merge north master
This commit is contained in:
Lennart J. Kurzweg (Nx2)
@@ -1,4 +1,4 @@
|
|||||||
{ pkgs, pkgs-unstable, inputs, ... }:
|
{ pkgs, pkgs-unstable, lib, inputs, allowed, nvidia, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
inputs.sops-nix.nixosModules.sops
|
inputs.sops-nix.nixosModules.sops
|
||||||
@@ -17,7 +17,7 @@
|
|||||||
./system-modules/gpg.nix
|
./system-modules/gpg.nix
|
||||||
./system-modules/sops.nix
|
./system-modules/sops.nix
|
||||||
./system-modules/syncthing.nix
|
./system-modules/syncthing.nix
|
||||||
# ./system-modules/hsmw.nix # old
|
./system-modules/hsmw.nix # old
|
||||||
./system-modules/docker.nix
|
./system-modules/docker.nix
|
||||||
./system-modules/health_reminder.nix
|
./system-modules/health_reminder.nix
|
||||||
./system-modules/ydotool.nix
|
./system-modules/ydotool.nix
|
||||||
@@ -62,7 +62,7 @@
|
|||||||
|
|
||||||
# List packages installed in system profile. To search, run:
|
# List packages installed in system profile. To search, run:
|
||||||
# $ nix search wget
|
# $ nix search wget
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; ([
|
||||||
git
|
git
|
||||||
lazygit # home-manager module is bugged
|
lazygit # home-manager module is bugged
|
||||||
git-crypt
|
git-crypt
|
||||||
@@ -80,8 +80,8 @@
|
|||||||
blueman
|
blueman
|
||||||
dmidecode
|
dmidecode
|
||||||
file
|
file
|
||||||
] ++ (with pkgs-unstable; [
|
# ]) ++ (with pkgs-unstable; [
|
||||||
sendme
|
# # sendme
|
||||||
]);
|
]);
|
||||||
|
|
||||||
environment.variables = {
|
environment.variables = {
|
||||||
@@ -100,7 +100,6 @@
|
|||||||
|
|
||||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
|
|
||||||
|
|
||||||
programs.bash.shellInit = ''
|
programs.bash.shellInit = ''
|
||||||
source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh
|
source $HOME/.nix-profile/etc/profile.d/hm-session-vars.sh
|
||||||
'';
|
'';
|
||||||
|
|||||||
Binary file not shown.
Binary file not shown.
@@ -102,9 +102,9 @@ lib.mkIf (host != "NxACE")
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
hsmw = {
|
hsmw = with secrets.email.hsmw; {
|
||||||
address = secrets.email.hsmw.mail;
|
address = "${un}@hs-mittweida.de";
|
||||||
userName = secrets.email.hsmw.mail;
|
userName = "${un}@hs-mittweida.de";
|
||||||
realName = "Lennart J. Kurzweg";
|
realName = "Lennart J. Kurzweg";
|
||||||
imap = {
|
imap = {
|
||||||
port = 993;
|
port = 993;
|
||||||
@@ -117,8 +117,8 @@ lib.mkIf (host != "NxACE")
|
|||||||
};
|
};
|
||||||
signature = {
|
signature = {
|
||||||
text = ''
|
text = ''
|
||||||
MatNr: ${secrets.email.hsmw.mnr}
|
MatNr: ${mnr}
|
||||||
SemGr: ${secrets.email.hsmw.semgr}
|
SemGr: ${semgr}
|
||||||
About Me: https://nx2.site/about-me
|
About Me: https://nx2.site/about-me
|
||||||
Contact: https://nx2.site/contact
|
Contact: https://nx2.site/contact
|
||||||
GPG: https://nx2.site/gpg
|
GPG: https://nx2.site/gpg
|
||||||
@@ -128,6 +128,9 @@ lib.mkIf (host != "NxACE")
|
|||||||
thunderbird = {
|
thunderbird = {
|
||||||
enable = true;
|
enable = true;
|
||||||
profiles = [ "default" ];
|
profiles = [ "default" ];
|
||||||
|
settings = id: {
|
||||||
|
"mail.server.server_${id}.fcc_folder" = "imap://${un}%40hs-mittweida.de@xc.hs-mittweida.de/Sent";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@@ -99,7 +99,7 @@
|
|||||||
"constant" = accent.bright;
|
"constant" = accent.bright;
|
||||||
"constant.character.escape" = special.bright;
|
"constant.character.escape" = special.bright;
|
||||||
"constant.numeric" = foreground;
|
"constant.numeric" = foreground;
|
||||||
"constructor" = blue.dark;
|
"constructor" = weird.base;
|
||||||
"debug" = yellow.base;
|
"debug" = yellow.base;
|
||||||
"diagnostic.modifiers" = [ "underlined" ];
|
"diagnostic.modifiers" = [ "underlined" ];
|
||||||
"diff.delta" = blue.bright;
|
"diff.delta" = blue.bright;
|
||||||
|
|||||||
@@ -49,6 +49,7 @@ lib.mkIf (user != "tv")
|
|||||||
"leagueclientux.exe" = ""
|
"leagueclientux.exe" = ""
|
||||||
zathura = ""
|
zathura = ""
|
||||||
code-oss = ""
|
code-oss = ""
|
||||||
|
codium-url-handler = ""
|
||||||
discord = ""
|
discord = ""
|
||||||
vesktop = ""
|
vesktop = ""
|
||||||
blueman-manager = ""
|
blueman-manager = ""
|
||||||
|
|||||||
4
home.nix
4
home.nix
@@ -32,7 +32,6 @@
|
|||||||
./home-modules/fish.nix
|
./home-modules/fish.nix
|
||||||
./home-modules/bash.nix
|
./home-modules/bash.nix
|
||||||
./home-modules/starship.nix
|
./home-modules/starship.nix
|
||||||
# ./home-modules/nvim.nix
|
|
||||||
./home-modules/helix.nix
|
./home-modules/helix.nix
|
||||||
./home-modules/vale.nix
|
./home-modules/vale.nix
|
||||||
|
|
||||||
@@ -74,7 +73,8 @@
|
|||||||
swww playerctl
|
swww playerctl
|
||||||
|
|
||||||
imv mpv mediainfo exiftool ffmpeg
|
imv mpv mediainfo exiftool ffmpeg
|
||||||
pavucontrol fontpreview gtk2fontsel
|
pavucontrol
|
||||||
|
fontpreview gtk2fontsel
|
||||||
lynx w3m browsh
|
lynx w3m browsh
|
||||||
bat du-dust eza neofetch tldr fzf figlet ripgrep lolcat jq glow
|
bat du-dust eza neofetch tldr fzf figlet ripgrep lolcat jq glow
|
||||||
brightnessctl wev
|
brightnessctl wev
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
@@ -1,24 +1,31 @@
|
|||||||
{ pkgs, lib, host, secrets, ... }:
|
{ pkgs, lib, host, secrets, ... }:
|
||||||
lib.mkIf (host != "NxACE")
|
lib.mkIf (host != "NxACE")
|
||||||
{
|
{
|
||||||
environment.systemPackages = [
|
environment.systemPackages = with pkgs; [
|
||||||
pkgs.strongswanNM
|
strongswanNM
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.etc = {
|
environment.etc = {
|
||||||
|
|
||||||
# Easyroam
|
# # Easyroam
|
||||||
"ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem;
|
# "ssl/certs/easyroam_client_cert.pem".source = ../secrets/easyroam-hsmw/easyroam_client_cert.pem;
|
||||||
"ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem;
|
# "ssl/certs/easyroam_root_ca.pem".source = ../secrets/easyroam-hsmw/easyroam_root_ca.pem;
|
||||||
"ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem;
|
# "ssl/certs/easyroam_client_key.pem".source = ../secrets/easyroam-hsmw/easyroam_client_key.pem;
|
||||||
"NetworkManager/system-connections/eduroam.nmconnection" = {
|
# "NetworkManager/system-connections/eduroam.nmconnection" = {
|
||||||
text = secrets.easyroamHSMW.nmconfig;
|
# text = secrets.easyroamHSMW.nmconfig;
|
||||||
mode = "0600";
|
# mode = "0600";
|
||||||
|
# };
|
||||||
|
|
||||||
|
# "ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.un}@hs-mittweida.de : EAP "megasecret"'';
|
||||||
|
# "ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem;
|
||||||
|
# "ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem;
|
||||||
};
|
};
|
||||||
|
|
||||||
"ipsec.d/hsmw.secrets".text = ''${secrets.email.hsmw.mail} : EAP "${secrets.email.hsmw.password}"'';
|
|
||||||
"ipsec.d/USERTrust-ECC.pem".source = ../secrets/vpn-hsmw/USERTrust-ECC-Certification-Authority.pem;
|
sops.secrets = {
|
||||||
"ipsec.d/USERTrust-RSA.pem".source = ../secrets/vpn-hsmw/USERTrust-RSA-Certification-Authority.pem;
|
"USERTrust/ECC" = { path = "/etc/ipsec.d/USERTrust-ECC.pem"; };
|
||||||
|
"USERTrust/RSA" = { path = "/etc/ipsec.d/USERTrust-RSA.pem"; };
|
||||||
|
"hsmw-vpn-secret" = { path = "/etc/ipsec.d/hsmw.secret"; mode = "600"; };
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.networkmanager.enableStrongSwan = true;
|
networking.networkmanager.enableStrongSwan = true;
|
||||||
@@ -35,7 +42,7 @@ lib.mkIf (host != "NxACE")
|
|||||||
left = "%defaultroute";
|
left = "%defaultroute";
|
||||||
leftid = "%any";
|
leftid = "%any";
|
||||||
leftauth = "eap";
|
leftauth = "eap";
|
||||||
eap_identity = secrets.email.hsmw.mail;
|
eap_identity = "${secrets.email.hsmw.un}@hs-mittweida.de";
|
||||||
leftsourceip = "%config";
|
leftsourceip = "%config";
|
||||||
leftdns = "%config4";
|
leftdns = "%config4";
|
||||||
leftfirewall = "no";
|
leftfirewall = "no";
|
||||||
@@ -73,7 +80,7 @@ lib.mkIf (host != "NxACE")
|
|||||||
"openssl"
|
"openssl"
|
||||||
"resolve"
|
"resolve"
|
||||||
];
|
];
|
||||||
secrets = [ "/etc/ipsec.d/hsmw.secrets" ];
|
secrets = [ "/etc/ipsec.d/hsmw.secret" ];
|
||||||
ca = {
|
ca = {
|
||||||
hsmw = {
|
hsmw = {
|
||||||
auto = "add";
|
auto = "add";
|
||||||
|
|||||||
@@ -5,41 +5,6 @@ let p = pkgs-unstable; in
|
|||||||
ollama
|
ollama
|
||||||
];
|
];
|
||||||
|
|
||||||
# services.ollama.environmentVariables = {
|
|
||||||
# OLLAMA_ORIGINS = "*";
|
|
||||||
# };
|
|
||||||
|
|
||||||
# systemd.services.ollama = {
|
|
||||||
# environment.OLLAMA_ORIGINS = "*";
|
|
||||||
# description = "Ollama Service";
|
|
||||||
# after = [ "network-online.target" "ollama-doesnt-respect-xdg-data-home.service" ];
|
|
||||||
# serviceConfig = {
|
|
||||||
# Type = "simple";
|
|
||||||
# # Environment = "\"XDG_DATA_HOME=/run/current-system/sw/share\"";
|
|
||||||
# ExecStart = "${pkgs.ollama}/bin/ollama serve";
|
|
||||||
# User = "ollama";
|
|
||||||
# Group = "ollama";
|
|
||||||
# Restart = "always";
|
|
||||||
# RestartSec = "3";
|
|
||||||
# };
|
|
||||||
# wantedBy = [ "default.target" ];
|
|
||||||
# };
|
|
||||||
|
|
||||||
# users.users.ollama = {
|
|
||||||
# isSystemUser = true;
|
|
||||||
# home = "/usr/share/ollama";
|
|
||||||
# shell = "/bin/false";
|
|
||||||
# group = "ollama";
|
|
||||||
# };
|
|
||||||
# users.groups.ollama = {};
|
|
||||||
|
|
||||||
# systemd.services.ollama-doesnt-respect-xdg-data-home = {
|
|
||||||
# wantedBy = ["multi-user.target"];
|
|
||||||
# script = ''
|
|
||||||
# mkdir -p /usr/share/ollama/.ollama
|
|
||||||
# chown ollama:ollama -R /usr/share/ollama
|
|
||||||
# '';
|
|
||||||
# };
|
|
||||||
services.ollama = {
|
services.ollama = {
|
||||||
package = p.ollama;
|
package = p.ollama;
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|||||||
Reference in New Issue
Block a user