Bun/ROCKPro64-Server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: Bun:6434b248053180b2913725879ca9becd53f3ebd7
Branches Tags
Bun:main
..
compare: Bun:2144d9ef61a51af58dc9a980c54722227345e980
Branches Tags
Bun:main

No commits in common. "6434b248053180b2913725879ca9becd53f3ebd7" and "2144d9ef61a51af58dc9a980c54722227345e980" have entirely different histories.
6434b24805 ... 2144d9ef61

120 changed files with 215 additions and 186 deletions
Show stats Expand all files Collapse all files

2
.gitattributes vendored
View file

@ -1 +1 @@
system/secrets/** filter=git-crypt diff=git-crypt modules/system/secrets/** filter=git-crypt diff=git-crypt

2
flake.nix
View file

@ -28,7 +28,7 @@
}@inputs: }@inputs:
{ {
nixosConfigurations.rubble = nixpkgs.lib.nixosSystem { nixosConfigurations.rubble = nixpkgs.lib.nixosSystem {
modules = [ ./system ]; modules = [ ./host ];
specialArgs = inputs; specialArgs = inputs;
}; };
}; };

19
host/default.nix Normal file
View file

@ -0,0 +1,19 @@
{ ... }:
{
imports = [
./disko
./hardware
../modules/system
];
networking = {
hostName = "rubble";
hostId = "e0b1fcef";
};
system = {
extlinux.enable = true;
wireless.enable = true;
stateVersion = "24.11";
};
}

8
system/devices/disks/disko/default.nix → host/disko/default.nix
View file

@ -68,12 +68,8 @@
mountOptions = [ "compress=zstd" "noatime" "ssd" ]; mountOptions = [ "compress=zstd" "noatime" "ssd" ];
}; };
"/persist/.snapshots" = { }; "/persist/.snapshots" = { };
"/persist/home/${config.sysusers.main}" = { };
"/persist/home/jules" = { }; "/persist/home/${config.sysusers.main}/.snapshots" = { };
"/persist/home/jules/.snapshots" = { };
"/persist/home/jimbo" = { };
"/persist/home/jimbo/.snapshots" = { };
}; };
}; };
}; };

0
system/devices/hardware/default.nix → host/hardware/default.nix
View file

0
home/jimbo/id_ed25519.pub → host/id_ed25519.pub
View file

0
home/jimbo/default.nix → modules/home/default.nix
View file

0
home/jimbo/programs/btop/default.nix → modules/home/programs/btop/default.nix
View file

0
home/jimbo/programs/default.nix → modules/home/programs/default.nix
View file

0
home/jimbo/programs/eza/default.nix → modules/home/programs/eza/default.nix
View file

0
home/jimbo/programs/fastfetch/config.jsonc → modules/home/programs/fastfetch/config.jsonc
View file

0
home/jimbo/programs/fastfetch/default.nix → modules/home/programs/fastfetch/default.nix
View file

0
home/jimbo/programs/fastfetch/small/default.nix → modules/home/programs/fastfetch/small/default.nix
View file

0
home/jimbo/programs/fastfetch/small/small.jsonc → modules/home/programs/fastfetch/small/small.jsonc
View file

0
home/jimbo/programs/git/default.nix → modules/home/programs/git/default.nix
View file

0
home/jimbo/programs/headless/default.nix → modules/home/programs/headless/default.nix
View file

0
home/jimbo/programs/neovim/default.nix → modules/home/programs/neovim/default.nix
View file

0
home/jimbo/programs/nh/default.nix → modules/home/programs/nh/default.nix
View file

0
home/jimbo/programs/nix-index/default.nix → modules/home/programs/nix-index/default.nix
View file

0
home/jimbo/programs/ranger/default.nix → modules/home/programs/ranger/default.nix
View file

0
home/jimbo/programs/tmux/default.nix → modules/home/programs/tmux/default.nix
View file

0
home/jimbo/programs/zsh/default.nix → modules/home/programs/zsh/default.nix
View file

0
home/jimbo/settings/aliases/default.nix → modules/home/settings/aliases/default.nix
View file

0
home/jimbo/settings/default.nix → modules/home/settings/default.nix
View file

0
home/jimbo/settings/nix/default.nix → modules/home/settings/nix/default.nix
View file

0
home/jimbo/user/default.nix → modules/home/user/default.nix
View file

0
system/accounts/default.nix → modules/system/accounts/default.nix
View file

0
system/accounts/groups/default.nix → modules/system/accounts/groups/default.nix
View file

0
system/accounts/groups/nfsShare/default.nix → modules/system/accounts/groups/nfsShare/default.nix
View file

4
system/accounts/users/custom/default.nix → modules/system/accounts/users/custom/default.nix
View file

@ -1,9 +1,7 @@
{ home-manager, ... }: { home-manager, ... }:
{ {
imports = [ imports = [
./jules ./main
./jimbo
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
]; ];
} }

48
modules/system/accounts/users/custom/jules/default.nix Normal file
View file

@ -0,0 +1,48 @@
{ config, lib, pkgs, ... }:
{
options.sysusers = lib.mkOption {
type = lib.types.attrs;
};
config = {
sysusers.main = "jimbo";
users.users."${config.sysusers.main}" = {
hashedPassword = config.secrets.mainAccPass;
isNormalUser = true;
openssh.authorizedKeys.keyFiles = [
../../../../../../hosts/tower/id_ed25519.pub
../../../../../../hosts/envy/id_ed25519.pub
../../../../../../hosts/redmond/id_ed25519.pub
../../../../../../hosts/kitty/id_ed25519.pub
../../../../../../hosts/midas/id_ed25519.pub
../../../../../../hosts/prophet/id_ed25519.pub
../../../../../../hosts/rubble/id_ed25519.pub
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
];
extraGroups = [
"wheel"
"audio"
"video"
"input"
"disk"
"dialout"
"rtkit"
"kvm"
"libvirtd"
"qemu-libvirtd"
"nginx"
"minecraft"
"nfsShare"
];
uid = 1000;
shell = pkgs.zsh;
};
home-manager.users."${config.sysusers.main}" = import ../../../../../home;
};
}

38
modules/system/accounts/users/custom/main/default.nix Normal file
View file

@ -0,0 +1,38 @@
{ config, lib, pkgs, ... }:
{
options.sysusers = lib.mkOption {
type = lib.types.attrs;
};
config = {
sysusers.main = "jimbo";
users.users."${config.sysusers.main}" = {
hashedPassword = config.secrets.mainAccPass;
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
];
extraGroups = [
"wheel"
"audio"
"video"
"input"
"disk"
"dialout"
"rtkit"
"kvm"
"libvirtd"
"qemu-libvirtd"
"nginx"
"nfsShare"
];
uid = 1000;
shell = pkgs.zsh;
};
home-manager.users."${config.sysusers.main}" = import ../../../../../home;
};
}

0
system/accounts/users/default.nix → modules/system/accounts/users/default.nix
View file

0
system/accounts/users/system/default.nix → modules/system/accounts/users/system/default.nix
View file

0
system/accounts/users/system/jellyfin/default.nix → modules/system/accounts/users/system/jellyfin/default.nix
View file

0
system/accounts/users/system/liquidsoap/default.nix → modules/system/accounts/users/system/liquidsoap/default.nix
View file

0
system/accounts/users/system/nextcloud/default.nix → modules/system/accounts/users/system/nextcloud/default.nix
View file

0
system/accounts/users/system/nginx/default.nix → modules/system/accounts/users/system/nginx/default.nix
View file

16
modules/system/default.nix Normal file
View file

@ -0,0 +1,16 @@
{ lib, ... }:
{
imports = [
./accounts
./devices
./programs
./secrets
./services
./settings
];
options.system = with lib; {
desktop.enable = lib.mkEnableOption "Enable desktop apps and services";
server.enable = lib.mkEnableOption "Enable server apps and services";
};
}

0
system/devices/boot/default.nix → modules/system/devices/boot/default.nix
View file

10
modules/system/devices/boot/extlinux/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, lib, ... }:
{
options.system.extlinux.enable = lib.mkEnableOption "Enable extlinux";
config.boot.loader = lib.mkIf config.system.extlinux.enable {
grub.enable = false;
systemd-boot.enable = lib.mkForce false;
generic-extlinux-compatible.enable = true;
};
}

0
system/devices/boot/services/default.nix → modules/system/devices/boot/services/default.nix
View file

0
system/devices/boot/services/root-reset/default.nix → modules/system/devices/boot/services/root-reset/default.nix
View file

1
system/devices/default.nix → modules/system/devices/default.nix
View file

@ -3,7 +3,6 @@
imports = [ imports = [
./boot ./boot
./disks ./disks
./hardware
./networking ./networking
]; ];
} }

1
system/devices/disks/default.nix → modules/system/devices/disks/default.nix
View file

@ -1,7 +1,6 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./disko
./filesystems ./filesystems
./immutable ./immutable
./impermanence ./impermanence

0
system/devices/disks/filesystems/default.nix → modules/system/devices/disks/filesystems/default.nix
View file

0
system/devices/disks/immutable/default.nix → modules/system/devices/disks/immutable/default.nix
View file

4
system/devices/disks/impermanence/default.nix → modules/system/devices/disks/impermanence/default.nix
View file

@ -1,10 +1,8 @@
{ impermanence, ... }: { impermanence, ... }:
{ {
imports = [ imports = [
./jules ./main
./jimbo
./root ./root
impermanence.nixosModules.impermanence impermanence.nixosModules.impermanence
]; ];
} }

46
modules/system/devices/disks/impermanence/main/default.nix Normal file
View file

@ -0,0 +1,46 @@
{ config, ... }:
{
environment.persistence."/persist" = {
hideMounts = true;
users.${config.sysusers.main} = {
directories = [
"Keepers"
"Documents"
"Pictures"
"Videos"
"Games"
"VMs"
".snapshots"
".mozilla"
".thunderbird"
".config/blender"
".config/dconf"
".config/vesktop"
".config/sunshine"
".config/heroic"
".config/obs-studio"
".local/share/mpd"
".local/share/nvim/undo"
".local/share/PrismLauncher"
".local/share/Steam"
".local/share/TelegramDesktop"
".local/state/wireplumber"
".cache/nix-index"
{ directory = ".ssh"; mode = "0700"; }
{ directory = ".gnupg"; mode = "0700"; }
{ directory = ".local/share/keyrings"; mode = "0700"; }
];
files = [
".zsh_history"
".local/state/lazygit/state.yml"
".local/share/applications" # Create directory so nothing generates inside of it
];
};
};
}

0
system/devices/disks/impermanence/root/default.nix → modules/system/devices/disks/impermanence/root/default.nix
View file

3
system/devices/disks/snapper/default.nix → modules/system/devices/disks/snapper/default.nix
View file

@ -1,8 +1,7 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./jules ./main
./jimbo
./root ./root
]; ];

4
system/devices/disks/snapper/jules/default.nix → modules/system/devices/disks/snapper/main/default.nix
View file

@ -1,7 +1,7 @@
{ config, lib, ... }: { config, lib, ... }:
{ {
services.snapper.configs.jules = lib.mkIf config.environment.persistence."/persist".enable { services.snapper.configs.${config.sysusers.main} = lib.mkIf config.environment.persistence."/persist".enable {
SUBVOLUME = "/persist/home/jules"; SUBVOLUME = "/persist/home/${config.sysusers.main}";
TIMELINE_CREATE = true; TIMELINE_CREATE = true;
TIMELINE_CLEANUP = true; TIMELINE_CLEANUP = true;
TIMELINE_LIMIT_DAILY = 1; TIMELINE_LIMIT_DAILY = 1;

0
system/devices/disks/snapper/root/default.nix → modules/system/devices/disks/snapper/root/default.nix
View file

14
system/devices/networking/default.nix → modules/system/devices/networking/default.nix
View file

@ -1,10 +1,9 @@
{ config, pkgs, ... }: { config, ... }:
{ {
imports = [ ./wireless ];
networking = { networking = {
wireless = { wireless.enable = false;
enable = false;
iwd.enable = true;
};
dhcpcd.enable = true; dhcpcd.enable = true;
nftables.enable = true; nftables.enable = true;
firewall.allowPing = false; firewall.allowPing = false;
@ -22,9 +21,4 @@
fallbackDns = config.networking.nameservers; fallbackDns = config.networking.nameservers;
dnsovertls = "true"; dnsovertls = "true";
}; };
environment = {
systemPackages = with pkgs; [ impala ];
persistence."/persist".directories = [ "/var/lib/iwd/" ];
};
} }

13
modules/system/devices/networking/wireless/default.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, lib, pkgs, ... }:
{
options.system.wireless.enable = lib.mkEnableOption "Enable wireless stack";
config = lib.mkIf config.system.wireless.enable {
networking.wireless.iwd.enable = true;
environment = {
systemPackages = with pkgs; [ impala ];
persistence."/persist".directories = [ "/var/lib/iwd/" ];
};
};
}

0
system/programs/default.nix → modules/system/programs/default.nix
View file

0
system/programs/git/default.nix → modules/system/programs/git/default.nix
View file

0
system/programs/home-manager/default.nix → modules/system/programs/home-manager/default.nix
View file

0
system/programs/shells/default.nix → modules/system/programs/shells/default.nix
View file

BIN
modules/system/secrets/default.nix Normal file
View file

Binary file not shown.

0
system/services/default.nix → modules/system/services/default.nix
View file

0
system/services/general/default.nix → modules/system/services/general/default.nix
View file

0
system/services/general/earlyoom/default.nix → modules/system/services/general/earlyoom/default.nix
View file

2
system/services/general/libvirtd/default.nix → modules/system/services/general/libvirtd/default.nix
View file

@ -33,5 +33,7 @@
"virbr0" "virbr0"
"virbr1" "virbr1"
]; ];
systemd.tmpfiles.rules = [ "f /dev/shm/looking-glass 0660 - libvirtd -" ];
}; };
} }

0
system/services/general/snowflake/default.nix → modules/system/services/general/snowflake/default.nix
View file

0
system/services/general/ssh/default.nix → modules/system/services/general/ssh/default.nix
View file

0
system/services/general/ssh/fail2ban/default.nix → modules/system/services/general/ssh/fail2ban/default.nix
View file

0
system/services/general/tlp/default.nix → modules/system/services/general/tlp/default.nix
View file

0
system/services/general/userborn/default.nix → modules/system/services/general/userborn/default.nix
View file

0
system/services/server/cfdyndns/default.nix → modules/system/services/server/cfdyndns/default.nix
View file

0
system/services/server/default.nix → modules/system/services/server/default.nix
View file

0
system/services/server/fileserver/default.nix → modules/system/services/server/fileserver/default.nix
View file

0
system/services/server/fileserver/jellyfin/default.nix → modules/system/services/server/fileserver/jellyfin/default.nix
View file

0
system/services/server/fileserver/jellyfin/nginx/default.nix → modules/system/services/server/fileserver/jellyfin/nginx/default.nix
View file

0
system/services/server/fileserver/nextcloud/collabora/default.nix → modules/system/services/server/fileserver/nextcloud/collabora/default.nix
View file

0
system/services/server/fileserver/nextcloud/default.nix → modules/system/services/server/fileserver/nextcloud/default.nix
View file

0
system/services/server/fileserver/nextcloud/nginx/default.nix → modules/system/services/server/fileserver/nextcloud/nginx/default.nix
View file

0
system/services/server/fileserver/nfs/default.nix → modules/system/services/server/fileserver/nfs/default.nix
View file

0
system/services/server/forgejo/default.nix → modules/system/services/server/forgejo/default.nix
View file

0
system/services/server/forgejo/nginx/default.nix → modules/system/services/server/forgejo/nginx/default.nix
View file

0
system/services/server/mysql/default.nix → modules/system/services/server/mysql/default.nix
View file

0
system/services/server/socialserver/default.nix → modules/system/services/server/socialserver/default.nix
View file

0
system/services/server/socialserver/mastodon/default.nix → modules/system/services/server/socialserver/mastodon/default.nix
View file

0
system/services/server/socialserver/matrix/coturn/default.nix → modules/system/services/server/socialserver/matrix/coturn/default.nix
View file

0
system/services/server/socialserver/matrix/coturn/nginx/default.nix → modules/system/services/server/socialserver/matrix/coturn/nginx/default.nix
View file

0
system/services/server/socialserver/matrix/default.nix → modules/system/services/server/socialserver/matrix/default.nix
View file

0
system/services/server/socialserver/matrix/element/default.nix → modules/system/services/server/socialserver/matrix/element/default.nix
View file

0
system/services/server/socialserver/matrix/element/nginx/default.nix → modules/system/services/server/socialserver/matrix/element/nginx/default.nix
View file

0
system/services/server/socialserver/matrix/synapse/default.nix → modules/system/services/server/socialserver/matrix/synapse/default.nix
View file

0
system/services/server/socialserver/matrix/synapse/nginx/default.nix → modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix
View file

0
system/services/server/socialserver/owncast/default.nix → modules/system/services/server/socialserver/owncast/default.nix
View file

0
system/services/server/socialserver/owncast/nginx/default.nix → modules/system/services/server/socialserver/owncast/nginx/default.nix
View file

0
system/services/server/transmission/default.nix → modules/system/services/server/transmission/default.nix
View file

0
system/services/server/transmission/nginx/default.nix → modules/system/services/server/transmission/nginx/default.nix
View file

0
system/services/server/vaultwarden/default.nix → modules/system/services/server/vaultwarden/default.nix
View file

0
system/services/server/vaultwarden/nginx/default.nix → modules/system/services/server/vaultwarden/nginx/default.nix
View file

0
system/services/server/webserver/acme/default.nix → modules/system/services/server/webserver/acme/default.nix
View file

0
system/services/server/webserver/default.nix → modules/system/services/server/webserver/default.nix
View file

0
system/services/server/webserver/nginx/default.nix → modules/system/services/server/webserver/nginx/default.nix
View file

0
system/services/server/webserver/nginx/rtmp/default.nix → modules/system/services/server/webserver/nginx/rtmp/default.nix
View file

Some files were not shown because too many files have changed in this diff Show more