rory.gay:443"; }}'; + ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.homeserver".base_url = "https://conduit.matrixunittests.rory.gay"; - } - }'; - ''; + return 200 '${builtins.toJSON { "m.homeserver".base_url = "https://conduit.matrixunittests.rory.gay"; }}'; + ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ + return 200 '${ + builtins.toJSON { + admins = [ { matrix_id = "@emma:rory.gay"; role = "admin"; @@ -92,7 +91,7 @@ }; }; systemd.services.nginx.serviceConfig = { - LimitNOFILE=5000000; + LimitNOFILE = 5000000; }; security.acme.acceptTerms = true; security.acme.defaults.email = "root@rory.gay"; diff --git a/host/Rory-nginx/services/containers/matrixunittests-conduit/services/pantalaimon.nix b/host/Rory-nginx/services/containers/matrixunittests-conduit/services/pantalaimon.nix index b5f7f77..da95e76 100755 --- a/host/Rory-nginx/services/containers/matrixunittests-conduit/services/pantalaimon.nix +++ b/host/Rory-nginx/services/containers/matrixunittests-conduit/services/pantalaimon.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.pantalaimon-headless = { @@ -13,4 +18,3 @@ }; } - diff --git a/host/Rory-nginx/services/containers/matrixunittests/container.nix b/host/Rory-nginx/services/containers/matrixunittests/container.nix index 597b1cf..5273b4e 100755 --- a/host/Rory-nginx/services/containers/matrixunittests/container.nix +++ b/host/Rory-nginx/services/containers/matrixunittests/container.nix @@ -1,26 +1,41 @@ -{ pkgs, lib, conduit, ... }: +{ + pkgs, + lib, + conduit, + ... +}: { privateNetwork = true; autoStart = true; specialArgs = { inherit conduit; - }; - config = { lib, pkgs, conduit, ... }: { - imports = [ ./root.nix ]; - environment.etc."resolv.conf".text = '' - nameserver 8.8.8.8 - nameserver 8.4.4.8 - nameserver 1.1.1.1 - nameserver 1.0.0.1 + }; + config = + { + lib, + pkgs, + conduit, + ... + }: + { + imports = [ ./root.nix ]; + environment.etc."resolv.conf".text = '' + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 ''; - networking.firewall = { - enable = true; - allowedTCPPorts = [ 80 5432 ]; + networking.firewall = { + enable = true; + allowedTCPPorts = [ + 80 + 5432 + ]; + }; }; - }; hostAddress = "192.168.100.12"; localAddress = "192.168.100.13"; hostAddress6 = "fc00::3"; localAddress6 = "fc00::4"; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/containers/matrixunittests/root.nix b/host/Rory-nginx/services/containers/matrixunittests/root.nix index c248559..a9929d2 100755 --- a/host/Rory-nginx/services/containers/matrixunittests/root.nix +++ b/host/Rory-nginx/services/containers/matrixunittests/root.nix @@ -1,12 +1,17 @@ -{ config, pkgs, lib, conduit, ... }: +{ + config, + pkgs, + lib, + conduit, + ... +}: { - imports = - [ - ./services/nginx.nix - ./services/conduit.nix - ./services/pantalaimon.nix - ]; + imports = [ + ./services/nginx.nix + ./services/conduit.nix + ./services/pantalaimon.nix + ]; environment.systemPackages = with pkgs; [ wget @@ -27,4 +32,4 @@ dig cloud-utils ]; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix b/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix index e07dad3..573075e 100755 --- a/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix +++ b/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, conduit, ... }: +{ + config, + pkgs, + lib, + conduit, + ... +}: { services.matrix-conduit = { @@ -21,7 +27,7 @@ systemd.services.matrix-conduit-reg-token = { enable = true; description = "Random registration token for Conduit."; - wantedBy = ["conduit.service"]; # So the registration can be used by Conduit. + wantedBy = [ "conduit.service" ]; # So the registration can be used by Conduit. script = '' rm -rfv /var/lib/matrix-conduit/* @@ -36,4 +42,3 @@ }; } - diff --git a/host/Rory-nginx/services/containers/matrixunittests/services/nginx.nix b/host/Rory-nginx/services/containers/matrixunittests/services/nginx.nix index d6697be..98d2e52 100755 --- a/host/Rory-nginx/services/containers/matrixunittests/services/nginx.nix +++ b/host/Rory-nginx/services/containers/matrixunittests/services/nginx.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services = { @@ -13,22 +18,20 @@ recommendedOptimisation = true; appendConfig = '' worker_processes 16; - ''; - eventsConfig = '' + ''; + eventsConfig = '' #use kqueue; worker_connections 512; - ''; + ''; appendHttpConfig = '' #sendfile on; disable_symlinks off; ''; - additionalModules = with pkgs.nginxModules; [ - moreheaders - ]; + additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "matrixunittests.rory.gay" = { locations."/" = { - proxyPass = "http://127.0.0.1:6167"; + proxyPass = "http://127.0.0.1:6167"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; @@ -50,23 +53,19 @@ locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.server" = "matrixunittests.rory.gay:443"; - }}'; - ''; + return 200 '${builtins.toJSON { "m.server" = "matrixunittests.rory.gay:443"; }}'; + ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.homeserver".base_url = "https://matrixunittests.rory.gay"; - } - }'; - ''; + return 200 '${builtins.toJSON { "m.homeserver".base_url = "https://matrixunittests.rory.gay"; }}'; + ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ + return 200 '${ + builtins.toJSON { + admins = [ { matrix_id = "@emma:rory.gay"; role = "admin"; @@ -92,7 +91,7 @@ }; }; systemd.services.nginx.serviceConfig = { - LimitNOFILE=5000000; + LimitNOFILE = 5000000; }; security.acme.acceptTerms = true; security.acme.defaults.email = "root@rory.gay"; diff --git a/host/Rory-nginx/services/containers/matrixunittests/services/pantalaimon.nix b/host/Rory-nginx/services/containers/matrixunittests/services/pantalaimon.nix index b5f7f77..da95e76 100755 --- a/host/Rory-nginx/services/containers/matrixunittests/services/pantalaimon.nix +++ b/host/Rory-nginx/services/containers/matrixunittests/services/pantalaimon.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.pantalaimon-headless = { @@ -13,4 +18,3 @@ }; } - diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix index f1ddb3f..4ddffeb 100755 --- a/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/container.nix @@ -1,26 +1,38 @@ -{ pkgs, lib, conduit, ... }: +{ + pkgs, + lib, + conduit, + ... +}: { privateNetwork = true; autoStart = true; specialArgs = { inherit conduit; - }; - config = { lib, pkgs, conduit, ... }: { - imports = [ ./root.nix ]; - environment.etc."resolv.conf".text = '' - nameserver 8.8.8.8 - nameserver 8.4.4.8 - nameserver 1.1.1.1 - nameserver 1.0.0.1 + }; + config = + { + lib, + pkgs, + conduit, + ... + }: + { + imports = [ ./root.nix ]; + environment.etc."resolv.conf".text = '' + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 ''; - networking.firewall = { - enable = true; - allowedTCPPorts = [ 80 ]; + networking.firewall = { + enable = true; + allowedTCPPorts = [ 80 ]; + }; }; - }; hostAddress = "192.168.100.10"; localAddress = "192.168.100.11"; hostAddress6 = "fc00::1"; localAddress6 = "fc00::2"; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix index c248559..a9929d2 100755 --- a/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/root.nix @@ -1,12 +1,17 @@ -{ config, pkgs, lib, conduit, ... }: +{ + config, + pkgs, + lib, + conduit, + ... +}: { - imports = - [ - ./services/nginx.nix - ./services/conduit.nix - ./services/pantalaimon.nix - ]; + imports = [ + ./services/nginx.nix + ./services/conduit.nix + ./services/pantalaimon.nix + ]; environment.systemPackages = with pkgs; [ wget @@ -27,4 +32,4 @@ dig cloud-utils ]; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/conduit.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/conduit.nix index 069b055..bbc042c 100755 --- a/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/conduit.nix +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/conduit.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, conduit, ... }: +{ + config, + pkgs, + lib, + conduit, + ... +}: { services.matrix-conduit = { @@ -18,7 +24,7 @@ systemd.services.matrix-conduit-reg-token = { enable = true; description = "Random registration token for Conduit."; - wantedBy = ["conduit.service"]; # So the registration can be used by Conduit. + wantedBy = [ "conduit.service" ]; # So the registration can be used by Conduit. script = '' reg_token=`cat /dev/urandom | tr -dc a-zA-Z0-9 | head -c 256` @@ -37,4 +43,3 @@ }; } - diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/nginx.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/nginx.nix index 9ec08fd..0f9fad4 100755 --- a/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/nginx.nix +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/nginx.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services = { @@ -13,22 +18,20 @@ recommendedOptimisation = true; appendConfig = '' worker_processes 16; - ''; - eventsConfig = '' + ''; + eventsConfig = '' #use kqueue; worker_connections 512; - ''; + ''; appendHttpConfig = '' #sendfile on; disable_symlinks off; ''; - additionalModules = with pkgs.nginxModules; [ - moreheaders - ]; + additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "pcpoc.rory.gay" = { locations."/" = { - proxyPass = "http://127.0.0.1:6167"; + proxyPass = "http://127.0.0.1:6167"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; @@ -50,23 +53,19 @@ locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.server" = "pcpoc.rory.gay:443"; - }}'; - ''; + return 200 '${builtins.toJSON { "m.server" = "pcpoc.rory.gay:443"; }}'; + ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.homeserver".base_url = "https://pcpoc.rory.gay"; - } - }'; - ''; + return 200 '${builtins.toJSON { "m.homeserver".base_url = "https://pcpoc.rory.gay"; }}'; + ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ + return 200 '${ + builtins.toJSON { + admins = [ { matrix_id = "@emma:rory.gay"; role = "admin"; @@ -92,7 +91,7 @@ }; }; systemd.services.nginx.serviceConfig = { - LimitNOFILE=5000000; + LimitNOFILE = 5000000; }; security.acme.acceptTerms = true; security.acme.defaults.email = "root@rory.gay"; diff --git a/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/pantalaimon.nix b/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/pantalaimon.nix index b5f7f77..da95e76 100755 --- a/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/pantalaimon.nix +++ b/host/Rory-nginx/services/containers/pluralcontactbotpoc/services/pantalaimon.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.pantalaimon-headless = { @@ -13,4 +18,3 @@ }; } - diff --git a/host/Rory-nginx/services/discordbots.nix b/host/Rory-nginx/services/discordbots.nix index 93622e7..1183807 100755 --- a/host/Rory-nginx/services/discordbots.nix +++ b/host/Rory-nginx/services/discordbots.nix @@ -1,12 +1,17 @@ -{ config, pkgs, lib, botcore-v4, ... }: +{ + config, + pkgs, + lib, + botcore-v4, + ... +}: { - imports = - [ - botcore-v4.modules.bots - botcore-v4.modules.frontend - botcore-v4.modules.dataupdater - botcore-v4.modules.users - ]; + imports = [ + botcore-v4.modules.bots + botcore-v4.modules.frontend + botcore-v4.modules.dataupdater + botcore-v4.modules.users + ]; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/jitsi.nix b/host/Rory-nginx/services/jitsi.nix index 02b0af9..29f6a9e 100755 --- a/host/Rory-nginx/services/jitsi.nix +++ b/host/Rory-nginx/services/jitsi.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.jitsi-videobridge.openFirewall = true; @@ -6,261 +11,265 @@ enable = true; nginx.enable = true; hostName = "jitsi.rory.gay"; -# interfaceConfig = { -# APP_NAME = "Rory&'s Jitsi Meet Instance"; -# AUDIO_LEVEL_PRIMARY_COLOR = "rgba(255,0,255,0.5)"; -# AUDIO_LEVEL_SECONDARY_COLOR = "rgba(255,0,255,0.25)"; -# AUTO_PIN_LATEST_SCREEN_SHARE = true; -# BRAND_WATERMARK_LINK = "https://rory.gay"; -# CLOSE_PAGE_GUEST_HINT = false; -# DEFAULT_BACKGROUND = "#000000"; -# DEFAULT_WELCOME_PAGE_LOGO_URL = ""; -# DISABLE_DOMINANT_SPEAKER_INDICATOR = true; -# DISABLE_JOIN_LEAVE_NOTIFICATIONS = true; -# DISABLE_PRESENCE_STATUS = true; -# DISABLE_TRANSCRIPTION_SUBTITLES = true; -# DISABLE_VIDEO_BACKGROUND = true; -# DISABLE_WELCOME_FOOTER = false; -# DISPLAY_WELCOME_PAGE_ADDITIONAL_CARD = false; -# DISPLAY_WELCOME_PAGE_CONTENT = false; -# DISPLAY_WELCOME_PAGE_TOOLBAR_ADDITIONAL_CONTENT = false; -# ENABLE_DIAL_OUT = false; -# FILM_STRIP_MAX_HEIGHT = 80; -# HIDE_INVITE_MORE_HEADER = true; -# JITSI_WATERMARK_LINK = ""; -# LANG_DETECTION = false; -# LOCAL_THUMBNAIL_RATIO = 16 / 9; -# MAXIMUM_ZOOMING_COEFFICIENT = 2; -# MOBILE_APP_PROMO = false; -# OPTIMAL_BROWSERS = [ "firefox" ]; -# POLICY_LOGO = ""; -# PROVIDER_NAME = "Rory&'s Jitsi Meet Instance"; -# SETTINGS_SECTIONS = [ "devices" "language" "moderator" "profile" "calendar" "sounds" "more" ]; -# SHARING_FEATURES = [ "url" "embed" ]; -# SHOW_BRAND_WATERMARK = true; -# SHOW_CHROME_EXTENSION_BANNER = false; -# SHOW_JITSI_WATERMARK = false; -# SHOW_POWERED_BY = false; -# SHOW_PROMOTIONAL_CLOSE_PAGE = false; -# VERTICAL_FILMSTRIP = true; -# VIDEO_LAYOUT_FIT = "nocrop"; -# VIDEO_QUALITY_LABEL_DISABLED = false; -# }; -# config = { -# #hosts.domain = "jitsi.rory.gay"; -# testing = { -# assumeBandwidth = false; -# noAutoPlayVideo = false; -# callStatsTreshold = 100; -# }; -# disableModeratorIndicator = false; -# disableReactions = false; -# disableReactionsModeration = false; -# disablePolls = false; -# disableSelfView = false; -# disableSelfViewSettings = false; -# screenshotCapture = { -# enabled = true; -# mode = "always"; -# }; -# disableAudioLevels = false; -# audioLevelsInterval = 12; -# enableNoAudioDetection = true; -# enableSaveLogs = false; -# disableShowMoreStats = false; -# enableNoisyMicDetection = false; -# startAudioOnly = false; -# startAudioMuted = 100; -# startSilent = false; -# enableOpusRed = true; -# audioQuality = { -# stereo = false; -# opusMaxAverageBitrate = 51000; -# enableOpusDtx = true; -# }; -# resolution = 720; -# disableRemoveRaisedHandOnFocus = false; -# speakerStats = { -# disabled = false; -# disableSearch = false; -# order = [ -# "role" -# "name" -# "left" -# ]; -# }; -# maxFullResolutionParticipants = 10; -# constraints = { -# video = { -# height = { -# ideal = 720; -# max = 1080; -# min = 144; -# }; -# }; -# }; -# disableSimulcast = false; -# startVideoMuted = 50; -# startWithVideoMuted = false; -# desktopSharingFrameRate = { -# min = 5; -# max = 5; -# }; -# recordingService.enabled = false; -# localRecording = { -# disable = true; -# notifyAllParticipants = true; -# disableSelfRecording = true; -# }; -# transcription.enabled = false; -# connectionIndicators = { -# autoHide = false; -# autoHideTimeout = 5000; -# disabled = false; -# disableDetails = false; -# inactiveDisabled = false; -# }; -# videoQuality = { -# codecPreferenceOrder = [ "VP9" "VP8" "H264" ]; -# maxBitratesVideo = { -# H264 = { -# low = 200000; # 200 kbps -# standard = 500000; # 500 kbps -# high = 700000; # 700 kbps -# }; -# VP8 = { -# low = 200000; # 200 kbps -# standard = 500000; # 500 kbps -# high = 700000; # 700 kbps -# }; -# VP9 = { -# low = 200000; # 200 kbps -# standard = 500000; # 500 kbps -# high = 700000; # 700 kbps -# }; -# }; -# }; -# notificationTimeouts = { -# short = 2000; -# moderate = 4000; -# long = 600; -# }; -# disableRtx = false; -# disableBeforeUnloadHandler = false; -# -# # UI settings -# disableResponsiveTiles = false; -# enableWebHID = true; -# welcomePage = { -# disabled = true; -# customUrl = "https://jitsi.rory.gay/null"; -# }; -# lobby = { -# autoKnock = true; -# enableChat = true; -# }; -# securityUi = { -# hideLobbyButton = false; -# disableLobbyPassword = false; -# }; -# disableShortcuts = true; -# disableInitialGUM = true; -# enableClosePage = false; -# disable1On1Mode = true; -# defaultLocalDisplayName = "User"; -# defaultRemoteDisplayName = "Other User"; -# hideDisplayName = false; -# hideDominantSpeakerBadge = false; -# disableProfile = false; -# hideEmailInSettings = false; -# roomPasswordNumberOfDigits = false; -# enableCalendarIntegration = false; -# prejoinConfig = { -# enabled = true; -# hideDisplayName = false; -# hideExtraJoinButtons = ["by-phone"]; -# }; -# openSharedDocumentOnJoin = false; -# enableInsecureRoomNameWarning = false; -# enableAutomaticUrlCopy = false; -# toolbarButtons = [ -# "camera" -# "chat" -# #"closedcaptions" -# "desktop" -# "download" -# "embedmeeting" -# #"etherpad" -# #"feedback" -# "filmstrip" -# "fullscreen" -# "hangup" -# #"help" -# "highlight" -# "invite" -# #"linktosalesforce" -# "livestreaming" -# "microphone" -# "noisesuppression" -# "participants-pane" -# "profile" -# "raisehand" -# #"recording" -# "security" -# "select-background" -# "settings" -# "shareaudio" -# "sharedvideo" -# "shortcuts" -# "stats" -# "tileview" -# "toggle-camera" -# "videoquality" -# #"whiteboard" -# ]; -# toolbarConfig = { -# alwaysVisible = true; -# }; -# gatherStats = true; -# pcStatsInterval = 1000; -# enableDisplayNameInStats = true; -# feedbackPercentage = 0; -# p2p = { -# enabled = false; -# }; -# analytics.disabled = true; -# remoteVideoMenu = { -# disabled = false; -# disableKick = false; -# disableGrantModerator = false; -# disablePrivateChat = false; -# }; -# disableRemoteMute = false; -# enableLipSync = true; -# participantsPane = { -# hideModeratorSettingsTab = false; -# hideMoreActionsButton = false; -# hideMuteAllButton = false; -# }; -# breakoutRooms = { -# hideAddRoomButton = true; -# hideAutoAssignButton = true; -# hideJoinRoomButton = true; -# }; -# disableVirtualBackground = true; -# disableAddingBackgroundImages = true; -# disableScreensharingVirtualBackground = true; -# backgroundAlpha = 0.5; -# hideConferenceTimer = false; -# hideConferenceSubject = false; -# hideParticipantsStats = false; -# displayJids = true; -# requireDisplayName = true; -# disableChatSmileys = true; -# }; + # interfaceConfig = { + # APP_NAME = "Rory&'s Jitsi Meet Instance"; + # AUDIO_LEVEL_PRIMARY_COLOR = "rgba(255,0,255,0.5)"; + # AUDIO_LEVEL_SECONDARY_COLOR = "rgba(255,0,255,0.25)"; + # AUTO_PIN_LATEST_SCREEN_SHARE = true; + # BRAND_WATERMARK_LINK = "https://rory.gay"; + # CLOSE_PAGE_GUEST_HINT = false; + # DEFAULT_BACKGROUND = "#000000"; + # DEFAULT_WELCOME_PAGE_LOGO_URL = ""; + # DISABLE_DOMINANT_SPEAKER_INDICATOR = true; + # DISABLE_JOIN_LEAVE_NOTIFICATIONS = true; + # DISABLE_PRESENCE_STATUS = true; + # DISABLE_TRANSCRIPTION_SUBTITLES = true; + # DISABLE_VIDEO_BACKGROUND = true; + # DISABLE_WELCOME_FOOTER = false; + # DISPLAY_WELCOME_PAGE_ADDITIONAL_CARD = false; + # DISPLAY_WELCOME_PAGE_CONTENT = false; + # DISPLAY_WELCOME_PAGE_TOOLBAR_ADDITIONAL_CONTENT = false; + # ENABLE_DIAL_OUT = false; + # FILM_STRIP_MAX_HEIGHT = 80; + # HIDE_INVITE_MORE_HEADER = true; + # JITSI_WATERMARK_LINK = ""; + # LANG_DETECTION = false; + # LOCAL_THUMBNAIL_RATIO = 16 / 9; + # MAXIMUM_ZOOMING_COEFFICIENT = 2; + # MOBILE_APP_PROMO = false; + # OPTIMAL_BROWSERS = [ "firefox" ]; + # POLICY_LOGO = ""; + # PROVIDER_NAME = "Rory&'s Jitsi Meet Instance"; + # SETTINGS_SECTIONS = [ "devices" "language" "moderator" "profile" "calendar" "sounds" "more" ]; + # SHARING_FEATURES = [ "url" "embed" ]; + # SHOW_BRAND_WATERMARK = true; + # SHOW_CHROME_EXTENSION_BANNER = false; + # SHOW_JITSI_WATERMARK = false; + # SHOW_POWERED_BY = false; + # SHOW_PROMOTIONAL_CLOSE_PAGE = false; + # VERTICAL_FILMSTRIP = true; + # VIDEO_LAYOUT_FIT = "nocrop"; + # VIDEO_QUALITY_LABEL_DISABLED = false; + # }; + # config = { + # #hosts.domain = "jitsi.rory.gay"; + # testing = { + # assumeBandwidth = false; + # noAutoPlayVideo = false; + # callStatsTreshold = 100; + # }; + # disableModeratorIndicator = false; + # disableReactions = false; + # disableReactionsModeration = false; + # disablePolls = false; + # disableSelfView = false; + # disableSelfViewSettings = false; + # screenshotCapture = { + # enabled = true; + # mode = "always"; + # }; + # disableAudioLevels = false; + # audioLevelsInterval = 12; + # enableNoAudioDetection = true; + # enableSaveLogs = false; + # disableShowMoreStats = false; + # enableNoisyMicDetection = false; + # startAudioOnly = false; + # startAudioMuted = 100; + # startSilent = false; + # enableOpusRed = true; + # audioQuality = { + # stereo = false; + # opusMaxAverageBitrate = 51000; + # enableOpusDtx = true; + # }; + # resolution = 720; + # disableRemoveRaisedHandOnFocus = false; + # speakerStats = { + # disabled = false; + # disableSearch = false; + # order = [ + # "role" + # "name" + # "left" + # ]; + # }; + # maxFullResolutionParticipants = 10; + # constraints = { + # video = { + # height = { + # ideal = 720; + # max = 1080; + # min = 144; + # }; + # }; + # }; + # disableSimulcast = false; + # startVideoMuted = 50; + # startWithVideoMuted = false; + # desktopSharingFrameRate = { + # min = 5; + # max = 5; + # }; + # recordingService.enabled = false; + # localRecording = { + # disable = true; + # notifyAllParticipants = true; + # disableSelfRecording = true; + # }; + # transcription.enabled = false; + # connectionIndicators = { + # autoHide = false; + # autoHideTimeout = 5000; + # disabled = false; + # disableDetails = false; + # inactiveDisabled = false; + # }; + # videoQuality = { + # codecPreferenceOrder = [ "VP9" "VP8" "H264" ]; + # maxBitratesVideo = { + # H264 = { + # low = 200000; # 200 kbps + # standard = 500000; # 500 kbps + # high = 700000; # 700 kbps + # }; + # VP8 = { + # low = 200000; # 200 kbps + # standard = 500000; # 500 kbps + # high = 700000; # 700 kbps + # }; + # VP9 = { + # low = 200000; # 200 kbps + # standard = 500000; # 500 kbps + # high = 700000; # 700 kbps + # }; + # }; + # }; + # notificationTimeouts = { + # short = 2000; + # moderate = 4000; + # long = 600; + # }; + # disableRtx = false; + # disableBeforeUnloadHandler = false; + # + # # UI settings + # disableResponsiveTiles = false; + # enableWebHID = true; + # welcomePage = { + # disabled = true; + # customUrl = "https://jitsi.rory.gay/null"; + # }; + # lobby = { + # autoKnock = true; + # enableChat = true; + # }; + # securityUi = { + # hideLobbyButton = false; + # disableLobbyPassword = false; + # }; + # disableShortcuts = true; + # disableInitialGUM = true; + # enableClosePage = false; + # disable1On1Mode = true; + # defaultLocalDisplayName = "User"; + # defaultRemoteDisplayName = "Other User"; + # hideDisplayName = false; + # hideDominantSpeakerBadge = false; + # disableProfile = false; + # hideEmailInSettings = false; + # roomPasswordNumberOfDigits = false; + # enableCalendarIntegration = false; + # prejoinConfig = { + # enabled = true; + # hideDisplayName = false; + # hideExtraJoinButtons = ["by-phone"]; + # }; + # openSharedDocumentOnJoin = false; + # enableInsecureRoomNameWarning = false; + # enableAutomaticUrlCopy = false; + # toolbarButtons = [ + # "camera" + # "chat" + # #"closedcaptions" + # "desktop" + # "download" + # "embedmeeting" + # #"etherpad" + # #"feedback" + # "filmstrip" + # "fullscreen" + # "hangup" + # #"help" + # "highlight" + # "invite" + # #"linktosalesforce" + # "livestreaming" + # "microphone" + # "noisesuppression" + # "participants-pane" + # "profile" + # "raisehand" + # #"recording" + # "security" + # "select-background" + # "settings" + # "shareaudio" + # "sharedvideo" + # "shortcuts" + # "stats" + # "tileview" + # "toggle-camera" + # "videoquality" + # #"whiteboard" + # ]; + # toolbarConfig = { + # alwaysVisible = true; + # }; + # gatherStats = true; + # pcStatsInterval = 1000; + # enableDisplayNameInStats = true; + # feedbackPercentage = 0; + # p2p = { + # enabled = false; + # }; + # analytics.disabled = true; + # remoteVideoMenu = { + # disabled = false; + # disableKick = false; + # disableGrantModerator = false; + # disablePrivateChat = false; + # }; + # disableRemoteMute = false; + # enableLipSync = true; + # participantsPane = { + # hideModeratorSettingsTab = false; + # hideMoreActionsButton = false; + # hideMuteAllButton = false; + # }; + # breakoutRooms = { + # hideAddRoomButton = true; + # hideAutoAssignButton = true; + # hideJoinRoomButton = true; + # }; + # disableVirtualBackground = true; + # disableAddingBackgroundImages = true; + # disableScreensharingVirtualBackground = true; + # backgroundAlpha = 0.5; + # hideConferenceTimer = false; + # hideConferenceSubject = false; + # hideParticipantsStats = false; + # displayJids = true; + # requireDisplayName = true; + # disableChatSmileys = true; + # }; }; - networking.firewall.allowedTCPPorts = [ 80 443 5349 ]; + networking.firewall.allowedTCPPorts = [ + 80 + 443 + 5349 + ]; networking.firewall.allowedUDPPorts = [ 10000 ]; services.nginx.virtualHosts."jitsi.rory.gay" = { enableACME = true; @@ -270,4 +279,3 @@ system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-nginx/services/matrix/coturn.nix b/host/Rory-nginx/services/matrix/coturn.nix index 427721a..1fed755 100755 --- a/host/Rory-nginx/services/matrix/coturn.nix +++ b/host/Rory-nginx/services/matrix/coturn.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { # coturn (WebRTC) @@ -50,4 +55,3 @@ #}; } - diff --git a/host/Rory-nginx/services/matrix/draupnir.nix b/host/Rory-nginx/services/matrix/draupnir.nix index 65c5a21..f2a8357 100755 --- a/host/Rory-nginx/services/matrix/draupnir.nix +++ b/host/Rory-nginx/services/matrix/draupnir.nix @@ -1,10 +1,15 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { # Alicia - doesnt work yet... until in nixpkgs... services.draupnir = { enable = true; - + pantalaimon = { enable = true; username = "draupnir"; @@ -48,10 +53,9 @@ }; }; -# services.pantalaimon-headless.instances.draupnir = { -# homeserver = "http://localhost:8008"; -# ssl = false; -# }; + # services.pantalaimon-headless.instances.draupnir = { + # homeserver = "http://localhost:8008"; + # ssl = false; + # }; } - diff --git a/host/Rory-nginx/services/matrix/grapevine.nix b/host/Rory-nginx/services/matrix/grapevine.nix index 700c4bb..1cb2e19 100755 --- a/host/Rory-nginx/services/matrix/grapevine.nix +++ b/host/Rory-nginx/services/matrix/grapevine.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.grapevine = { @@ -6,9 +11,9 @@ enable = true; settings = { conduit_compat = true; -# address = "127.0.0.1"; + # address = "127.0.0.1"; server_name = "conduit.rory.gay"; - + listen = [ { type = "tcp"; @@ -30,4 +35,3 @@ }; }; } - diff --git a/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix b/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix index 8c31e10..43c26ca 100755 --- a/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix +++ b/host/Rory-nginx/services/matrix/matrix-appservice-discord.nix @@ -1,8 +1,13 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { # Discord bridge - services.matrix-appservice-discord = { + services.matrix-appservice-discord = { enable = false; # Alicia - figure out secret first... environmentFile = /etc/keyring/matrix-appservice-discord/tokens.env; # The appservice is pre-configured to use SQLite by default. @@ -20,7 +25,6 @@ connString = "postgres://postgres@127.0.0.1/matrix-appservice-discord"; }; }; - }; + }; } - diff --git a/host/Rory-nginx/services/matrix/matrix-media-gate.nix b/host/Rory-nginx/services/matrix/matrix-media-gate.nix index fbec107..7eb599c 100755 --- a/host/Rory-nginx/services/matrix/matrix-media-gate.nix +++ b/host/Rory-nginx/services/matrix/matrix-media-gate.nix @@ -1,4 +1,10 @@ -{ config, pkgs, lib, MatrixMediaGate, ... }: +{ + config, + pkgs, + lib, + MatrixMediaGate, + ... +}: { systemd.services = { @@ -38,4 +44,3 @@ }; }; } - diff --git a/host/Rory-nginx/services/matrix/root.nix b/host/Rory-nginx/services/matrix/root.nix index 3ab3028..87b5cc9 100755 --- a/host/Rory-nginx/services/matrix/root.nix +++ b/host/Rory-nginx/services/matrix/root.nix @@ -1,14 +1,20 @@ -{ config, pkgs, lib, botcore-v4, ... }: +{ + config, + pkgs, + lib, + botcore-v4, + ... +}: { - imports = - [ - ./synapse/synapse-main.nix - ./coturn.nix - ./matrix-appservice-discord.nix - ./draupnir.nix - ./grapevine.nix - #./matrix-media-gate.nix - ]; + imports = [ + ./synapse/synapse-main.nix + ./coturn.nix + ./matrix-appservice-discord.nix + ./draupnir.nix + ./grapevine.nix + ./sliding-sync.nix + #./matrix-media-gate.nix + ]; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/sliding-sync.nix b/host/Rory-nginx/services/matrix/sliding-sync.nix index bb028bd..e35113d 100644 --- a/host/Rory-nginx/services/matrix/sliding-sync.nix +++ b/host/Rory-nginx/services/matrix/sliding-sync.nix @@ -1,12 +1,12 @@ { config }: { - services.matrix-sliding-sync = { - enable = true; - settings = { - "SYNCV3_SERVER" = "http://localhost:8008"; - "SYNCV3_DB" = "postgresql://%2Frun%2Fpostgresql/syncv3"; - "SYNCV3_BINDADDR" = "0.0.0.0:8100"; - }; - environmentFile = "/etc/sliding-sync.env"; + services.matrix-sliding-sync = { + enable = true; + settings = { + "SYNCV3_SERVER" = "http://localhost:8008"; + "SYNCV3_DB" = "postgresql://%2Frun%2Fpostgresql/syncv3"; + "SYNCV3_BINDADDR" = "0.0.0.0:8100"; }; -] \ No newline at end of file + environmentFile = "/etc/sliding-sync.env"; + }; +} diff --git a/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix b/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix index 26c61a1..8bdaf19 100755 --- a/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix +++ b/host/Rory-nginx/services/matrix/synapse/_synapse.monolith.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.matrix-synapse = { @@ -25,7 +30,7 @@ max_long_retry_delay = "30s"; }; - event_cache_size = "1200K"; #defaults to 10K + event_cache_size = "1200K"; # defaults to 10K caches = { global_factor = 5000.0; cache_entry_ttl = "12h"; @@ -41,18 +46,26 @@ # Alicia - figure this out later... #registration_shared_secret = builtins.exec ["cat" "/dev/urandom" "|" "tr" "-dc" "a-zA-Z0-9" "|" "fold" "-w" "256" "|" "head" "-n" "1"]; registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt"; - + listeners = [ - { + { port = 8008; - bind_addresses = [ "192.168.1.2" "127.0.0.1" ]; + bind_addresses = [ + "192.168.1.2" + "127.0.0.1" + ]; type = "http"; tls = false; x_forwarded = true; - resources = [ { - names = [ "client" "federation" ]; - compress = true; - } ]; + resources = [ + { + names = [ + "client" + "federation" + ]; + compress = true; + } + ]; } ]; dynamic_thumbnails = true; @@ -171,42 +184,41 @@ plugins = with pkgs.matrix-synapse-plugins; [ # Alicia - need to port draupnir... #matrix-synapse-mjolnir-antispam -# matrix-synapse-pam + # matrix-synapse-pam ]; -# extraConfigFiles = [ -# (pkgs.writeTextFile { -# name = "matrix-synapse-extra-config.yml"; -# text = '' -# modules: -# - module: "pam_auth_provider.PAMAuthProvider" -# config: -# create_users: true -# skip_user_check: false -# ''; -# }) -# ]; + # extraConfigFiles = [ + # (pkgs.writeTextFile { + # name = "matrix-synapse-extra-config.yml"; + # text = '' + # modules: + # - module: "pam_auth_provider.PAMAuthProvider" + # config: + # create_users: true + # skip_user_check: false + # ''; + # }) + # ]; }; - systemd.services.matrix-synapse-reg-token = { - description = "Random registration token for Synapse."; - before = ["matrix-synapse.service"]; # So the registration can be used by Synapse - wantedBy = ["multi-user.target"]; - after = ["network.target"]; - - script = '' - - if [ ! -f "registration_shared_secret.txt" ] - then - cat /dev/urandom | tr -dc a-zA-Z0-9 | fold -w 256 | head -n 1 > registration_shared_secret.txt - else - echo Not generating key, key exists; - fi''; - serviceConfig = { - User = "matrix-synapse"; - Group = "matrix-synapse"; - WorkingDirectory = "/var/lib/matrix-synapse"; - }; + systemd.services.matrix-synapse-reg-token = { + description = "Random registration token for Synapse."; + before = [ "matrix-synapse.service" ]; # So the registration can be used by Synapse + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + script = '' + + if [ ! -f "registration_shared_secret.txt" ] + then + cat /dev/urandom | tr -dc a-zA-Z0-9 | fold -w 256 | head -n 1 > registration_shared_secret.txt + else + echo Not generating key, key exists; + fi''; + serviceConfig = { + User = "matrix-synapse"; + Group = "matrix-synapse"; + WorkingDirectory = "/var/lib/matrix-synapse"; }; + }; } - diff --git a/host/Rory-nginx/services/matrix/synapse/caches.nix b/host/Rory-nginx/services/matrix/synapse/caches.nix index 6196129..16fe0fc 100644 --- a/host/Rory-nginx/services/matrix/synapse/caches.nix +++ b/host/Rory-nginx/services/matrix/synapse/caches.nix @@ -1,7 +1,15 @@ { - gc_min_interval = [ "15m" "30m" "60m" ]; - gc_thresholds = [ 10000 5000 2500 ]; - event_cache_size = "12000K"; #defaults to 10K + gc_min_interval = [ + "15m" + "30m" + "60m" + ]; + gc_thresholds = [ + 10000 + 5000 + 2500 + ]; + event_cache_size = "12000K"; # defaults to 10K caches = { global_factor = 500000.0; cache_entry_ttl = "24h"; @@ -13,4 +21,4 @@ min_cache_ttl = "6h"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/db.nix b/host/Rory-nginx/services/matrix/synapse/db.nix index c5edc51..d8dcde3 100644 --- a/host/Rory-nginx/services/matrix/synapse/db.nix +++ b/host/Rory-nginx/services/matrix/synapse/db.nix @@ -1,7 +1,8 @@ -{ +{ workerName ? null, - dbGroup ? null -}: { + dbGroup ? null, +}: +{ name = "psycopg2"; args = { user = "matrix-synapse-rory-gay"; @@ -9,13 +10,23 @@ database = "matrix-synapse-rory-gay"; host = "/run/postgresql"; application_name = "matrix-synapse (rory.gay) - ${if workerName == null then throw "synapse/db.nix: workerName unspecified" else workerName}"; - cp_min = if dbGroup == "small" then 2 - else if dbGroup == "medium" then 5 - else if dbGroup == "large" then 10 - else throw "synapse/db.nix: Invalid dbGroup: ${if dbGroup == null then "null" else dbGroup}"; - cp_max = if dbGroup == "small" then 2 - else if dbGroup == "medium" then 10 - else if dbGroup == "large" then 10 - else throw "synapse/db.nix: Invalid dbGroup: ${if dbGroup == null then "null" else dbGroup}"; + cp_min = + if dbGroup == "small" then + 2 + else if dbGroup == "medium" then + 5 + else if dbGroup == "large" then + 10 + else + throw "synapse/db.nix: Invalid dbGroup: ${if dbGroup == null then "null" else dbGroup}"; + cp_max = + if dbGroup == "small" then + 2 + else if dbGroup == "medium" then + 10 + else if dbGroup == "large" then + 10 + else + throw "synapse/db.nix: Invalid dbGroup: ${if dbGroup == null then "null" else dbGroup}"; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/ratelimits.nix b/host/Rory-nginx/services/matrix/synapse/ratelimits.nix index 8165fe4..4f6b7db 100644 --- a/host/Rory-nginx/services/matrix/synapse/ratelimits.nix +++ b/host/Rory-nginx/services/matrix/synapse/ratelimits.nix @@ -53,4 +53,4 @@ concurrent = 100; }; federation_rr_transactions_per_room_per_second = 1; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix index 4dc13a8..acd842f 100755 --- a/host/Rory-nginx/services/matrix/synapse/synapse-main.nix +++ b/host/Rory-nginx/services/matrix/synapse/synapse-main.nix @@ -1,11 +1,14 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { # Worker plumbing examples: https://github.com/element-hq/synapse/blob/master/docker/configure_workers_and_start.py # Documentation: https://github.com/element-hq/synapse/blob/develop/docs/workers.md - imports = [ - ./workers/module.nix - ]; + imports = [ ./workers/module.nix ]; services.matrix-synapse = { enable = true; @@ -39,26 +42,36 @@ }; registration_shared_secret_path = "/var/lib/matrix-synapse/registration_shared_secret.txt"; - + listeners = [ - { + { port = 8008; - bind_addresses = [ "192.168.1.2" "127.0.0.1" ]; + bind_addresses = [ + "192.168.1.2" + "127.0.0.1" + ]; type = "http"; tls = false; x_forwarded = true; - resources = [ { - names = [ "client" "federation" ]; - compress = false; - } ]; + resources = [ + { + names = [ + "client" + "federation" + ]; + compress = false; + } + ]; } - { + { type = "http"; path = "/run/matrix-synapse/main.sock"; - resources = [ { - names = [ "replication" ]; - compress = false; - } ]; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; } ]; dynamic_thumbnails = true; @@ -67,7 +80,12 @@ update_interval = 60; }; url_preview_enabled = true; - database = (import ./db.nix { workerName = "main"; dbGroup = "medium"; }); + database = ( + import ./db.nix { + workerName = "main"; + dbGroup = "medium"; + } + ); app_service_config_files = [ #"/etc/matrix-synapse/appservice-registration.yaml" "/var/lib/matrix-synapse/modas-registration.yaml" @@ -101,28 +119,25 @@ "msc3916_authenticated_media_enabled" = true; # Authenticated media }; - redis = { enabled = true; path = "/run/redis-matrix-synapse/redis.sock"; }; - instance_map = { - main = { # replication listener + main = { + # replication listener path = "/run/matrix-synapse/main.sock"; }; }; - } - // import ./ratelimits.nix - // import ./caches.nix; + } // import ./ratelimits.nix // import ./caches.nix; }; systemd.services.matrix-synapse-reg-token = { description = "Random registration token for Synapse."; - before = ["matrix-synapse.service"]; # So the registration can be used by Synapse - wantedBy = ["multi-user.target"]; - after = ["network.target"]; + before = [ "matrix-synapse.service" ]; # So the registration can be used by Synapse + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; script = '' @@ -146,8 +161,6 @@ user = "matrix-synapse"; }; }; - - systemd.tmpfiles.rules = [ - "D /run/redis-matrix-synapse 0755 matrix-synapse matrix-synapse" - ]; -} \ No newline at end of file + + systemd.tmpfiles.rules = [ "D /run/redis-matrix-synapse 0755 matrix-synapse matrix-synapse" ]; +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix b/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix index 5f1323c..d259edd 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/appservice.nix @@ -1,6 +1,11 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: -let +let cfg = config.services.matrix-synapse; in { @@ -24,7 +29,7 @@ in path = "/run/matrix-synapse/appservice.sock"; resources = [ { - names = ["replication"]; + names = [ "replication" ]; compress = false; } ]; @@ -33,4 +38,4 @@ in }; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/background.nix b/host/Rory-nginx/services/matrix/synapse/workers/background.nix index d267124..c97d647 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/background.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/background.nix @@ -1,6 +1,11 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: -let +let cfg = config.services.matrix-synapse; in { @@ -24,7 +29,7 @@ in path = "/run/matrix-synapse/background.sock"; resources = [ { - names = ["replication"]; + names = [ "replication" ]; compress = false; } ]; @@ -33,4 +38,4 @@ in }; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix index c90fe3e..d0b1774 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/federation-sender.nix @@ -1,5 +1,10 @@ -{ config, pkgs, lib, ... }: -let +{ + config, + pkgs, + lib, + ... +}: +let cfg = config.services.matrix-synapse; federationSenders = lib.range 0 (cfg.federationSenders - 1); in @@ -12,23 +17,25 @@ in outbound_federation_restricted_to = lib.map (index: "federation_sender-${toString index}") federationSenders; }; - workers = lib.listToAttrs (lib.map (index: { - name = "federation_sender-${toString index}"; - value = { - worker_app = "synapse.app.generic_worker"; - worker_listeners = [ - { - type = "http"; - path = "/run/matrix-synapse/pusher-${toString index}.sock"; - resources = [ - { - names = ["replication"]; - compress = false; - } - ]; - } - ]; - }; - }) federationSenders); + workers = lib.listToAttrs ( + lib.map (index: { + name = "federation_sender-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = [ + { + type = "http"; + path = "/run/matrix-synapse/pusher-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ]; + }; + }) federationSenders + ); }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/module.nix b/host/Rory-nginx/services/matrix/synapse/workers/module.nix index 9cc3d92..b9c490e 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/module.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/module.nix @@ -1,14 +1,19 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.services.matrix-synapse; - #eventWriters = lib.range 0 (count - 1); - #typingWriters = lib.range 0 (count - 1); - #deviceWriters = lib.range 0 (count - 1); - #accountDataWriters = lib.range 0 (count - 1); - #receiptsWriters = lib.range 0 (count - 1); - #presenceWriters = lib.range 0 (count - 1); - #pusherWriters = lib.range 0 (count - 1); in +#eventWriters = lib.range 0 (count - 1); +#typingWriters = lib.range 0 (count - 1); +#deviceWriters = lib.range 0 (count - 1); +#accountDataWriters = lib.range 0 (count - 1); +#receiptsWriters = lib.range 0 (count - 1); +#presenceWriters = lib.range 0 (count - 1); +#pusherWriters = lib.range 0 (count - 1); { imports = [ ./federation-sender.nix @@ -16,37 +21,43 @@ in ./pusher.nix ./stream-writers/event-stream-writer.nix ]; - options.services.matrix-synapse = lib.listToAttrs (lib.map (option: { - name = "${option}StreamWriters"; - value = lib.mkOption { - type = lib.types.int; - default = 0; - description = "Number of writers for ${option} streams"; - }; - }) [ - "event" - "typing" - "toDevice" - "accountData" - "receipts" - "presence" - "pushRule" - ]) // { - enableStreamWriters = lib.mkEnableOption "Enable stream writers"; - enableAppserviceWorker = lib.mkEnableOption "Enable dedicated appservice worker"; - enableBackgroundWorker = lib.mkEnableOption "Enable dedicated background task worker"; + options.services.matrix-synapse = + lib.listToAttrs ( + lib.map + (option: { + name = "${option}StreamWriters"; + value = lib.mkOption { + type = lib.types.int; + default = 0; + description = "Number of writers for ${option} streams"; + }; + }) + [ + "event" + "typing" + "toDevice" + "accountData" + "receipts" + "presence" + "pushRule" + ] + ) + // { + enableStreamWriters = lib.mkEnableOption "Enable stream writers"; + enableAppserviceWorker = lib.mkEnableOption "Enable dedicated appservice worker"; + enableBackgroundWorker = lib.mkEnableOption "Enable dedicated background task worker"; - federationSenders = lib.mkOption { - type = lib.types.int; - default = 0; - description = "Number of federation senders"; - }; - pushers = lib.mkOption { - type = lib.types.int; - default = 0; - description = "Number of pushers"; - }; + federationSenders = lib.mkOption { + type = lib.types.int; + default = 0; + description = "Number of federation senders"; + }; + pushers = lib.mkOption { + type = lib.types.int; + default = 0; + description = "Number of pushers"; }; + }; config = lib.mkIf cfg.enableStreamWriters { #services.matrix-synapse = { @@ -57,7 +68,7 @@ in # path = "/run/matrix-synapse/stream-writer-${toString index}.sock"; # }; # }) federationSenders); -# + # # stream_writers = { # events = lib.map (index: "stream-writer-events-${toString index}") federationSenders; # typing = lib.map (index: "stream-writer-typing-${toString index}") typingWriters; @@ -68,7 +79,7 @@ in # push_rules = lib.map (index: "stream-writer-push_rules-${toString index}") pusherWriters; # }; # }; -# + # # workers = lib.listToAttrs (lib.map (index: { # name = "stream-writerr-${toString index}"; # value = { @@ -78,4 +89,4 @@ in # }) federationSenders); #}; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix index c90561e..f5ef601 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/pusher.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.services.matrix-synapse; pushers = lib.range 0 (cfg.pushers - 1); @@ -7,34 +12,38 @@ in config = lib.mkIf (cfg.pushers > 0) { services.matrix-synapse = { settings = { - instance_map = lib.listToAttrs (lib.map (index: { - name = "pusher-${toString index}"; - value = { - path = "/run/matrix-synapse/pusher-${toString index}.sock"; - }; - }) pushers); + instance_map = lib.listToAttrs ( + lib.map (index: { + name = "pusher-${toString index}"; + value = { + path = "/run/matrix-synapse/pusher-${toString index}.sock"; + }; + }) pushers + ); pusher_instances = lib.map (index: "pusher-${toString index}") pushers; }; - workers = lib.listToAttrs (lib.map (index: { - name = "pusher-${toString index}"; - value = { - worker_app = "synapse.app.generic_worker"; - worker_listeners = [ - { - type = "http"; - path = "/run/matrix-synapse/pusher-${toString index}.sock"; - resources = [ - { - names = ["replication"]; - compress = false; - } - ]; - } - ]; - }; - }) pushers); + workers = lib.listToAttrs ( + lib.map (index: { + name = "pusher-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = [ + { + type = "http"; + path = "/run/matrix-synapse/pusher-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ]; + }; + }) pushers + ); }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix index a661911..d4a9ff4 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/__OLD__module.nix @@ -1,53 +1,66 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.services.matrix-synapse; - #eventWriters = lib.range 0 (count - 1); - #typingWriters = lib.range 0 (count - 1); - #deviceWriters = lib.range 0 (count - 1); - #accountDataWriters = lib.range 0 (count - 1); - #receiptsWriters = lib.range 0 (count - 1); - #presenceWriters = lib.range 0 (count - 1); - #pusherWriters = lib.range 0 (count - 1); in +#eventWriters = lib.range 0 (count - 1); +#typingWriters = lib.range 0 (count - 1); +#deviceWriters = lib.range 0 (count - 1); +#accountDataWriters = lib.range 0 (count - 1); +#receiptsWriters = lib.range 0 (count - 1); +#presenceWriters = lib.range 0 (count - 1); +#pusherWriters = lib.range 0 (count - 1); { - options.services.matrix-synapse = lib.listToAttrs (lib.map (option: { - name = "${option}StreamWriters"; - value = lib.mkOption { - type = lib.types.int; - default = 1; - description = "Number of writers for ${option} streams"; - }; - }) [ - "event" - "typing" - "toDevice" - "accountData" - "receipts" - "presence" - "pushRule" - ]) // { - enableStreamWriters = lib.mkEnableOption "Enable stream writers"; - federationSenders = lib.mkOption { - type = lib.types.int; - default = 1; - description = "Number of federation senders"; - }; - pushers = lib.mkOption { - type = lib.types.int; - default = 1; - description = "Number of pushers"; - }; + options.services.matrix-synapse = + lib.listToAttrs ( + lib.map + (option: { + name = "${option}StreamWriters"; + value = lib.mkOption { + type = lib.types.int; + default = 1; + description = "Number of writers for ${option} streams"; + }; + }) + [ + "event" + "typing" + "toDevice" + "accountData" + "receipts" + "presence" + "pushRule" + ] + ) + // { + enableStreamWriters = lib.mkEnableOption "Enable stream writers"; + federationSenders = lib.mkOption { + type = lib.types.int; + default = 1; + description = "Number of federation senders"; + }; + pushers = lib.mkOption { + type = lib.types.int; + default = 1; + description = "Number of pushers"; }; + }; config = lib.mkIf cfg.enableStreamWriters { services.matrix-synapse = { settings = { - instance_map = lib.listToAttrs (lib.map (port: { - name = "stream-writer-${toString port}"; - value = { - path = "/run/matrix-synapse/stream-writer-${toString port}.sock"; - }; - }) federationSenders); + instance_map = lib.listToAttrs ( + lib.map (port: { + name = "stream-writer-${toString port}"; + value = { + path = "/run/matrix-synapse/stream-writer-${toString port}.sock"; + }; + }) federationSenders + ); stream_writers = { events = lib.map (port: "stream-writer-events-${toString port}") federationSenders; @@ -60,13 +73,15 @@ in }; }; - workers = lib.listToAttrs (lib.map (port: { - name = "stream-writerr-${toString port}"; - value = { - worker_app = "synapse.app.generic_worker"; - worker_listeners = [ ]; - }; - }) federationSenders); + workers = lib.listToAttrs ( + lib.map (port: { + name = "stream-writerr-${toString port}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = [ ]; + }; + }) federationSenders + ); }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix index af7e544..42e9251 100644 --- a/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix +++ b/host/Rory-nginx/services/matrix/synapse/workers/stream-writers/event-stream-writer.nix @@ -1,5 +1,9 @@ - -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let cfg = config.services.matrix-synapse; streamWriters = lib.range 0 (cfg.eventStreamWriters - 1); @@ -7,35 +11,39 @@ in { services.matrix-synapse = { settings = { - instance_map = lib.listToAttrs (lib.map (port: { - name = "stream-writer-${toString port}"; - value = { - path = "/run/matrix-synapse/stream-writer-${toString port}.sock"; - }; - }) streamWriters); + instance_map = lib.listToAttrs ( + lib.map (port: { + name = "stream-writer-${toString port}"; + value = { + path = "/run/matrix-synapse/stream-writer-${toString port}.sock"; + }; + }) streamWriters + ); stream_writers = { events = lib.map (index: "stream-writer-events-${toString index}") streamWriters; }; }; - workers = lib.listToAttrs (lib.map (index: { - name = "stream-writer-${toString index}"; - value = { - worker_app = "synapse.app.generic_worker"; - worker_listeners = [ - { - type = "http"; - path = "/run/matrix-synapse/stream-writer-${toString index}.sock"; - resources = [ - { - names = ["replication"]; - compress = false; - } - ]; - } - ]; - }; - }) streamWriters); + workers = lib.listToAttrs ( + lib.map (index: { + name = "stream-writer-${toString index}"; + value = { + worker_app = "synapse.app.generic_worker"; + worker_listeners = [ + { + type = "http"; + path = "/run/matrix-synapse/stream-writer-${toString index}.sock"; + resources = [ + { + names = [ "replication" ]; + compress = false; + } + ]; + } + ]; + }; + }) streamWriters + ); }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix b/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix index 3e48d0f..73c22b6 100644 --- a/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix +++ b/host/Rory-nginx/services/nginx/localhost/matrix-rory-gay.nix @@ -22,228 +22,228 @@ # ''; # }; - # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker - locations."~ ^/_matrix/client/(r0|v3)/sync$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; + # https://matrix-org.github.io/synapse/latest/workers.html#synapseappgeneric_worker + locations."~ ^/_matrix/client/(r0|v3)/sync$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; extraConfig = '' - # We want to wait for 15 minutes here... - proxy_read_timeout 54000; - proxy_connect_timeout 54000; - proxy_send_timeout 54000; - ''; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3)/events$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/rooms/.*/hierarchy$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/rooms/.*/threads$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/account/whoami$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/devices$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/versions$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/query$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/changes$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/room_keys/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/upload/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/register$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/v1/register/m.login.registration_token/validity$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; + # We want to wait for 15 minutes here... + proxy_read_timeout 54000; + proxy_connect_timeout 54000; + proxy_send_timeout 54000; + ''; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3)/events$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/v1/rooms/.*/hierarchy$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(v1|unstable)/rooms/.*/relations/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/v1/rooms/.*/threads$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/unstable/org.matrix.msc2716/rooms/.*/batch_send$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/account/whoami$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/devices$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/versions$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/v1/rooms/.*/timestamp_to_event$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/query$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/changes$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/room_keys/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/keys/upload/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/register$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/v1/register/m.login.registration_token/validity$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing" = { - proxyPass = "http://stream_writer_typing_stream_workers_upstream$request_uri"; - }; + # https://matrix-org.github.io/synapse/latest/workers.html#the-typing-stream + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing" = { + proxyPass = "http://stream_writer_typing_stream_workers_upstream$request_uri"; + }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream - locations."~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/" = { - proxyPass = "http://stream_writer_to_device_stream_workers_upstream$request_uri"; - }; + # https://matrix-org.github.io/synapse/latest/workers.html#the-to_device-stream + locations."~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/" = { + proxyPass = "http://stream_writer_to_device_stream_workers_upstream$request_uri"; + }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream - locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/tags" = { - proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/account_data" = { - proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri"; - }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream - locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt" = { - proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers" = { - proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri"; - }; - # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream - locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/" = { - proxyPass = "http://stream_writer_presence_stream_workers_upstream$request_uri"; - }; + # https://matrix-org.github.io/synapse/latest/workers.html#the-account_data-stream + locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/tags" = { + proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/.*/account_data" = { + proxyPass = "http://stream_writer_account_data_stream_workers_upstream$request_uri"; + }; + # https://matrix-org.github.io/synapse/latest/workers.html#the-receipts-stream + locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt" = { + proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers" = { + proxyPass = "http://stream_writer_receipts_stream_workers_upstream$request_uri"; + }; + # https://matrix-org.github.io/synapse/latest/workers.html#the-presence-stream + locations."~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/" = { + proxyPass = "http://stream_writer_presence_stream_workers_upstream$request_uri"; + }; ### DUPLICATES???? # https://matrix-org.github.io/synapse/latest/workers.html#updating-the-user-directory locations."~ ^/_matrix/client/(r0|v3|unstable)/user_directory/search$" = { - proxyPass = "http://user_dir_workers_upstream$request_uri"; - }; + proxyPass = "http://user_dir_workers_upstream$request_uri"; + }; # ??? - locations."/" = { - #resolver 127.0.0.11 valid=5s; - #set $backend "matrix-synapse:8008"; - #proxyPass = "http://$backend"; + locations."/" = { + #resolver 127.0.0.11 valid=5s; + #set $backend "matrix-synapse:8008"; + #proxyPass = "http://$backend"; proxyPass = "http://127.0.0.1:8008"; - }; + }; - locations."~ ^/_matrix/federation/v1/event/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/state/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/state_ids/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/backfill/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/get_missing_events/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/publicRooms" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/query/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/make_join/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/make_leave/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/(v1|v2)/send_join/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/(v1|v2)/send_leave/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/(v1|v2)/invite/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/event_auth/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/timestamp_to_event/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/exchange_third_party_invite/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/user/devices/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/key/v2/query" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/hierarchy/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; - locations."~ ^/_matrix/federation/v1/send/" = { - proxyPass = "http://generic_workers_upstream$request_uri"; - }; + locations."~ ^/_matrix/federation/v1/event/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/state/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/state_ids/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/backfill/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/get_missing_events/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/publicRooms" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/query/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/make_join/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/make_leave/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/(v1|v2)/send_join/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/(v1|v2)/send_leave/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/(v1|v2)/invite/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/event_auth/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/timestamp_to_event/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/exchange_third_party_invite/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/user/devices/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/key/v2/query" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/hierarchy/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; + locations."~ ^/_matrix/federation/v1/send/" = { + proxyPass = "http://generic_workers_upstream$request_uri"; + }; ##### media repo @@ -270,12 +270,11 @@ proxyPass = "http://media_repository_workers_upstream$request_uri"; }; - #locations."/" = { - #resolver 127.0.0.11 valid=5s; - #set $backend "matrix-synapse:8048"; - #proxyPass = "http://$backend"; - #}; - + #locations."/" = { + #resolver 127.0.0.11 valid=5s; + #set $backend "matrix-synapse:8048"; + #proxyPass = "http://$backend"; + #}; - locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008"; + locations."/_synapse/client".proxyPass = "http://127.0.0.1:8008"; } diff --git a/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix b/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix index 00ccdee..cdf3c92 100644 --- a/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix +++ b/host/Rory-nginx/services/nginx/matrix-upstreams-workers.nix @@ -23,4 +23,4 @@ user_dir_workers_upstream.servers = { "127.0.0.1:18661" = { }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/matrix-upstreams.nix b/host/Rory-nginx/services/nginx/matrix-upstreams.nix index 6ba45af..5dd2fe8 100644 --- a/host/Rory-nginx/services/nginx/matrix-upstreams.nix +++ b/host/Rory-nginx/services/nginx/matrix-upstreams.nix @@ -23,4 +23,4 @@ user_dir_workers_upstream.servers = { "127.0.0.1:8008" = { }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/nginx.nix b/host/Rory-nginx/services/nginx/nginx.nix index 0e993a1..0b53a28 100755 --- a/host/Rory-nginx/services/nginx/nginx.nix +++ b/host/Rory-nginx/services/nginx/nginx.nix @@ -1,5 +1,10 @@ -{ config, pkgs, lib, ... }: -let +{ + config, + pkgs, + lib, + ... +}: +let serveDir = config: { enableACME = if config ? ssl then config.ssl else true; addSSL = if config ? ssl then config.ssl else true; @@ -10,7 +15,8 @@ let }; }; }; -in { +in +{ services = { nginx = { enable = true; @@ -24,11 +30,11 @@ in { defaultMimeTypes = ../../../../modules/packages/nginx/mime.types; appendConfig = '' worker_processes 16; - ''; - eventsConfig = '' + ''; + eventsConfig = '' #use kqueue; worker_connections 512; - ''; + ''; appendHttpConfig = '' #sendfile on; disable_symlinks off; @@ -36,9 +42,7 @@ in { access_log /var/log/nginx/access.log combined_vhosts; ''; upstreams = import ./matrix-upstreams.nix; - additionalModules = with pkgs.nginxModules; [ - moreheaders - ]; + additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "boorunav.com" = serveDir { path = "/data/nginx/html_boorunav"; }; "catgirlsaresexy.com" = serveDir { path = "/data/nginx/html_catgirlsaresexy"; }; @@ -57,11 +61,11 @@ in { "thearcanebrony.net" = import ./thearcanebrony.net/root.nix; "sentry.thearcanebrony.net" = import ./thearcanebrony.net/sentry.nix; "search.thearcanebrony.net" = import ./thearcanebrony.net/search.nix; - + "rory.gay" = import ./rory.gay/root.nix; #"rory.boo" = import ./rory.gay/root.nix; "lfs.rory.gay" = serveDir { path = "/data/nginx/html_lfs"; }; - + "awooradio.thearcanebrony.net" = import ./thearcanebrony.net/awooradio.nix; "cgit.rory.gay" = import ./rory.gay/cgit.nix; #"jitsi.rory.gay" = import ./rory.gay/jitsi.nix; @@ -99,7 +103,7 @@ in { }; }; systemd.services.nginx.serviceConfig = { - LimitNOFILE=5000000; + LimitNOFILE = 5000000; }; systemd.services.nginx.requires = [ "data.mount" ]; security.acme.acceptTerms = true; diff --git a/host/Rory-nginx/services/nginx/rory.gay/bots.nix b/host/Rory-nginx/services/nginx/rory.gay/bots.nix index 7652dc9..9bd18a8 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/bots.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/bots.nix @@ -6,4 +6,4 @@ proxyPass = "http://127.0.0.1:5033"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/rory.gay/conduit.matrixunittests.nix b/host/Rory-nginx/services/nginx/rory.gay/conduit.matrixunittests.nix index c9610fd..9503747 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/conduit.matrixunittests.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/conduit.matrixunittests.nix @@ -6,10 +6,10 @@ kTLS = true; extraConfig = '' brotli off; - ''; + ''; locations = { "/" = { proxyPass = "http://192.168.100.15:80"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/rory.gay/conduit.nix b/host/Rory-nginx/services/nginx/rory.gay/conduit.nix index feaa77a..250a6b2 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/conduit.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/conduit.nix @@ -34,42 +34,42 @@ locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.server" = "conduit.rory.gay:443"; - }}'; - ''; + return 200 '${builtins.toJSON { "m.server" = "conduit.rory.gay:443"; }}'; + ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.homeserver".base_url = "https://conduit.rory.gay"; - "m.identity_server".base_url = "https://conduit.rory.gay"; - } + return 200 '${ + builtins.toJSON { + "m.homeserver".base_url = "https://conduit.rory.gay"; + "m.identity_server".base_url = "https://conduit.rory.gay"; + } }'; - ''; + ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ - { - matrix_id = "@emma:rory.gay"; - role = "admin"; - } - { - matrix_id = "@alicia:rory.gay"; - role = "admin"; - } - { - matrix_id = "@root:rory.gay"; - role = "admin"; - } - { - matrix_id = "@rory:rory.gay"; - role = "admin"; - } - ]; - } + return 200 '${ + builtins.toJSON { + admins = [ + { + matrix_id = "@emma:rory.gay"; + role = "admin"; + } + { + matrix_id = "@alicia:rory.gay"; + role = "admin"; + } + { + matrix_id = "@root:rory.gay"; + role = "admin"; + } + { + matrix_id = "@rory:rory.gay"; + role = "admin"; + } + ]; + } }'; ''; } diff --git a/host/Rory-nginx/services/nginx/rory.gay/jitsi.nix b/host/Rory-nginx/services/nginx/rory.gay/jitsi.nix index c2feaa1..f6091bc 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/jitsi.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/jitsi.nix @@ -1,13 +1,19 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - overrideJs = filePath: varName: newContent: appendExtra: + overrideJs = + filePath: varName: newContent: appendExtra: let oldContent = builtins.readFile filePath; regex = "var ${varName} = {[^}]*};"; newJs = builtins.replaceStrings [ regex ] [ "var ${varName} = ${newContent};" ] oldContent; in - builtins.writeFile filePath newJs; + builtins.writeFile filePath newJs; cfg = config.services.jitsi-meet; in @@ -33,13 +39,7 @@ in proxy_set_header Host $host; ''; }; - locations."=/external_api.js" = lib.mkDefault { - alias = "${pkgs.jitsi-meet}/libs/external_api.min.js"; - }; - locations."=/config.js" = lib.mkDefault { - alias = overrideJs "${pkgs.jitsi-meet}/config.js" "config" (lib.recursiveUpdate defaultCfg cfg.config) cfg.extraConfig; - }; - locations."=/interface_config.js" = lib.mkDefault { - alias = overrideJs "${pkgs.jitsi-meet}/interface_config.js" "interfaceConfig" cfg.interfaceConfig ""; - }; -} \ No newline at end of file + locations."=/external_api.js" = lib.mkDefault { alias = "${pkgs.jitsi-meet}/libs/external_api.min.js"; }; + locations."=/config.js" = lib.mkDefault { alias = overrideJs "${pkgs.jitsi-meet}/config.js" "config" (lib.recursiveUpdate defaultCfg cfg.config) cfg.extraConfig; }; + locations."=/interface_config.js" = lib.mkDefault { alias = overrideJs "${pkgs.jitsi-meet}/interface_config.js" "interfaceConfig" cfg.interfaceConfig ""; }; +} diff --git a/host/Rory-nginx/services/nginx/rory.gay/matrix-bak.nix b/host/Rory-nginx/services/nginx/rory.gay/matrix-bak.nix index 2780979..5d44454 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/matrix-bak.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/matrix-bak.nix @@ -2,7 +2,7 @@ enableACME = true; addSSL = true; locations."/_matrix" = { - proxyPass = "http://192.168.1.5:8008"; + proxyPass = "http://192.168.1.5:8008"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; @@ -21,5 +21,5 @@ } ''; }; - locations."/_synapse/client".proxyPass = "http://192.168.1.5:8008"; + locations."/_synapse/client".proxyPass = "http://192.168.1.5:8008"; } diff --git a/host/Rory-nginx/services/nginx/rory.gay/matrix.nix b/host/Rory-nginx/services/nginx/rory.gay/matrix.nix index 0c3f6cc..d48f4ca 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/matrix.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/matrix.nix @@ -26,42 +26,42 @@ locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.server" = "matrix.rory.gay:443"; - }}'; - ''; + return 200 '${builtins.toJSON { "m.server" = "matrix.rory.gay:443"; }}'; + ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.homeserver".base_url = "https://matrix.rory.gay"; - "org.matrix.msc3575.proxy".url = "https://matrix.rory.gay"; - } + return 200 '${ + builtins.toJSON { + "m.homeserver".base_url = "https://matrix.rory.gay"; + "org.matrix.msc3575.proxy".url = "https://matrix.rory.gay"; + } }'; - ''; + ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ - { - matrix_id = "@emma:rory.gay"; - role = "admin"; - } - { - matrix_id = "@alicia:rory.gay"; - role = "admin"; - } - { - matrix_id = "@root:rory.gay"; - role = "admin"; - } - { - matrix_id = "@rory:rory.gay"; - role = "admin"; - } - ]; - } + return 200 '${ + builtins.toJSON { + admins = [ + { + matrix_id = "@emma:rory.gay"; + role = "admin"; + } + { + matrix_id = "@alicia:rory.gay"; + role = "admin"; + } + { + matrix_id = "@root:rory.gay"; + role = "admin"; + } + { + matrix_id = "@rory:rory.gay"; + role = "admin"; + } + ]; + } }'; ''; diff --git a/host/Rory-nginx/services/nginx/rory.gay/matrixunittests.nix b/host/Rory-nginx/services/nginx/rory.gay/matrixunittests.nix index 65a2c6c..edb1704 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/matrixunittests.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/matrixunittests.nix @@ -6,10 +6,10 @@ kTLS = true; extraConfig = '' brotli off; - ''; + ''; locations = { "/" = { proxyPass = "http://192.168.100.13:80"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/rory.gay/mru.nix b/host/Rory-nginx/services/nginx/rory.gay/mru.nix index 76fb6d8..dd59830 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/mru.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/mru.nix @@ -10,7 +10,7 @@ extraConfig = '' brotli off; brotli_static off; - ''; + ''; locations = { "/" = { index = "index.html"; diff --git a/host/Rory-nginx/services/nginx/rory.gay/pcpoc.nix b/host/Rory-nginx/services/nginx/rory.gay/pcpoc.nix index 05f1a0c..b62c5fe 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/pcpoc.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/pcpoc.nix @@ -6,10 +6,10 @@ kTLS = true; extraConfig = '' brotli off; - ''; + ''; locations = { "/" = { proxyPass = "http://192.168.100.11:80"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/rory.gay/root.nix b/host/Rory-nginx/services/nginx/rory.gay/root.nix index 075a3ed..11d06c0 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/root.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/root.nix @@ -2,48 +2,47 @@ root = "/data/nginx/html_rory_gay"; enableACME = true; addSSL = true; - extraConfig = '' - autoindex on;''; + extraConfig = ''autoindex on;''; locations."= /.well-known/matrix/server".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.server" = "matrix.rory.gay:443"; - }}'; - ''; + return 200 '${builtins.toJSON { "m.server" = "matrix.rory.gay:443"; }}'; + ''; locations."= /.well-known/matrix/client".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - "m.homeserver".base_url = "https://matrix.rory.gay"; - "org.matrix.msc3575.proxy".url = "https://matrix.rory.gay"; - } + return 200 '${ + builtins.toJSON { + "m.homeserver".base_url = "https://matrix.rory.gay"; + "org.matrix.msc3575.proxy".url = "https://matrix.rory.gay"; + } }'; - ''; + ''; locations."= /.well-known/matrix/support".extraConfig = '' more_set_headers 'Content-Type application/json'; more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ - { - matrix_id = "@emma:rory.gay"; - role = "admin"; - } - { - matrix_id = "@alicia:rory.gay"; - role = "admin"; - } - { - matrix_id = "@root:rory.gay"; - role = "admin"; - } - { - matrix_id = "@rory:rory.gay"; - role = "admin"; - } - ]; - } + return 200 '${ + builtins.toJSON { + admins = [ + { + matrix_id = "@emma:rory.gay"; + role = "admin"; + } + { + matrix_id = "@alicia:rory.gay"; + role = "admin"; + } + { + matrix_id = "@root:rory.gay"; + role = "admin"; + } + { + matrix_id = "@rory:rory.gay"; + role = "admin"; + } + ]; + } }'; ''; } diff --git a/host/Rory-nginx/services/nginx/thearcanebrony.net/awooradio.nix b/host/Rory-nginx/services/nginx/thearcanebrony.net/awooradio.nix index af52ec8..f13cb0c 100755 --- a/host/Rory-nginx/services/nginx/thearcanebrony.net/awooradio.nix +++ b/host/Rory-nginx/services/nginx/thearcanebrony.net/awooradio.nix @@ -9,4 +9,4 @@ proxyPass = "http://localhost:4998"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/thearcanebrony.net/root.nix b/host/Rory-nginx/services/nginx/thearcanebrony.net/root.nix index bd23f10..86dddac 100755 --- a/host/Rory-nginx/services/nginx/thearcanebrony.net/root.nix +++ b/host/Rory-nginx/services/nginx/thearcanebrony.net/root.nix @@ -2,8 +2,7 @@ enableACME = true; addSSL = true; root = "/data/nginx/html_thearcanebrony"; - extraConfig = '' - autoindex on;''; + extraConfig = ''autoindex on;''; locations = { "/" = { #index = "index.html"; @@ -12,29 +11,30 @@ return = "301 https://gitlab.com/KinoshitaProductions/SecureDestroyer/-/raw/master/run"; }; "= /.well-known/matrix/support".extraConfig = '' - more_set_headers 'Content-Type application/json'; - more_set_headers 'Access-Control-Allow-Origin *'; - return 200 '${builtins.toJSON { - admins = [ - { - matrix_id = "@emma:rory.gay"; - role = "admin"; + more_set_headers 'Content-Type application/json'; + more_set_headers 'Access-Control-Allow-Origin *'; + return 200 '${ + builtins.toJSON { + admins = [ + { + matrix_id = "@emma:rory.gay"; + role = "admin"; + } + { + matrix_id = "@alicia:rory.gay"; + role = "admin"; + } + { + matrix_id = "@root:rory.gay"; + role = "admin"; + } + { + matrix_id = "@rory:rory.gay"; + role = "admin"; + } + ]; } - { - matrix_id = "@alicia:rory.gay"; - role = "admin"; - } - { - matrix_id = "@root:rory.gay"; - role = "admin"; - } - { - matrix_id = "@rory:rory.gay"; - role = "admin"; - } - ]; - } - }'; - ''; + }'; + ''; }; } diff --git a/host/Rory-nginx/services/nginx/thearcanebrony.net/search.nix b/host/Rory-nginx/services/nginx/thearcanebrony.net/search.nix index 6298ba8..cd655d8 100755 --- a/host/Rory-nginx/services/nginx/thearcanebrony.net/search.nix +++ b/host/Rory-nginx/services/nginx/thearcanebrony.net/search.nix @@ -3,8 +3,7 @@ addSSL = true; locations = { "/" = { - extraConfig = '' - rewrite ^ https://thearcanebrony.net/unavailable.html break;''; + extraConfig = ''rewrite ^ https://thearcanebrony.net/unavailable.html break;''; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/nginx/thearcanebrony.net/sentry.nix b/host/Rory-nginx/services/nginx/thearcanebrony.net/sentry.nix index 96ffe4b..f496190 100755 --- a/host/Rory-nginx/services/nginx/thearcanebrony.net/sentry.nix +++ b/host/Rory-nginx/services/nginx/thearcanebrony.net/sentry.nix @@ -6,4 +6,4 @@ proxyPass = "http://192.168.1.4:9000"; }; }; -} \ No newline at end of file +} diff --git a/host/Rory-nginx/services/ollama.nix b/host/Rory-nginx/services/ollama.nix index 8480968..42f8b93 100755 --- a/host/Rory-nginx/services/ollama.nix +++ b/host/Rory-nginx/services/ollama.nix @@ -1,7 +1,12 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { -# systemd.tmpfiles.rules = [ "d /data/ollama 0750 ostgres postgres" ]; + # systemd.tmpfiles.rules = [ "d /data/ollama 0750 ostgres postgres" ]; services.ollama = { enable = true; diff --git a/host/Rory-nginx/services/postgres.nix b/host/Rory-nginx/services/postgres.nix index ac3b228..a05aa1e 100755 --- a/host/Rory-nginx/services/postgres.nix +++ b/host/Rory-nginx/services/postgres.nix @@ -1,7 +1,12 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - systemd.tmpfiles.rules = [ "d /mnt/postgres/data 0750 postgres postgres" ]; + systemd.tmpfiles.rules = [ "d /mnt/postgres/data 0750 postgres postgres" ]; services.postgresql = { enable = true; @@ -31,7 +36,7 @@ work_mem = "512MB"; maintenance_work_mem = "1024MB"; huge_pages = "try"; - effective_cache_size = "60GB"; #was 22 + effective_cache_size = "60GB"; # was 22 effective_io_concurrency = "8"; random_page_cost = 4; @@ -44,7 +49,7 @@ wal_level = "replica"; max_wal_senders = 0; - synchronous_commit = "off"; #was on + synchronous_commit = "off"; # was on checkpoint_timeout = "15min"; checkpoint_completion_target = "0.9"; @@ -63,10 +68,10 @@ bgwriter_lru_multiplier = "2.0"; bgwriter_flush_after = "0"; - max_worker_processes = "32"; #was 14 - max_parallel_workers_per_gather = "16"; #was 7 - max_parallel_maintenance_workers = "16"; #was 7 - max_parallel_workers = "32"; #was 14 + max_worker_processes = "32"; # was 14 + max_parallel_workers_per_gather = "16"; # was 7 + max_parallel_maintenance_workers = "16"; # was 7 + max_parallel_workers = "32"; # was 14 parallel_leader_participation = "on"; enable_partitionwise_join = "on"; @@ -81,4 +86,3 @@ }; } - diff --git a/host/Rory-nginx/services/prometheus.nix b/host/Rory-nginx/services/prometheus.nix index 1a5d346..9409529 100644 --- a/host/Rory-nginx/services/prometheus.nix +++ b/host/Rory-nginx/services/prometheus.nix @@ -1,4 +1,4 @@ -{ ... } : +{ ... }: { services.prometheus = { diff --git a/host/Rory-portable/configuration.nix b/host/Rory-portable/configuration.nix index 71ace4c..ebfe899 100644 --- a/host/Rory-portable/configuration.nix +++ b/host/Rory-portable/configuration.nix @@ -1,22 +1,28 @@ -{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ - # base imports - ../../modules/base-client.nix - ../../modules/packages/vim.nix -# ../../modules/environments/home.nix - #../../modules/software-templates/profilers.nix - #./postgres.nix - #./nginx.nix - - # hardware-specific imports - #./optional/hardware-specific/amd.nix - - #./printing.nix - ./ollama.nix - ]; + imports = [ + # base imports + ../../modules/base-client.nix + ../../modules/packages/vim.nix + # ../../modules/environments/home.nix + #../../modules/software-templates/profilers.nix + #./postgres.nix + #./nginx.nix + + # hardware-specific imports + #./optional/hardware-specific/amd.nix + + #./printing.nix + ./ollama.nix + ]; boot = { kernelPackages = pkgs.linuxPackages_latest; @@ -61,7 +67,7 @@ # address = "192.168.0.3"; # prefixLength = 24; #} ]; -# + # #defaultGateway = "192.168.0.1"; # useDHCP = true; }; @@ -98,13 +104,13 @@ picom.enable = true; picom.vSync = false; picom.backend = "glx"; - + openssh = { enable = true; extraConfig = '' MaxAuthTries 32 - ''; - }; + ''; + }; pipewire = { enable = true; audio.enable = true; @@ -148,15 +154,14 @@ #jetbrains.webstorm #jetbrains.clion github-copilot-intellij-agent - - + dbeaver-bin #insomnia vscode # - Utilities inkscape-with-extensions - gimp #-with-plugins + gimp # -with-plugins # - Languages #dotnet-sdk_7 @@ -174,14 +179,18 @@ cinnamon.nemo gnome.file-roller firefox-bin - ungoogled-chromium #needed for Rider in order to debug WASM + ungoogled-chromium # needed for Rider in order to debug WASM peek unrar-wrapper #(schildichat-desktop.override { electron = electron; }) - (callPackage ../../modules/packages/nheko-git.nix { inherit nhekoSrc; inherit mtxclientSrc; voipSupport = false; }) + (callPackage ../../modules/packages/nheko-git.nix { + inherit nhekoSrc; + inherit mtxclientSrc; + voipSupport = false; + }) #(callPackage ../../modules/packages/mc/server/modpack/curseforge/techopolis-2/5.4.nix { }) #vesktop @@ -201,7 +210,7 @@ #]; xdg = { portal = { - + enable = true; extraPortals = with pkgs; [ #xdg-desktop-portal-gtk @@ -228,33 +237,26 @@ (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) noto-fonts-monochrome-emoji ]; - fontconfig.defaultFonts.monospace = with pkgs; [ - "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" - ]; - fontconfig.defaultFonts.sansSerif = with pkgs; [ - "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" - ]; - fontconfig.defaultFonts.serif = with pkgs; [ - "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" - ]; - fontconfig.defaultFonts.emoji = with pkgs; [ - "freefont" - ]; + fontconfig.defaultFonts.monospace = with pkgs; [ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" ]; + fontconfig.defaultFonts.sansSerif = with pkgs; [ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" ]; + fontconfig.defaultFonts.serif = with pkgs; [ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" ]; + fontconfig.defaultFonts.emoji = with pkgs; [ "freefont" ]; enableDefaultPackages = lib.mkForce false; enableGhostscriptFonts = lib.mkForce false; }; nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; auto-optimise-store = true; }; }; nixpkgs = { config = { allowUnfree = true; - permittedInsecurePackages = [ - "electron-25.9.0" - ]; + permittedInsecurePackages = [ "electron-25.9.0" ]; }; }; @@ -272,17 +274,16 @@ nameserver 8.4.4.8 nameserver 1.1.1.1 nameserver 1.0.0.1 - ''; + ''; - #networking.wireguard.interfaces = { - # wg-KP-Ran = { + #networking.wireguard.interfaces = { + # wg-KP-Ran = { - #}; - # }; + #}; + # }; virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-portable/mariadb.nix b/host/Rory-portable/mariadb.nix index 3ebbb0b..758cb3d 100644 --- a/host/Rory-portable/mariadb.nix +++ b/host/Rory-portable/mariadb.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.mysql = { @@ -7,4 +12,3 @@ }; } - diff --git a/host/Rory-portable/nginx.nix b/host/Rory-portable/nginx.nix index fc2adca..31ec0ea 100644 --- a/host/Rory-portable/nginx.nix +++ b/host/Rory-portable/nginx.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services = { @@ -14,26 +19,24 @@ #defaultMimeTypes = ../../../../modules/packages/nginx/mime.types; appendConfig = '' worker_processes 16; - ''; - eventsConfig = '' + ''; + eventsConfig = '' #use kqueue; worker_connections 512; - ''; + ''; appendHttpConfig = '' #sendfile on; disable_symlinks off; ''; - additionalModules = with pkgs.nginxModules; [ - moreheaders - ]; + additionalModules = with pkgs.nginxModules; [ moreheaders ]; virtualHosts = { "discord.localhost" = import ./nginx/discord.localhost.nix { inherit pkgs; }; - + }; }; }; systemd.services.nginx.serviceConfig = { - LimitNOFILE=5000000; + LimitNOFILE = 5000000; }; } diff --git a/host/Rory-portable/nginx/discord.localhost.nix b/host/Rory-portable/nginx/discord.localhost.nix index 149d2b1..b40e13c 100755 --- a/host/Rory-portable/nginx/discord.localhost.nix +++ b/host/Rory-portable/nginx/discord.localhost.nix @@ -8,7 +8,6 @@ # We don't care about certificates around here... sslCertificate = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.cert.pem"; sslCertificateKey = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.key.pem"; - extraConfig = '' autoindex on; diff --git a/host/Rory-portable/ollama.nix b/host/Rory-portable/ollama.nix index 15b347b..0c72b85 100755 --- a/host/Rory-portable/ollama.nix +++ b/host/Rory-portable/ollama.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { services.ollama = { diff --git a/host/Rory-portable/optional/hardware-specific/amd.nix b/host/Rory-portable/optional/hardware-specific/amd.nix index e24bcd0..4456c6f 100644 --- a/host/Rory-portable/optional/hardware-specific/amd.nix +++ b/host/Rory-portable/optional/hardware-specific/amd.nix @@ -1,10 +1,16 @@ -{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ ]; + imports = [ ]; -boot.initrd.kernelModules = [ "amdgpu" ]; + boot.initrd.kernelModules = [ "amdgpu" ]; services = { xserver = { @@ -29,16 +35,11 @@ boot.initrd.kernelModules = [ "amdgpu" ]; rocmPackages.clr.icd amdvlk ]; - extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk - ]; + extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ]; }; }; - systemd.tmpfiles.rules = [ - "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" - ]; + systemd.tmpfiles.rules = [ "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" ]; system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-portable/optional/hardware-specific/nvidia.nix b/host/Rory-portable/optional/hardware-specific/nvidia.nix index 66b328f..c146c3a 100644 --- a/host/Rory-portable/optional/hardware-specific/nvidia.nix +++ b/host/Rory-portable/optional/hardware-specific/nvidia.nix @@ -1,17 +1,22 @@ -{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: +{ + config, + pkgs, + lib, + nhekoSrc, + mtxclientSrc, + ... +}: { - imports = - [ - - ]; + imports = [ + ]; services = { xserver = { - videoDrivers = ["nvidia"]; + videoDrivers = [ "nvidia" ]; #windowManager.i3.extraSessionCommands = '' - # todo: restore + # todo: restore #''; }; picom.backend = "glx"; @@ -37,4 +42,3 @@ system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-portable/postgres.nix b/host/Rory-portable/postgres.nix index e1e4432..60fd8d6 100755 --- a/host/Rory-portable/postgres.nix +++ b/host/Rory-portable/postgres.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { #systemd.tmpfiles.rules = [ "d /mnt/postgres/data 0750 postgres postgres" ]; @@ -31,4 +36,3 @@ }; } - diff --git a/host/Rory-portable/printing.nix b/host/Rory-portable/printing.nix index fd33aaa..2480610 100644 --- a/host/Rory-portable/printing.nix +++ b/host/Rory-portable/printing.nix @@ -1,11 +1,19 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ ]; users.users = { Rory = { - extraGroups = [ "lp" "scanner" ]; + extraGroups = [ + "lp" + "scanner" + ]; }; }; @@ -16,7 +24,10 @@ hardware = { sane.enable = true; - sane.extraBackends = [ pkgs.hplipWithPlugin pkgs.sane-airscan ]; + sane.extraBackends = [ + pkgs.hplipWithPlugin + pkgs.sane-airscan + ]; }; programs.system-config-printer.enable = true; @@ -48,4 +59,3 @@ system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/host/Rory-wsl/configuration.nix b/host/Rory-wsl/configuration.nix index b072905..855114a 100644 --- a/host/Rory-wsl/configuration.nix +++ b/host/Rory-wsl/configuration.nix @@ -1,10 +1,18 @@ -{ lib, pkgs, config, modulesPath, nhekoSrc, mtxclientSrc, ... }: +{ + lib, + pkgs, + config, + modulesPath, + nhekoSrc, + mtxclientSrc, + ... +}: { imports = [ ../../modules/base-client.nix -# ../../modules/software-templates/profilers.nix -# ../../modules/software-templates/dotnet.client.nix + # ../../modules/software-templates/profilers.nix + # ../../modules/software-templates/dotnet.client.nix ]; wsl = { enable = true; @@ -31,36 +39,38 @@ feh easyeffects kitty -# youtube-music + # youtube-music cinnamon.nemo gnome.file-roller - + # - IDEs -# jetbrains-toolbox -# jetbrains.rider -# github-copilot-intellij-agent - -# dbeaver -# insomnia -# vscode -# discord + # jetbrains-toolbox + # jetbrains.rider + # github-copilot-intellij-agent + + # dbeaver + # insomnia + # vscode + # discord # - Languages #dotnet-sdk_7 #dotnet-sdk_8 -# (callPackage ../../modules/packages/dotnet-pack.nix { inherit pkgs; }) - + # (callPackage ../../modules/packages/dotnet-pack.nix { inherit pkgs; }) -# temurin-bin -# obsidian -# ungoogled-chromium #needed for Rider in order to debug WASM -# peek + # temurin-bin + # obsidian + # ungoogled-chromium #needed for Rider in order to debug WASM + # peek unrar-wrapper #(schildichat-desktop.override { electron = electron; }) - (callPackage ../../modules/packages/nheko-git.nix { inherit nhekoSrc; inherit mtxclientSrc; }) -# steam-run + (callPackage ../../modules/packages/nheko-git.nix { + inherit nhekoSrc; + inherit mtxclientSrc; + }) + # steam-run ]; programs.firefox = { @@ -70,34 +80,28 @@ wrapperConfig.speechSynthesisSupport = false; }; - fonts = { fonts = with pkgs; [ (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) noto-fonts-monochrome-emoji ]; -# fontconfig.defaultFonts.monospace = with pkgs; [ -# "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" -# ]; -# fontconfig.defaultFonts.sansSerif = with pkgs; [ -# "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" -# ]; -# fontconfig.defaultFonts.serif = with pkgs; [ -# "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" -# ]; - fontconfig.defaultFonts.emoji = with pkgs; [ - "freefont" - ]; + # fontconfig.defaultFonts.monospace = with pkgs; [ + # "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" + # ]; + # fontconfig.defaultFonts.sansSerif = with pkgs; [ + # "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" + # ]; + # fontconfig.defaultFonts.serif = with pkgs; [ + # "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular" + # ]; + fontconfig.defaultFonts.emoji = with pkgs; [ "freefont" ]; enableDefaultPackages = lib.mkForce false; enableGhostscriptFonts = lib.mkForce false; }; programs.dconf.enable = true; - system.stateVersion = "23.05"; - nixpkgs.config.permittedInsecurePackages = [ - "electron-25.9.0" - ]; + nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; home-manager.users.Rory.home.stateVersion = lib.mkForce "23.05"; } diff --git a/host/RoryNix/configuration.nix b/host/RoryNix/configuration.nix index 3618ca7..f5c63fd 100644 --- a/host/RoryNix/configuration.nix +++ b/host/RoryNix/configuration.nix @@ -1,24 +1,28 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ -# ./hardware-configuration.nix - ../../modules/packages/vim.nix - ../../modules/environments/home.nix -# ../../modules/packages/overlays/haskell/basement/IntWord64.nix - ]; + imports = [ + # ./hardware-configuration.nix + ../../modules/packages/vim.nix + ../../modules/environments/home.nix + # ../../modules/packages/overlays/haskell/basement/IntWord64.nix + ]; - boot = { - kernelPackages = pkgs.linuxPackages_latest; - loader = { - grub = { - enable = true; - device = "/dev/sda"; # nodev for EFI only - # EFI - efiSupport = false; - efiInstallAsRemovable = false; - }; + boot = { + kernelPackages = pkgs.linuxPackages_latest; + loader = { + grub = { + enable = true; + device = "/dev/sda"; # nodev for EFI only + # EFI + efiSupport = false; + efiInstallAsRemovable = false; + }; }; #readOnlyNixStore = false; }; @@ -68,8 +72,8 @@ enable = true; extraConfig = '' MaxAuthTries 32 - ''; - }; + ''; + }; pipewire = { enable = true; audio.enable = true; @@ -141,14 +145,15 @@ zsh-you-should-use zsh-syntax-highlighting zsh-completions - - ]; - fonts.packages = with pkgs; [ - (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + ]; + fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) ]; nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; auto-optimise-store = true; }; }; @@ -160,7 +165,5 @@ sudo.wheelNeedsPassword = false; }; - system.stateVersion = "22.11"; # DO NOT EDIT! } - diff --git a/modules/base-client.nix b/modules/base-client.nix index c88db02..936e426 100755 --- a/modules/base-client.nix +++ b/modules/base-client.nix @@ -1,11 +1,15 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - ./base.nix - ./users/Rory.client.nix - ]; + imports = [ + ./base.nix + ./users/Rory.client.nix + ]; networking = { hostName = lib.mkDefault "Rory-nix-base"; @@ -22,7 +26,7 @@ sleep.extraConfig = '' AllowSuspend=no AllowHibernation=no - ''; + ''; }; environment.systemPackages = with pkgs; [ @@ -51,7 +55,10 @@ ''; nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; auto-optimise-store = true; }; }; @@ -67,8 +74,6 @@ boot.initrd.systemd.network.wait-online.enable = false; # disable all serial ports/consoles - systemd.suppressedSystemUnits = [ - "serial-getty@.service" - ]; + systemd.suppressedSystemUnits = [ "serial-getty@.service" ]; } diff --git a/modules/base-secrets.nix b/modules/base-secrets.nix index e159b2a..90fdd21 100755 --- a/modules/base-secrets.nix +++ b/modules/base-secrets.nix @@ -1,4 +1,10 @@ -{ path }: { config, pkgs, lib, ... }: +{ path }: +{ + config, + pkgs, + lib, + ... +}: { sops = { defaultSopsFile = path; diff --git a/modules/base-server.nix b/modules/base-server.nix index 35279e4..29949ef 100755 --- a/modules/base-server.nix +++ b/modules/base-server.nix @@ -1,20 +1,26 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - ./base.nix - ./users/chris.nix - ]; + imports = [ + ./base.nix + ./users/chris.nix + ]; documentation.nixos.enable = false; documentation.enable = false; documentation.info.enable = false; documentation.man.enable = false; - environment.variables.BROWSER = "echo"; - nix.settings.trusted-users = [ "root" "@wheel" ]; + nix.settings.trusted-users = [ + "root" + "@wheel" + ]; time.timeZone = lib.mkDefault "UTC"; systemd = { @@ -46,8 +52,8 @@ systemd.services.NetworkManager-wait-online.enable = false; systemd.network.wait-online.enable = false; - # systemd.services.systemd-networkd.stopIfChanged = false; - # systemd.services.systemd-resolved.stopIfChanged = false; + # systemd.services.systemd-networkd.stopIfChanged = false; + # systemd.services.systemd-resolved.stopIfChanged = false; nix.settings.max-free = lib.mkDefault (1000 * 1000 * 1000); nix.settings.min-free = lib.mkDefault (128 * 1000 * 1000); @@ -82,8 +88,15 @@ }; useDHCP = false; -# nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; - nameservers = [ "10.10.0.4" "10.10.0.5" "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; + # nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; + nameservers = [ + "10.10.0.4" + "10.10.0.5" + "1.1.1.1" + "1.0.0.1" + "8.8.8.8" + "8.4.4.8" + ]; resolvconf.enable = true; defaultGateway = "192.168.1.1"; }; @@ -125,25 +138,26 @@ positions = { filename = "/tmp/positions.yaml"; }; - clients = [{ - url = "https://loki.regional.seian.cloud/loki/api/v1/push"; - }]; - scrape_configs = [{ - job_name = "journal"; - journal = { - max_age = "12h"; - labels = { - job = "systemd-journal"; - host = "${toString config.networking.hostName}"; + clients = [ { url = "https://loki.regional.seian.cloud/loki/api/v1/push"; } ]; + scrape_configs = [ + { + job_name = "journal"; + journal = { + max_age = "12h"; + labels = { + job = "systemd-journal"; + host = "${toString config.networking.hostName}"; + }; }; - }; - relabel_configs = [{ - source_labels = [ "__journal__systemd_unit" ]; - target_label = "unit"; - }]; - }]; + relabel_configs = [ + { + source_labels = [ "__journal__systemd_unit" ]; + target_label = "unit"; + } + ]; + } + ]; }; }; }; } - diff --git a/modules/base.nix b/modules/base.nix index a1559fb..6597a97 100755 --- a/modules/base.nix +++ b/modules/base.nix @@ -1,16 +1,20 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = - [ - ./packages/vim.nix - ./users/Rory.nix - ./extra-substituters.nix - ]; + imports = [ + ./packages/vim.nix + ./users/Rory.nix + ./extra-substituters.nix + ]; boot = { initrd.systemd.enable = true; - kernelParams = [ + kernelParams = [ "memory_hotplug.memmap_on_memory=1" "memhp_default_state=online" "net.core.default_qdisc=fq" @@ -60,14 +64,19 @@ # allowedTCPPorts = [ ... ]; # allowedUDPPorts = [ ... ]; }; - nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; + nameservers = [ + "1.1.1.1" + "1.0.0.1" + "8.8.8.8" + "8.4.4.8" + ]; }; environment.etc."resolv.conf".text = '' - nameserver 8.8.8.8 - nameserver 8.4.4.8 - nameserver 1.1.1.1 - nameserver 1.0.0.1 - ''; + nameserver 8.8.8.8 + nameserver 8.4.4.8 + nameserver 1.1.1.1 + nameserver 1.0.0.1 + ''; i18n.defaultLocale = "en_US.UTF-8"; @@ -77,7 +86,7 @@ #allow more logins in cases where i have many ssh keys on a system extraConfig = '' MaxAuthTries 32 - ''; + ''; }; resolved = { enable = lib.mkForce false; @@ -90,7 +99,7 @@ sleep.extraConfig = '' AllowSuspend=no AllowHibernation=no - ''; + ''; }; environment.systemPackages = with pkgs; [ @@ -120,7 +129,6 @@ unzip brotli - # - zsh zsh zsh-powerlevel10k @@ -135,7 +143,10 @@ ''; nix = { settings = { - experimental-features = [ "nix-command" "flakes" ]; + experimental-features = [ + "nix-command" + "flakes" + ]; auto-optimise-store = true; trusted-users = [ "@wheel" ]; }; diff --git a/modules/environments/home.nix b/modules/environments/home.nix index 0658abb..3fbf14e 100755 --- a/modules/environments/home.nix +++ b/modules/environments/home.nix @@ -1,12 +1,20 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { nix = { distributedBuilds = true; -# + # buildMachines = builtins.filter (machine: !builtins.any (ip: ip == machine.hostName) (builtins.map (iface: iface.ipv4.addresses) (builtins.attrValues config.networking.interfaces))) [ { - systems = [ "x86_64-linux" "i686-linux" ]; + systems = [ + "x86_64-linux" + "i686-linux" + ]; hostName = "192.168.0.3"; sshUser = "Rory"; sshKey = "/home/Rory/.ssh/id_ed25519"; @@ -14,7 +22,10 @@ speedFactor = 43200; } { - systems = [ "x86_64-linux" "i686-linux" ]; + systems = [ + "x86_64-linux" + "i686-linux" + ]; hostName = "192.168.0.59"; sshUser = "Rory"; sshKey = "/home/Rory/.ssh/id_ed25519"; @@ -22,7 +33,7 @@ speedFactor = 16000; } ]; - + #ssh://Rory@192.168.0.3 x86_64-linux,i686-linux /home/Rory/.ssh/id_ed25519 12 1 - - - registry.nixpkgs.flake = pkgs; nixPath = [ "nixpkgs=flake:nixpkgs" ]; @@ -39,7 +50,11 @@ "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g=" "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" ]; - trusted-users = [ "root" "@wheel" "Rory" ]; + trusted-users = [ + "root" + "@wheel" + "Rory" + ]; }; }; diff --git a/modules/extra-substituters.nix b/modules/extra-substituters.nix index 9eea94f..31b5c4f 100644 --- a/modules/extra-substituters.nix +++ b/modules/extra-substituters.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { nix.settings.trusted-substituters = [ diff --git a/modules/packages/discord-screenaudio.nix b/modules/packages/discord-screenaudio.nix index 4bf7c11..2829381 100644 --- a/modules/packages/discord-screenaudio.nix +++ b/modules/packages/discord-screenaudio.nix @@ -1,16 +1,17 @@ -{ lib -, stdenv -, fetchFromGitHub -, cmake -, wrapQtAppsHook -, pkg-config -, qtbase -, qtwebengine -, knotifications -, kxmlgui -, kglobalaccel -, pipewire -, xdg-desktop-portal +{ + lib, + stdenv, + fetchFromGitHub, + cmake, + wrapQtAppsHook, + pkg-config, + qtbase, + qtwebengine, + knotifications, + kxmlgui, + kglobalaccel, + pipewire, + xdg-desktop-portal, }: stdenv.mkDerivation rec { diff --git a/modules/packages/dotnet-pack.nix b/modules/packages/dotnet-pack.nix index 75a01a1..0e4a9b4 100644 --- a/modules/packages/dotnet-pack.nix +++ b/modules/packages/dotnet-pack.nix @@ -1,12 +1,18 @@ -{ pkgs ? import <nixpkgs> {} }: +{ + pkgs ? import <nixpkgs> { }, +}: pkgs.symlinkJoin { name = "dotnet-pack"; - paths = [ pkgs.dotnet-sdk_8 pkgs.dotnet-sdk_7 pkgs.dotnet-sdk ]; + paths = [ + pkgs.dotnet-sdk_8 + pkgs.dotnet-sdk_7 + pkgs.dotnet-sdk + ]; postBuild = '' rm -rfv $out/bin rm -rfv $out/dotnet cp -rv ${pkgs.dotnet-sdk_8}/dotnet $out/ cp -rv ${pkgs.dotnet-sdk_8}/bin $out/ ''; -} \ No newline at end of file +} diff --git a/modules/packages/gitfs.nix b/modules/packages/gitfs.nix index 804a747..728e836 100755 --- a/modules/packages/gitfs.nix +++ b/modules/packages/gitfs.nix @@ -2,16 +2,16 @@ { environment.systemPackages = with pkgs; [ (gitfs.overrideAttrs (old: { - # TODO: pls fix the nixpkgs derivation - patchPhase = null; - postPatch = old.patchPhase; - patches = (old.patches or []) ++ [ - (fetchpatch { - name = "fix-MutableMapping.patch"; - url = "https://patch-diff.githubusercontent.com/raw/presslabs/gitfs/pull/382.diff"; - hash = "sha256-ZaIEhv37sorSq3P+6GeH346u/5xh3qE+49D9FRNujMQ="; - }) + # TODO: pls fix the nixpkgs derivation + patchPhase = null; + postPatch = old.patchPhase; + patches = (old.patches or [ ]) ++ [ + (fetchpatch { + name = "fix-MutableMapping.patch"; + url = "https://patch-diff.githubusercontent.com/raw/presslabs/gitfs/pull/382.diff"; + hash = "sha256-ZaIEhv37sorSq3P+6GeH346u/5xh3qE+49D9FRNujMQ="; + }) + ]; + })) ]; -}) - )]; } diff --git a/modules/packages/mc/modloaders/forge/1.19.2/43.2.11.nix b/modules/packages/mc/modloaders/forge/1.19.2/43.2.11.nix deleted file mode 100644 index e69de29..0000000 --- a/modules/packages/mc/modloaders/forge/1.19.2/43.2.11.nix +++ /dev/null diff --git a/modules/packages/mc/server/modpack/curseforge/techopolis-2/5.4.nix b/modules/packages/mc/server/modpack/curseforge/techopolis-2/5.4.nix deleted file mode 100644 index e150b7f..0000000 --- a/modules/packages/mc/server/modpack/curseforge/techopolis-2/5.4.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ lib, stdenv, pkgs, jdk17, makeWrapper }: - -let - url = "https://mediafilez.forgecdn.net/files/4824/587/Techopolis_2_server_pack.zip"; - hash = "sha256-4Ig4v8c14kxzJFeHPYv/w44c0/KkayoFc3rOuxxB+9s="; - name = "techopolis-2"; - version = "5.4"; - -in stdenv.mkDerivation { - name = name; - - #sources - src = pkgs.fetchzip { - url = url; - stripRoot = false; - hash = hash; - name = "server"; - }; - forgeJar = import ../../../../modloaders/forge/1.19.2/43.2.11.nix; - - phases = [ - "unpackPhase" - "installPhase" - ]; - buildInputs = [ jdk17 makeWrapper ]; - installPhase = '' - ls -lah - # Create the wrapper script - mkdir -p $out/bin - mkdir -p $out/lib - cp -r * $out/lib - makeWrapper ${jdk17}/bin/java $out/bin/mc-${name}-${version}-server \ - --set JAVA_HOME ${jdk17} \ - --add-args "-Dlog4j2.formatMsgNoLookups=true" - ''; -} diff --git a/modules/packages/mc/server/vanilla/1.19.2.nix b/modules/packages/mc/server/vanilla/1.19.2.nix deleted file mode 100644 index 3ad79e8..0000000 --- a/modules/packages/mc/server/vanilla/1.19.2.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib, stdenv, pkgs, jdk17, makeWrapper }: - -let - url = "https://piston-data.mojang.com/v1/objects/f69c284232d7c7580bd89a5a4931c3581eae1378/server.jar"; - hash = "sha256-4Ig4v8c14kxzJFeHPYv/w44c0/KkayoFc3rOuxxB+9s="; - name = "vanilla"; - version = "1.19.2"; -in stdenv.mkDerivation { - name = name; - src = pkgs.fetchzip { - url = url; - stripRoot = false; - hash = hash; - name = "server"; - }; - phases = [ - "unpackPhase" - "installPhase" - ]; - buildInputs = [ jdk17 makeWrapper ]; - installPhase = '' - ls -lah - # Create the wrapper script - mkdir -p $out/bin - mkdir -p $out/lib - cp -r * $out/lib - makeWrapper ${jdk17}/bin/java $out/bin/mc-${name}-${version}-server \ - --set JAVA_HOME ${jdk17} \ - --add-args "-Dlog4j2.formatMsgNoLookups=true" - ''; -} diff --git a/modules/packages/mtxclient-git.nix b/modules/packages/mtxclient-git.nix index d2a9d6a..2392312 100644 --- a/modules/packages/mtxclient-git.nix +++ b/modules/packages/mtxclient-git.nix @@ -1,19 +1,21 @@ # This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/mtxclient/default.nix # This file is a modified version of nixpkgs/pkgs/development/libraries/mtxclient/default.nix (copied at 5c4b9be) -{ lib, stdenv -, fetchFromGitHub -, cmake -, pkg-config -, openssl -, olm -, spdlog -, nlohmann_json -, libevent -, curl -, coeurl -, re2 -, mtxclientSrc +{ + lib, + stdenv, + fetchFromGitHub, + cmake, + pkg-config, + openssl, + olm, + spdlog, + nlohmann_json, + libevent, + curl, + coeurl, + re2, + mtxclientSrc, }: stdenv.mkDerivation { pname = "mtxclient"; @@ -32,7 +34,6 @@ stdenv.mkDerivation { sed -i '1a add_compile_definitions(SPDLOG_FMT_EXTERNAL)' CMakeLists.txt ''; - nativeBuildInputs = [ cmake pkg-config @@ -52,7 +53,10 @@ stdenv.mkDerivation { description = "Client API library for Matrix, built on top of Boost.Asio"; homepage = "https://github.com/Nheko-Reborn/mtxclient"; license = licenses.mit; - maintainers = with maintainers; [ fpletz pstn ]; + maintainers = with maintainers; [ + fpletz + pstn + ]; platforms = platforms.all; # Should be fixable if a higher clang version is used, see: # https://github.com/NixOS/nixpkgs/pull/85922#issuecomment-619287177 diff --git a/modules/packages/nheko-git.nix b/modules/packages/nheko-git.nix index adc3a09..c38e622 100644 --- a/modules/packages/nheko-git.nix +++ b/modules/packages/nheko-git.nix @@ -1,37 +1,38 @@ # This file was copied from NUR: https://github.com/nix-community/nur-combined/blob/master/repos/deeunderscore/pkgs/nheko/default.nix#L93 # This file is a modified version of nixpkgs/pkgs/applications/networking/instant-messengers/nheko/default.nix (copied at 2e896fce) -{ lib -, stdenv -, fetchFromGitHub -, cmake -#, wrapQtAppsHook -, asciidoctor -, qt6 -, qt6Packages -#, qtmultimedia -#, qtimageformats -#, qtkeychain -, cmark -, coeurl -, curl -, libevent -, lmdb -, lmdbxx -#, mtxclient -, nlohmann_json -, olm -, pkg-config -, re2 -, spdlog -, httplib -, voipSupport ? true -, gst_all_1 -, libnice -, kdsingleapplication -, pkgs -, nhekoSrc -, mtxclientSrc +{ + lib, + stdenv, + fetchFromGitHub, + cmake, + #, wrapQtAppsHook + asciidoctor, + qt6, + qt6Packages, + #, qtmultimedia + #, qtimageformats + #, qtkeychain + cmark, + coeurl, + curl, + libevent, + lmdb, + lmdbxx, + #, mtxclient + nlohmann_json, + olm, + pkg-config, + re2, + spdlog, + httplib, + voipSupport ? true, + gst_all_1, + libnice, + kdsingleapplication, + pkgs, + nhekoSrc, + mtxclientSrc, }: stdenv.mkDerivation { @@ -47,32 +48,37 @@ stdenv.mkDerivation { qt6.wrapQtAppsHook ]; - buildInputs = [ - qt6.qtbase - qt6.qttools - qt6.qtsvg - qt6.qtmultimedia - qt6.qtimageformats - qt6Packages.qtkeychain - kdsingleapplication - cmark - coeurl - curl - libevent - lmdb - (pkgs.callPackage ./mtxclient-git.nix { inherit mtxclientSrc; }) - nlohmann_json - olm - re2 - spdlog - httplib - ] ++ lib.optionals voipSupport (with gst_all_1; [ - gstreamer - gst-plugins-base - (gst-plugins-good.override { qt5Support = true; }) - gst-plugins-bad - libnice - ]); + buildInputs = + [ + qt6.qtbase + qt6.qttools + qt6.qtsvg + qt6.qtmultimedia + qt6.qtimageformats + qt6Packages.qtkeychain + kdsingleapplication + cmark + coeurl + curl + libevent + lmdb + (pkgs.callPackage ./mtxclient-git.nix { inherit mtxclientSrc; }) + nlohmann_json + olm + re2 + spdlog + httplib + ] + ++ lib.optionals voipSupport ( + with gst_all_1; + [ + gstreamer + gst-plugins-base + (gst-plugins-good.override { qt5Support = true; }) + gst-plugins-bad + libnice + ] + ); LC_ALL = lib.optionalString (!stdenv.isDarwin) "C.UTF-8"; @@ -82,11 +88,8 @@ stdenv.mkDerivation { "-DBUILD_SHARED_LIBS=OFF" #Rory& "-DMAN=OFF" - - ] ++ lib.optionals (!voipSupport) [ - "-DVOIP=OFF" - ]; + ] ++ lib.optionals (!voipSupport) [ "-DVOIP=OFF" ]; preFixup = lib.optionalString voipSupport '' # add gstreamer plugins path to the wrapper diff --git a/modules/packages/overlays/haskell/basement/IntWord64.nix b/modules/packages/overlays/haskell/basement/IntWord64.nix index 6cf5b86..d407bf0 100644 --- a/modules/packages/overlays/haskell/basement/IntWord64.nix +++ b/modules/packages/overlays/haskell/basement/IntWord64.nix @@ -2,16 +2,13 @@ { nixpkgs.overlays = [ (self: super: { - haskellPackages = super.haskellPackages.override { - overrides = haskellPackages-self: haskellPackages-super: { - basement = haskellPackages-super.basement.overrideAttrs (oldAttrs: { - patches = [ - ./IntWord64.patch - ]; - }); - }; + haskellPackages = super.haskellPackages.override { + overrides = haskellPackages-self: haskellPackages-super: { + basement = haskellPackages-super.basement.overrideAttrs (oldAttrs: { + patches = [ ./IntWord64.patch ]; + }); }; - } - ) + }; + }) ]; } diff --git a/modules/packages/overlays/rocm-gfx1102.nix b/modules/packages/overlays/rocm-gfx1102.nix deleted file mode 100644 index f5c650e..0000000 --- a/modules/packages/overlays/rocm-gfx1102.nix +++ /dev/null @@ -1,14 +0,0 @@ -#{ pkgs, ... }: -#{ -# nixpkgs.overlays = [ -# (final: old: { -# rocmPackages = old.rocmPackages.override { -# rocblas = (old.rocmPackages.rocblas.overrideAttrs (oldAttrs: { -# gpuTargets = [ "gfx1102" ]; -# })); -# }; -# } -# ) -# ]; -#} -# \ No newline at end of file diff --git a/modules/packages/vim.nix b/modules/packages/vim.nix index 3524e2c..eaec336 100755 --- a/modules/packages/vim.nix +++ b/modules/packages/vim.nix @@ -1,14 +1,20 @@ { pkgs, ... }: { - environment.variables = { EDITOR = "vim"; }; + environment.variables = { + EDITOR = "vim"; + }; environment.systemPackages = with pkgs; [ (neovim.override { vimAlias = true; configure = { packages.myPlugins = with pkgs.vimPlugins; { - start = [ vim-lastplace vim-nix vim-airline ]; - opt = []; + start = [ + vim-lastplace + vim-nix + vim-airline + ]; + opt = [ ]; }; customRC = '' " your custom vimrc @@ -17,6 +23,6 @@ " ... ''; }; - } - )]; + }) + ]; } diff --git a/modules/packages/xdg-desktop-portal-gtk.nix b/modules/packages/xdg-desktop-portal-gtk.nix index fa32730..cfe48d4 100644 --- a/modules/packages/xdg-desktop-portal-gtk.nix +++ b/modules/packages/xdg-desktop-portal-gtk.nix @@ -1,17 +1,18 @@ -{ stdenv -, lib -, fetchFromGitHub -, meson -, ninja -, pkg-config -, xdg-desktop-portal -, gtk3 -, gnome -, gnome-desktop -, glib -, wrapGAppsHook -, gsettings-desktop-schemas -, buildPortalsInGnome ? true +{ + stdenv, + lib, + fetchFromGitHub, + meson, + ninja, + pkg-config, + xdg-desktop-portal, + gtk3, + gnome, + gnome-desktop, + glib, + wrapGAppsHook, + gsettings-desktop-schemas, + buildPortalsInGnome ? true, }: stdenv.mkDerivation (finalAttrs: { @@ -32,17 +33,19 @@ stdenv.mkDerivation (finalAttrs: { wrapGAppsHook ]; - buildInputs = [ - glib - gtk3 - xdg-desktop-portal - gsettings-desktop-schemas # settings exposed by settings portal - #fontconfig - ] ++ lib.optionals buildPortalsInGnome [ - gsettings-desktop-schemas # settings exposed by settings portal - gnome-desktop - gnome.gnome-settings-daemon # schemas needed for settings api (mostly useless now that fonts were moved to g-d-s, just mouse and xsettings) - ]; + buildInputs = + [ + glib + gtk3 + xdg-desktop-portal + gsettings-desktop-schemas # settings exposed by settings portal + #fontconfig + ] + ++ lib.optionals buildPortalsInGnome [ + gsettings-desktop-schemas # settings exposed by settings portal + gnome-desktop + gnome.gnome-settings-daemon # schemas needed for settings api (mostly useless now that fonts were moved to g-d-s, just mouse and xsettings) + ]; mesonFlags = lib.optionals (!buildPortalsInGnome) [ "-Dwallpaper=disabled" diff --git a/modules/software-templates/dotnet.client.nix b/modules/software-templates/dotnet.client.nix index b10be16..ab8d812 100644 --- a/modules/software-templates/dotnet.client.nix +++ b/modules/software-templates/dotnet.client.nix @@ -1,11 +1,14 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - imports = [ - ./dotnet.nix - ]; - environment.systemPackages = with pkgs; [ - #`jetbrains.rider - (jetbrains.plugins.addPlugins jetbrains.rider [ "github-copilot" ]) - ]; + imports = [ ./dotnet.nix ]; + environment.systemPackages = with pkgs; [ + #`jetbrains.rider + (jetbrains.plugins.addPlugins jetbrains.rider [ "github-copilot" ]) + ]; } diff --git a/modules/software-templates/dotnet.nix b/modules/software-templates/dotnet.nix index ede22a2..be9ab4d 100644 --- a/modules/software-templates/dotnet.nix +++ b/modules/software-templates/dotnet.nix @@ -1,11 +1,14 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { - environment.systemPackages = with pkgs; [ - (callPackage ../packages/dotnet-pack.nix { inherit pkgs; }) - ]; - environment.sessionVariables = { - DOTNET_CLI_TELEMETRY_OPTOUT = "1"; - DOTNET_ROOT = "${(pkgs.callPackage ../packages/dotnet-pack.nix { inherit pkgs; })}"; - }; + environment.systemPackages = with pkgs; [ (callPackage ../packages/dotnet-pack.nix { inherit pkgs; }) ]; + environment.sessionVariables = { + DOTNET_CLI_TELEMETRY_OPTOUT = "1"; + DOTNET_ROOT = "${(pkgs.callPackage ../packages/dotnet-pack.nix { inherit pkgs; })}"; + }; } diff --git a/modules/software-templates/firefox-policy.nix b/modules/software-templates/firefox-policy.nix index 9e07193..83d0a47 100644 --- a/modules/software-templates/firefox-policy.nix +++ b/modules/software-templates/firefox-policy.nix @@ -1,78 +1,76 @@ { - AppAutoUpdate = false; - BackgroundAppUpdate = false; - BlockAboutAddons = false; - BlockAboutConfig = false; - BlockAboutProfiles = false; - BlockAboutSupport = false; - CaptivePortal = false; - Cookies = { - Block = import ../../data/domain_lists/airelle.nix; - AcceptThirdParty = false; - RejectTracker = true; - Behavior = "reject-tracker"; - }; - DisableBuiltInPDFViewer = false; - DisableFirefoxAccounts = true; - DisableFeedbackCommands = true; - DisableFirefoxStudies = true; - DisableFirefoxScreenshots = true; - DisablePocket = true; - DisableSystemAddonUpdate = true; - DisableTelemetry = true; - DisplayBookmarksToolbar = "always"; - DisplayMenuBar = "always"; - DNSOverHTTPS = { - Enabled = false; - }; - DontCheckDefaultBrowser = true; - EnableTrackingProtection = { - Value = true; - Cryptomining = true; - Fingerprinting = true; - EmailTracking = true; - }; - EncryptedMediaExtensions = { - Enabled = false; - }; - Extensions = { - Install = [ - "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi" - ]; - }; - ExtensionUpdate = false; - FirefoxHome = { - Snippets = false; - TopSites = false; - Highlights = false; - Pocket = false; - SponsoredTopSites = false; - SponsoredPocket = false; - }; - FirefoxSuggest = { - ImproveSuggest = false; - SponsoredSuggestions = false; - WebSuggestions = false; - }; - GoToIntranetSiteForSingleWordEntryInAddressBar = true; - LocalFileLinks = [ - "file://" - "https://*.rory.gay" - "http://*.localhost" - "http://localhost" - ]; - PictureInPicture = false; - SearchSuggestEnabled = false; - UserMessaging = { - WhatsNew = false; - ExtensionRecommendations = false; - UrlbarInterventions = false; - SkipOnboarding = true; - MoreFromMozilla = false; - Locked = true; - }; - WebsiteFilter = { - Block = import ../../data/domain_lists/airelle.nix; - }; - WindowsSSO = true; -} \ No newline at end of file + AppAutoUpdate = false; + BackgroundAppUpdate = false; + BlockAboutAddons = false; + BlockAboutConfig = false; + BlockAboutProfiles = false; + BlockAboutSupport = false; + CaptivePortal = false; + Cookies = { + Block = import ../../data/domain_lists/airelle.nix; + AcceptThirdParty = false; + RejectTracker = true; + Behavior = "reject-tracker"; + }; + DisableBuiltInPDFViewer = false; + DisableFirefoxAccounts = true; + DisableFeedbackCommands = true; + DisableFirefoxStudies = true; + DisableFirefoxScreenshots = true; + DisablePocket = true; + DisableSystemAddonUpdate = true; + DisableTelemetry = true; + DisplayBookmarksToolbar = "always"; + DisplayMenuBar = "always"; + DNSOverHTTPS = { + Enabled = false; + }; + DontCheckDefaultBrowser = true; + EnableTrackingProtection = { + Value = true; + Cryptomining = true; + Fingerprinting = true; + EmailTracking = true; + }; + EncryptedMediaExtensions = { + Enabled = false; + }; + Extensions = { + Install = [ "https://github.com/gorhill/uBlock/releases/download/1.52.2/uBlock0_1.52.2.firefox.signed.xpi" ]; + }; + ExtensionUpdate = false; + FirefoxHome = { + Snippets = false; + TopSites = false; + Highlights = false; + Pocket = false; + SponsoredTopSites = false; + SponsoredPocket = false; + }; + FirefoxSuggest = { + ImproveSuggest = false; + SponsoredSuggestions = false; + WebSuggestions = false; + }; + GoToIntranetSiteForSingleWordEntryInAddressBar = true; + LocalFileLinks = [ + "file://" + "https://*.rory.gay" + "http://*.localhost" + "http://localhost" + ]; + PictureInPicture = false; + SearchSuggestEnabled = false; + UserMessaging = { + WhatsNew = false; + ExtensionRecommendations = false; + UrlbarInterventions = false; + SkipOnboarding = true; + MoreFromMozilla = false; + Locked = true; + }; + WebsiteFilter = { + Block = import ../../data/domain_lists/airelle.nix; + }; + WindowsSSO = true; +} diff --git a/modules/software-templates/profilers.nix b/modules/software-templates/profilers.nix index ce55c4e..99090da 100644 --- a/modules/software-templates/profilers.nix +++ b/modules/software-templates/profilers.nix @@ -1,10 +1,16 @@ -{ config, lib, pkgs, home-manager, ... }: +{ + config, + lib, + pkgs, + home-manager, + ... +}: { - environment.systemPackages = with pkgs; [ - kcachegrind - linuxKernel.packages.linux_5_15.perf - hotspot - valgrind - ]; -} \ No newline at end of file + environment.systemPackages = with pkgs; [ + kcachegrind + linuxKernel.packages.linux_5_15.perf + hotspot + valgrind + ]; +} diff --git a/modules/users/Alice.nix b/modules/users/Alice.nix index e2e343a..465754a 100755 --- a/modules/users/Alice.nix +++ b/modules/users/Alice.nix @@ -2,16 +2,13 @@ { imports = [ groups/BugMine-contrib.nix ]; - users.groups.Alice = {}; + users.groups.Alice = { }; users.users.Alice = { isSystemUser = true; extraGroups = [ "BugMine-contrib" ]; group = "Alice"; home = "/group/bugmine-contrib"; shell = "${pkgs.git}/bin/git-shell"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn" - ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn" ]; }; } - diff --git a/modules/users/Rory.client.nix b/modules/users/Rory.client.nix index b74bbd9..ec1692c 100755 --- a/modules/users/Rory.client.nix +++ b/modules/users/Rory.client.nix @@ -1,4 +1,10 @@ -{ config, lib, pkgs, home-manager, ... }: +{ + config, + lib, + pkgs, + home-manager, + ... +}: { programs = { @@ -12,8 +18,8 @@ services.gnome-keyring.enable = lib.mkForce false; dconf.settings = { "org/virt-manager/virt-manager/connections" = { - autoconnect = ["qemu:///system"]; - uris = ["qemu:///system"]; + autoconnect = [ "qemu:///system" ]; + uris = [ "qemu:///system" ]; }; }; # keepassxc, maybe? @@ -23,24 +29,24 @@ # #After = [ "graphical-session-pre.target" ]; # PartOf = [ "default.target" ]; # }; -# + # # Install = { WantedBy = [ "default.target" ]; }; -# + # # Service = { # ExecStart = "${pkgs.keepassxc}/bin/keepassxc ~/.secrets.kdbx"; # Restart = "always"; # }; #}; -# + # #systemd.user.services.easyeffects = { # Unit = { # Description = "EasyEffects"; # #After = [ "graphical-session-pre.target" ]; # PartOf = [ "default.target" ]; # }; -# + # # Install = { WantedBy = [ "default.target" ]; }; -# + # # Service = { # ExecStart = "${pkgs.easyeffects}/bin/easyeffects"; # Restart = "always"; @@ -50,4 +56,3 @@ home.stateVersion = "22.11"; }; } - diff --git a/modules/users/Rory.nix b/modules/users/Rory.nix index a31e8c2..5e09c09 100755 --- a/modules/users/Rory.nix +++ b/modules/users/Rory.nix @@ -1,9 +1,19 @@ -{ config, lib, pkgs, home-manager, ... }: +{ + config, + lib, + pkgs, + home-manager, + ... +}: { users.users.Rory = { isNormalUser = true; - extraGroups = [ "wheel" "libvirtd" "ocp" ]; + extraGroups = [ + "wheel" + "libvirtd" + "ocp" + ]; packages = with pkgs; [ lnav age @@ -44,14 +54,14 @@ EDITOR = "nvim"; SYSTEMD_EDITOR = "nvim"; GIT_EDITOR = "nvim"; - QT_QPA_PLATFORMTHEME="xdgdesktopportal"; - GTK_USE_PORTAL="1"; - _JAVA_AWT_WM_NONREPARENTING="1"; - WINEDEBUG="-all"; - CHOKIDAR_USEPOLLING="true"; - MSBUILDLIVELOGGER="auto"; - DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER="1"; - DOTNET_CLI_TELEMETRY_OPTOUT="1"; + QT_QPA_PLATFORMTHEME = "xdgdesktopportal"; + GTK_USE_PORTAL = "1"; + _JAVA_AWT_WM_NONREPARENTING = "1"; + WINEDEBUG = "-all"; + CHOKIDAR_USEPOLLING = "true"; + MSBUILDLIVELOGGER = "auto"; + DOTNET_WATCH_SUPPRESS_LAUNCH_BROWSER = "1"; + DOTNET_CLI_TELEMETRY_OPTOUT = "1"; NIXPKGS_ALLOW_UNFREE = "1"; MOZ_USE_XINPUT2 = "1"; }; @@ -99,7 +109,7 @@ export DISABLE_AUTO_UPDATE=true COMPLETION_WAITING_DOTS="true" - ''; + ''; initExtra = '' alias mv='mv -v' alias pre='npx prettier -w' @@ -115,15 +125,15 @@ alias transfetch='neofetch --kitty ~/trans_witch.jpg' alias gc='git-commit' [ -f "$HOME/.profile" ] && . $HOME/.profile - ''; - #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig' + ''; + #alias knconfig='cp .config ../$(date ''+%Y%m%d_%k%M%S\'').config -v; make CC=clang LLVM=1 nconfig' oh-my-zsh = { enable = true; plugins = [ "git" "sudo" ]; - }; + }; plugins = [ { @@ -189,7 +199,7 @@ vimdiffAlias = true; coc = { enable = true; - + }; }; }; @@ -205,4 +215,3 @@ home.stateVersion = "22.11"; }; } - diff --git a/modules/users/chris.nix b/modules/users/chris.nix index 86acee5..3ab5d98 100755 --- a/modules/users/chris.nix +++ b/modules/users/chris.nix @@ -10,9 +10,6 @@ nodejs-slim ]; #initialPassword = "password"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI" - ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI" ]; }; } - diff --git a/modules/users/db2k.nix b/modules/users/db2k.nix index a6dc7cd..65457a4 100755 --- a/modules/users/db2k.nix +++ b/modules/users/db2k.nix @@ -1,16 +1,13 @@ { config, pkgs, ... }: { - users.groups.db2k = {}; + users.groups.db2k = { }; users.users.db2k = { isSystemUser = true; extraGroups = [ "ocp" ]; group = "db2k"; home = "/data/nginx/html_git/.ocp"; shell = "${pkgs.git}/bin/git-shell"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfXA4Oh0LZqY8LAS/lnANKVDBlemHGPWdtep1GE/LId garyzipperer09@gmail.com" - ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMfXA4Oh0LZqY8LAS/lnANKVDBlemHGPWdtep1GE/LId garyzipperer09@gmail.com" ]; }; } - diff --git a/modules/users/groups/BugMine-contrib.nix b/modules/users/groups/BugMine-contrib.nix index 636afba..3b3ce07 100644 --- a/modules/users/groups/BugMine-contrib.nix +++ b/modules/users/groups/BugMine-contrib.nix @@ -1,5 +1,5 @@ { config, pkgs, ... }: { - users.groups.BugMine-contrib = {}; + users.groups.BugMine-contrib = { }; } diff --git a/modules/users/ks.nix b/modules/users/ks.nix index 878e55b..1039fd1 100755 --- a/modules/users/ks.nix +++ b/modules/users/ks.nix @@ -1,16 +1,21 @@ -{ config, pkgs, home-manager, ... }: +{ + config, + pkgs, + home-manager, + ... +}: { users.users.ks = { isNormalUser = true; - extraGroups = [ "wheel" "ocp" ]; - packages = with pkgs; [ + extraGroups = [ + "wheel" + "ocp" ]; + packages = with pkgs; [ ]; #initialPassword = "password"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUDh1WPUF6mPQ1E38ozUjY/DZhEbwZL37eZ51DgpuLo ks" - ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPUDh1WPUF6mPQ1E38ozUjY/DZhEbwZL37eZ51DgpuLo ks" ]; }; home-manager.users.ks = { @@ -28,4 +33,3 @@ home.stateVersion = "22.11"; }; } - diff --git a/modules/users/levi.nix b/modules/users/levi.nix index bb28656..8112df2 100755 --- a/modules/users/levi.nix +++ b/modules/users/levi.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { - users.groups.levi = {}; + users.groups.levi = { }; users.users.levi = { isSystemUser = true; extraGroups = [ "ocp" ]; @@ -15,4 +15,3 @@ ]; }; } - |