c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stuff

Browse Source
This commit is contained in:
Sebastian Moser
2026-02-17 22:30:17 +01:00
parent d3f6e79b85
commit e6a35ee756
34 changed files with 2839 additions and 796 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
hosts/fasu.nix
View File

@@ -26,6 +26,8 @@
}
];
services.tailscale.enable = true;
#fileSystems."/boot" = {
# device = "/dev/disk/by-label/fusu-boot";
@@ -114,6 +116,19 @@
boot.loader.grub.extraConfig = ''
set timeout=2
'';
# Add these modules
boot.initrd.availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
"virtio_balloon"
"virtio_blk"
"virtio_pci"
"virtio_ring"
];
# the flash drive in use for fasu
disko.devices.disk.root.device = "/dev/nbd0";

19
hosts/fe.nix
View File

@@ -13,8 +13,17 @@
../users/me/headless.nix
../users/root/default.nix
../users/server/headless.nix
inputs.arion.nixosModules.arion
../mods/fesu-services.nix
];
users.users.server.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNXOPxlnSxkhm050ui56D5SHrkhuFwUOU0Gf0C+Vmks melektron@goarnix"
];
users.users.me.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKNXOPxlnSxkhm050ui56D5SHrkhuFwUOU0Gf0C+Vmks melektron@goarnix"
];
services.tailscale.enable = true;
@@ -24,7 +33,6 @@
qemuSwtpm = true;
#qemuOvmfPackage = pkgs.OVMFFull;
};
virtualisation.docker.enable = true;
users.users.server.extraGroups = [ "docker" ];
# Use the GRUB 2 boot loader.
@@ -54,7 +62,7 @@
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
settings.PermitRootLogin = "yes";
ports = [ 22 ];
ports = [ 22 49004 ];
settings.X11Forwarding = true;
@@ -75,6 +83,9 @@
services.samba.openFirewall = true;
networking.firewall.allowedTCPPorts = [
80 # http
443 # https
8888 # for general usage
9999 # for general usage
8080 # for mitm proxy
@@ -94,10 +105,10 @@
networking.firewall.allowedTCPPortRanges = [
{ from = 25500; to = 27777;} # minecraft
{ from = 49000; to = 49300;} # general
];
networking.firewall.allowedUDPPortRanges = [
{ from = 27700; to = 28800;} # minecraft
{ from = 49000; to = 49300;} # general
];
networking.firewall.allowedUDPPorts = [

23
hosts/fusu.nix
View File

@@ -1,5 +1,5 @@
{ inputs, pkgs, secretsDir, config, system, ... }: let
{ inputs, pkgs, secretsDir, config, dataDir, ... }: let
in {
@@ -27,6 +27,17 @@ in {
#"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTV1VoNAjMha5IP+qb8XABDo02pW3iN0yPBIbSqZA27 me@acern"
#];
virtualisation.libvirtd = {
enable = true;
qemuOvmf = true;
qemuSwtpm = true;
};
# store libvirt data in dataDir
fileSystems."/var/lib/libvirt" = {
device = "/home/me/host/libvirt";
options = [ "bind" ];
};
# allow server user to shutdown fusu
@@ -53,6 +64,16 @@ in {
networking.firewall.interfaces."tailscale0".allowedTCPPorts = [
44444 # resilio sync
9000 # resilio webui
9001 # fwin vnc
9002 # fwin rdp
9003 # fwin ssh
];
networking.firewall.interfaces."br0".allowedTCPPorts = [
44444 # resilio sync
9000 # resilio webui
9001 # fwin vnc
9002 # fwin rdp
9003 # fwin ssh
];

29
hosts/ki.nix
View File

@@ -52,6 +52,7 @@ in {
networking.firewall.allowedUDPPorts = [
48899 # GoodWe inverter discovery
4410 # lan-mouse
41641 # tailscale
];
services.resilio = {
@@ -150,6 +151,7 @@ in {
uuid = "e0103dac-7da0-4e32-a01b-487b8c4c813c";
type = "wifi";
interface-name = "wlp2s0";
autoconnect-priority = "200";
};
wifi = {
@@ -170,6 +172,33 @@ in {
};
};
gw = {
connection = {
id = "gw";
uuid = "de655c52-1af2-4b46-b7b2-8ddad9edb52f";
type = "wifi";
interface-name = "wlp2s0";
autoconnect-priority = "300";
};
wifi = {
hidden = "false";
mode = "infrastructure";
ssid = builtins.readFile "${secretsDir}/gw-ssid";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = builtins.readFile "${secretsDir}/gw-password";
};
ipv4 = {
#address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto";
};
};
hot = {
connection = {
id = "hot";

26
hosts/lush.nix
View File

@@ -155,6 +155,32 @@
method = "auto";
};
};
gw = {
connection = {
id = "gw";
uuid = "de655c52-1af2-4b46-b7b2-8ddad9edb52f";
type = "wifi";
interface-name = "wlan0";
autoconnect-priority = "300";
};
wifi = {
hidden = "true";
mode = "infrastructure";
ssid = builtins.readFile "${secretsDir}/gw-ssid";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = builtins.readFile "${secretsDir}/gw-password";
};
ipv4 = {
#address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto";
};
};
hh40 = {
connection = {

108
hosts/mac.nix
View File

@@ -4,6 +4,7 @@ myobs = pkgs.wrapOBS {
plugins = with pkgs.obs-studio-plugins; [
obs-ndi
obs-teleport
droidcam-obs
];
};
@@ -24,7 +25,7 @@ in {
services.tailscale.enable = true;
programs.nix-ld.enable = true;
services.pid-fan-controller.enable = true;
#services.pid-fan-controller.enable = true;
networking.hostName = "mac";
networking.firewall.enable = false;
@@ -60,6 +61,19 @@ in {
48899 # GoodWe inverter discovery
4410 # lan-mouse
];
##### Netbird Configuration
services.netbird.clients.ppc = {
#login = {
#enable = true;
#setupKeyFile = "${secretsDir}/netbird-setup-key";
#};
port = 51821;
ui.enable = false;
openFirewall = true;
#openInternalFirewall = true;
};
swapDevices = [ { device = "/swapfile"; } ];
@@ -88,8 +102,32 @@ in {
set timeout=2
'';
};
# fix bluetooth-3-0-keyboard not reporting left and right cmd seperately (and remapping the other things the way i want them)
services.udev.extraHwdb = ''
evdev:input:b0005v05AC*
KEYBOARD_KEY_700e3=leftctrl
KEYBOARD_KEY_700e7=rightalt
KEYBOARD_KEY_700e2=leftmeta
KEYBOARD_KEY_700e0=leftalt
'';
# fan speed fix
systemd.services.my-fan-speed-fix = {
description = "Set applesmc fan values";
serviceConfig = {
Type = "oneshot";
ExecStart = ''
/bin/sh -c 'echo 1 > /sys/devices/platform/applesmc.768/fan2_manual; echo 1000 > /sys/devices/platform/applesmc.768/fan2_output'
'';
};
#startAt = "*:0/3"; # Runs every 3 minutes
wantedBy = [ "multi-user.target" "suspend.target" "hibernate.target" "hybrid-sleep.target" ];
after = [ "suspend.target" "hibernate.target" "hybrid-sleep.target" ];
};
environment.systemPackages = with pkgs; [
myobs
lm_sensors
linuxPackages.usbip
helvum
@@ -112,20 +150,7 @@ in {
};
networking = {
#usePredictableInterfaceNames = false;
defaultGateway = {
address = "192.168.1.1";
interface = "enp2s0";
};
nameservers = [ "1.1.1.1" "8.8.8.8" ];
interfaces = {
"enp2s0" = {
name = "enp2s0";
ipv4.addresses = [
{ address = "192.168.1.33"; prefixLength = 24;}
];
};
};
};
services.openssh = {
@@ -142,12 +167,12 @@ in {
'';
};
home-manager.users.me.home.file.".config/sway/config".text = ''
exec ${pkgs.wayvnc}/bin/wayvnc 0.0.0.0 6666
#home-manager.users.me.home.file.".config/sway/config".text = ''
#exec ${pkgs.wayvnc}/bin/wayvnc 0.0.0.0 6666
#exec 'wl-paste -w ${pkgs.netcat-openbsd}/bin/nc 192.168.1.11 4405'
#exec 'sh -c "while true; do ${pkgs.netcat-openbsd}/bin/nc -l 4405 | wl-copy; done"'
#exec 'sh -c "while true; do cat ~/clipboard | wl-paste; done"'
'';
#'';
home-manager.users.me.programs.lan-mouse = {
enable = true;
@@ -160,10 +185,8 @@ in {
position = "left";
hostname = "main";
activate_on_startup = true;
ips = [ "192.168.1.11" ];
ips = [ "192.168.4.2" "100.71.47.106" ];
port = 4410;
#enter_hook = "${pkgs.wl-clipboard}/bin/wl-paste | ${pkgs.netcat-openbsd}/bin/nc 192.168.1.11 4405";
enter_hook = "/run/current-system/sw/bin/cat /home/me/.cache/clipboard | ${pkgs.netcat-openbsd}/bin/nc 192.168.1.11 4405 -N";
}
];
};
@@ -175,7 +198,6 @@ in {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPgKLRF9iYRH3Y8hPjLX1ZY6GyavruqcQ0Q0Y8bnmpv9 me@tab"
];
services.greetd = lib.mkForce {
enable = true;
settings = rec {
@@ -350,6 +372,21 @@ in {
networking.networkmanager.enable = true;
networking.networkmanager.profiles = {
home = {
connection = {
id = "home";
uuid = "a02273d9-ad12-395e-8372-f61129635b6f";
type = "ethernet";
autoconnect-priority = "300";
interface-name = "enp2s0";
};
ipv4 = {
address2 = "192.168.4.3/24";
dns = "1.1.1.1;";
method = "manual";
};
};
pw = {
connection = {
id = "pw";
@@ -377,6 +414,33 @@ in {
};
};
gw = {
connection = {
id = "gw";
uuid = "de655c52-1af2-4b46-b7b2-8ddad9edb52f";
type = "wifi";
interface-name = "wlp3s0";
autoconnect-priority = "300";
};
wifi = {
hidden = "true";
mode = "infrastructure";
ssid = builtins.readFile "${secretsDir}/gw-ssid";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = builtins.readFile "${secretsDir}/gw-password";
};
ipv4 = {
#address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto";
};
};
hot = {
connection = {
id = "hot";
@@ -429,7 +493,7 @@ in {
id = "dhcp";
uuid = "c006389a-1697-4f77-91c3-95b466f85f13";
type = "ethernet";
autoconnect = true;
autoconnect = false;
autoconnect-priority = "200";
interface-name = "enp2s0";
};

176
hosts/main.nix
View File

@@ -40,12 +40,13 @@
enableVirtualCamera = true;
plugins = with pkgs.obs-studio-plugins; [
droidcam-obs
obs-ndi
#distroav
obs-teleport
];
};
# virtual display
/*
hardware.display = {
edid.packages = [
@@ -66,12 +67,13 @@
UUEwQzAxNzgwMDEKACU=
EOF
'')
*/
];
*/
# find a free GPU output using this command:
# for p in /sys/class/drm/*/status; do con=${p%/status}; echo -n "${con#*/card?-}: "; cat $p; done
/*
outputs."DP-2" = {
edid = "virtual.bin";
@@ -81,10 +83,25 @@
mode = "1920x1080e";
};
};
*/
##### Netbird Configuration
services.netbird.clients.ppc = {
#login = {
#enable = true;
#setupKeyFile = "${secretsDir}/netbird-setup-key";
#};
port = 51821;
ui.enable = false;
openFirewall = true;
#openInternalFirewall = true;
};
programs.fuse.userAllowOther = true;
services.gnome.gnome-keyring.enable = true;
services.sunshine = {
enable = false;
autoStart = true;
@@ -128,6 +145,10 @@
});
};
fonts.packages = with pkgs; [
league-gothic
];
hardware.graphics.extraPackages = with pkgs; [
@@ -135,22 +156,41 @@
];
services.keyd = {
enable = true;
/*
keyboards.bluetooth-3-0-keyboard = {
ids = [ "05ac:0255:f22563e9" ];
settings.main = {
leftalt = "meta";
leftcontrol = "leftalt";
};
};
*/
#keyboards.default.ids = [ "-05ac:0255" ]; completely disables my rebinding...... hmmmm
keyboards.default.settings = {
main = {
leftalt = "leftcontrol";
leftcontrol = "leftalt";
};
};
};
home-manager.users.me.programs.lan-mouse = {
enable = true;
settings = {
authorized_fingerprints."0d:4f:2c:8a:46:d5:6a:e2:22:c9:02:89:39:da:75:69:2d:e9:32:39:d7:dc:e6:e2:50:d6:20:22:a5:26:d4:44" = "mac";
authorized_fingerprints."20:e2:a0:c1:e9:52:9b:72:d5:68:8c:7c:91:c0:ac:33:ba:ec:bc:61:73:e9:8e:c1:a8:30:1a:ea:ae:2b:55:33" = "mac";
port = 4410;
clients = [
{
position = "right";
hostname = "mac";
activate_on_startup = true;
ips = [ "192.168.1.33" ];
ips = [ "192.168.4.3" "100.100.55.117" ];
port = 4410;
#enter_hook = "${pkgs.wl-clipboard}/bin/wl-paste | ${pkgs.openssh}/bin/ssh mac 'cat > ~/clipboard'";
#enter_hook = "/run/current-system/sw/bin/echo hooooooooooo > /home/me/p1";
enter_hook = "/run/current-system/sw/bin/cat /home/me/.cache/clipboard | /run/current-system/sw/bin/ssh mac 'cat >~/clipboard'";
}
];
};
@@ -165,7 +205,7 @@
services.tailscale.enable = true;
services.resilio = {
enable = true;
enable = false;
enableWebUI = true;
httpListenAddr = "100.71.47.106";
checkForUpdates = false;
@@ -231,6 +271,7 @@
#../common/nixos-graphical.nix
../common/nixos-wayland.nix
../common/building.nix
../common/nixos.nix
../mods/battery_monitor.nix
inputs.networkmanager.nixosModules.networkmanager
@@ -246,12 +287,17 @@
#inputs.waveforms.nixosModule
];
services.udev.packages = [ inputs.waveforms.packages.${system}.adept2-runtime ];
users.users.rslsync.extraGroups = ["users"];
#services.udev.packages = [ inputs.waveforms.packages.${system}.adept2-runtime ];
#users.users.rslsync.extraGroups = ["users"];
# add myself to plugdev group for waveforms
# and incus-admin to use incus without sudo
users.users.me.extraGroups = [ "incus-admin" "plugdev" "rslsync" ];
users.users.me.extraGroups = [
"incus-admin" "plugdev"
#"rslsync"
"docker"
];
nixpkgs.config.permittedInsecurePackages = [
@@ -260,7 +306,14 @@
environment.systemPackages = with pkgs; [
inputs.waveforms.packages.${system}.waveforms
((builtins.getFlake "nixpkgs/96bc8fec15133d6056410ed3abae2fb9419fb545").legacyPackages.${system}.affine.overrideAttrs {
patches = [
../overlays/patches/affin-edgeless-right-click-drag.patch
];
})
#inputs.waveforms.packages.${system}.waveforms
intel-compute-runtime-legacy1
ffmpeg-full
remmina
@@ -294,7 +347,7 @@
dhcpcd
looking-glass-client
swtpm
win-virtio
virtio-win
];
# shedule nix builds with low priority, so the laptop is still usable while building something
@@ -428,12 +481,16 @@
elif [[ "$host" == "phone" ]]
then
ssh phone "source ~/.bashrc && on"
ssh phone "source ~/.bashrc && on" &
${pkgs.rustdesk}/bin/rustdesk --connect 100.77.80.77
elif [[ "$host" == "vnc-fwin" ]]
then
${pkgs.remmina}/bin/remmina -c ${persistentDir}/remmina/fwin.remmina
elif [[ "$host" == "fwin" ]]
then
${pkgs.remmina}/bin/remmina -c ${persistentDir}/remmina/fwin.remmina
xfreerdp /u:"me" /v:fusu:9002 /p:$(cat /home/me/secrets/win-vm-pwd) /dynamic-resolution +clipboard +auto-reconnect +home-drive /wm-class:"Microsoft Windows";
elif [[ "$host" == "ki" ]]
then
@@ -517,6 +574,7 @@
53 # allow dns
48899 # GoodWe inverter discovery
4410 # lan-mouse
41641 # tailscale
];
#networking.search = [ "c2vi.local" ];
@@ -532,10 +590,10 @@
uuid = "a02273d9-ad12-395e-8372-f61129635b6f";
type = "ethernet";
autoconnect-priority = "-999";
interface-name = "enp1s0";
interface-name = "enp0s13f0u1u4u3";
};
ipv4 = {
address1 = "192.168.1.11/24,192.168.1.1";
address2 = "192.168.4.2/24";
dns = "1.1.1.1;";
method = "manual";
};
@@ -592,6 +650,7 @@
uuid = "e0103dac-7da0-4e32-a01b-487b8c4c813c";
type = "wifi";
interface-name = "wlo1";
autoconnect-priority = "200";
};
wifi = {
@@ -612,6 +671,33 @@
};
};
gw = {
connection = {
id = "gw";
uuid = "de655c52-1af2-4b46-b7b2-8ddad9edb52f";
type = "wifi";
interface-name = "wlo1";
autoconnect-priority = "300";
};
wifi = {
hidden = "true";
mode = "infrastructure";
ssid = builtins.readFile "${secretsDir}/gw-ssid";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = builtins.readFile "${secretsDir}/gw-password";
};
ipv4 = {
#address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto";
};
};
hec = {
connection = {
id = "hec";
@@ -685,8 +771,8 @@
id = "dhcp";
uuid = "c006389a-1697-4f77-91c3-95b466f85f13";
type = "ethernet";
autoconnect = "false";
interface-name = "enp1s0";
autoconnect = "true";
interface-name = "enp0s13f0u1u3";
};
ethernet = {
@@ -780,9 +866,10 @@
######################################### virtualisation ###############################
virtualisation.docker.enable = true;
virtualisation.libvirtd = {
enable = true;
qemuOvmf = true;
#qemuOvmf = true;
qemuSwtpm = true;
#qemuOvmfPackage = pkgs.OVMFFull;
};
@@ -835,9 +922,9 @@
# boot.resumeDevice = "/swapfile";
services.logind = {
extraConfig = ''
HandlePowerKey=suspend-then-hibernate
'';
#extraConfig = ''
#HandlePowerKey=suspend-then-hibernate
#'';
lidSwitch = "lock";
lidSwitchExternalPower = "lock";
lidSwitchDocked = "ignore";
@@ -846,6 +933,45 @@
HibernateDelaySec=4h
HibernateMode=shutdown
'';
############################## swap and hibernate ###################################
/*
fileSystems."/home/me/work/things/ppc" = {
device = "https://dav.ppc.social";
fsType = "davfs";
options = [
"netdev"
"rw"
"user"
"uid=1000"
"filemode=0644"
"dirmode=0755"
"noauto"
"x-systemd.automount"
];
};
*/
services = {
davfs2 = {
enable = true;
davUser = "me";
settings = {
globalSection = {
gui_optimize = true;
file_refresh = 30;
};
sections = {
"/home/me/work/things/ppc" = {
gui_optimize = true;
file_refresh = 30;
};
};
};
};
};
}

2
hosts/te.nix
View File

@@ -354,7 +354,7 @@ in {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
format = "exfat";
mountpoint = "/pub";
};
};

45
hosts/ti.nix
View File

@@ -23,6 +23,10 @@
# "${workDir}/htl/labor/nas/nixos/lush-module.nix"
];
#nixpkgs.config.allowUnsupportedSystem = true;
#nixpkgs.hostPlatform.system = "aarch64-linux";
#nixpkgs.buildPlatform.system = "x86_64-linux";
# fix bluetooth
hardware = {
bluetooth = {
@@ -38,12 +42,7 @@
];
boot.kernelParams = lib.mkForce ["console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0" "nohibernate" "loglevel=7" ];
# hardware.bluetooth.enable = true;
# home-manager.users.me = import ../users/me/home-headless.nix;
#boot.kernelParams = lib.mkForce ["console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0" "nohibernate" "loglevel=7" ];
/* for cross compiling
@@ -87,7 +86,6 @@
};
boot = {
#kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
loader = {
generic-extlinux-compatible.enable = lib.mkDefault true;
grub.enable = lib.mkDefault false;
@@ -124,7 +122,7 @@
3240 # usbip
];
networking.hostName = "lush";
networking.hostName = "ti";
networking.networkmanager.enable = true;
@@ -156,6 +154,33 @@
};
};
gw = {
connection = {
id = "gw";
uuid = "de655c52-1af2-4b46-b7b2-8ddad9edb52f";
type = "wifi";
interface-name = "wlp2s0";
autoconnect-priority = "300";
};
wifi = {
hidden = "false";
mode = "infrastructure";
ssid = builtins.readFile "${secretsDir}/gw-ssid";
};
wifi-security = {
key-mgmt = "wpa-psk";
psk = builtins.readFile "${secretsDir}/gw-password";
};
ipv4 = {
#address1 = "192.168.20.11/24";
dns = "1.1.1.1;8.8.8.8;";
method = "auto";
};
};
hh40 = {
connection = {
id = "hh40";
@@ -189,7 +214,7 @@
uuid = "c006389a-1697-4f77-91c3-95b466f85f13";
type = "ethernet";
autoconnect = "true";
interface-name = "end0";
interface-name = "eth0";
};
ethernet = {
@@ -208,7 +233,7 @@
uuid = "f55f34e3-4595-4642-b1f6-df3185bc0a04";
type = "ethernet";
autoconnect = false;
interface-name = "end0";
interface-name = "eth0";
};
ethernet = {