diff --git a/.sops.yaml b/.sops.yaml index bc2cfd3e..8c1481f6 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -4,7 +4,6 @@ keys: - &system_hetznix01 age1rd55wsu0hhvxk25tm69d9h57z0z0u6556x4ypg09muj3vh4yqs5qaw23nu - &system_hetznix02 age180w4c04kga07097u0us6d72aslnv2523hx64x8fzgzu4tccrxuyqa50hpm - &system_kiosk_gene_desk age1an6t5f0rr6h55rzsv5ejycxju72rp46jka840fwvupwfk65jegrq7hmkl9 - - &system_nixnas1 age1g4h5a4f5xfle2a6np8te342pphs3mcuan60emz2zp87nrwjzl5yquhr5vl - &system_nixnuc age1g24zhwvgenpc4wqejt63thvgd4rn5x9n7nnwwme7dm83nfqpp93se2vmq4 - &system_rainbow_planet age1ueus0ucmvqhgkw3vyc8zxaq0qjc84cfrcuqpheppem68s4a2vq0qw376yc - &user_airpuppet age1awdf9h0avajf57cudx0rjfmxu2wlxw8wf3sa7yvfk8rp4j6taecsu74x77 @@ -28,10 +27,6 @@ creation_rules: key_groups: - age: - *system_kiosk_gene_desk - - path_regex: nixnas1/secrets.yaml$ - key_groups: - - age: - - *system_nixnas1 - path_regex: nixnuc/secrets.yaml$ key_groups: - age: @@ -67,7 +62,6 @@ creation_rules: - *system_hetznix01 - *system_hetznix02 - *system_kiosk_gene_desk - - *system_nixnas1 - *system_nixnuc - *system_rainbow_planet - *user_airpuppet diff --git a/flake.lock b/flake.lock index 80456a7d..7006d62c 100644 --- a/flake.lock +++ b/flake.lock @@ -19,16 +19,16 @@ "brew-src": { "flake": false, "locked": { - "lastModified": 1778427648, - "narHash": "sha256-pt9KaDGsMyYWB9JeHs4XGHs870f1lOZe3vx9LpVIhUE=", + "lastModified": 1781226006, + "narHash": "sha256-w4ZTuOnhYiDxjaynrMTASzp802QblBWmo3wpB8wVN4Y=", "owner": "Homebrew", "repo": "brew", - "rev": "6f293daa9f9f5832e13b497976335e90509886d7", + "rev": "109191be4988470b51a60a5ef1998520aa24c01b", "type": "github" }, "original": { "owner": "Homebrew", - "ref": "5.1.11", + "ref": "6.0.1", "repo": "brew", "type": "github" } @@ -77,16 +77,16 @@ ] }, "locked": { - "lastModified": 1779904497, - "narHash": "sha256-EarpH6SbLNbJBemMqHkJHA9SS/oVG3BQ4DROc0yIDjI=", + "lastModified": 1780200794, + "narHash": "sha256-rVkPLmXKXIjMvYBzyDVLPF3jyCX3SZ4VDBZaoEhF+gw=", "owner": "genebean", "repo": "cup-collector", - "rev": "4ed915fcff8266ca8584d595843b5bd0630be69f", + "rev": "347f0d9fbf9aa3ffa6014aee1aa85dfa9d850da3", "type": "github" }, "original": { "owner": "genebean", - "ref": "v1.0.0", + "ref": "v1.1.2", "repo": "cup-collector", "type": "github" } @@ -119,11 +119,11 @@ ] }, "locked": { - "lastModified": 1779699611, - "narHash": "sha256-EcCaSTKnmg2o4wLKaN1aqQFomwyhO7ik0bX9COdyCas=", + "lastModified": 1781152676, + "narHash": "sha256-RxWs5ND31KzTG7wvMM+PMfUjyNpmIEr999lqNARaM5o=", "owner": "nix-community", "repo": "disko", - "rev": "5ba0c9555c28685e57fa54c7a25e42c7efdbfc8d", + "rev": "ff8702b4de27f72b4c78573dfb89ec74e36abdf1", "type": "github" }, "original": { @@ -213,13 +213,13 @@ "locked": { "lastModified": 1767039857, "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=", - "owner": "edolstra", + "owner": "NixOS", "repo": "flake-compat", "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab", "type": "github" }, "original": { - "owner": "edolstra", + "owner": "NixOS", "repo": "flake-compat", "type": "github" } @@ -366,11 +366,11 @@ ] }, "locked": { - "lastModified": 1772893680, - "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", + "lastModified": 1778507602, + "narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", + "rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a", "type": "github" }, "original": { @@ -430,16 +430,16 @@ ] }, "locked": { - "lastModified": 1779506708, - "narHash": "sha256-QOD/CNm196nCJRheux/URi4/HE66fthdOMqCJoPP1Y0=", + "lastModified": 1781184346, + "narHash": "sha256-cZRlW47U6A2nWvAmnZeeO6Xvq23gxYbVLel4KxqOrcQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "3ee51fbdac8c8bdfe1e7e1fcaba6520a563f394f", + "rev": "ea6d221d7aa85652d014b6f719dddf036037515b", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-25.11", + "ref": "release-26.05", "repo": "home-manager", "type": "github" } @@ -453,11 +453,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1778728751, - "narHash": "sha256-J8VySL959EhtwSGgxmIjdW3bbLln4HTjHMyZxRTqqGM=", + "lastModified": 1780284651, + "narHash": "sha256-m+06C+6CXiMiLkzZJF9gzFuL3vkE51RIKsySd1rfeMQ=", "owner": "numtide", "repo": "nix-auth", - "rev": "7af96c1b01444146ef89844fdca93acbafe7e066", + "rev": "ae9d43258f4830b38ab3458960e179f808944d60", "type": "github" }, "original": { @@ -473,27 +473,27 @@ ] }, "locked": { - "lastModified": 1772129556, - "narHash": "sha256-Utk0zd8STPsUJPyjabhzPc5BpPodLTXrwkpXBHYnpeg=", + "lastModified": 1781190061, + "narHash": "sha256-QRMpLbsmlciMGv4yx75FUoIl54K02JbIX1tgdPHPw1s=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "ebec37af18215214173c98cf6356d0aca24a2585", + "rev": "f2b3fdb347f91dfd344ad196666a0b0fe8aad05c", "type": "github" }, "original": { "owner": "lnl7", - "ref": "nix-darwin-25.11", + "ref": "nix-darwin-26.05", "repo": "nix-darwin", "type": "github" } }, "nix-flatpak": { "locked": { - "lastModified": 1777402031, - "narHash": "sha256-6gkfl9y3+ti0Z6dgby8/R4/DRT8sWU0I0TLCIxwWtjk=", + "lastModified": 1780908363, + "narHash": "sha256-llGS4y3Qh1eUkli3/Y2VY9FV3GOUKFZR1E2BDftt45Q=", "owner": "gmodena", "repo": "nix-flatpak", - "rev": "22a3adbe7c5c8c8a10a635d32c9ef7fc01a6e4b8", + "rev": "1df08625f0f8c7d6e300a0e5df7955bbb877d809", "type": "github" }, "original": { @@ -507,11 +507,11 @@ "brew-src": "brew-src" }, "locked": { - "lastModified": 1778851564, - "narHash": "sha256-p8wzcnpB2Iys+QzAKM9/Eyw/pUyqCO3sw/NCnDH4dTE=", + "lastModified": 1781269551, + "narHash": "sha256-zn0rty4K5LbBAzuyJMdncDbYzSefr29IUJvcUv7kFn8=", "owner": "zhaofengli-wip", "repo": "nix-homebrew", - "rev": "b3a87b4793205cc111f3c61e25e018ffac3b8039", + "rev": "5e721fc7756a6abffe07c7dd5ed3f9080b68108f", "type": "github" }, "original": { @@ -606,12 +606,15 @@ } }, "nixos-hardware": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, "locked": { - "lastModified": 1779826373, - "narHash": "sha256-3sRzgLX86qV5NlhWUAufLmHwkyP03tmL3VdZIM13dEo=", + "lastModified": 1781168557, + "narHash": "sha256-LOnLQ2tpYF9gqIDDr3+j3DbpJJr/QCH6zPRT2GzEUOE=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "ef4efb84766a166c906bd55759574676bf91267c", + "rev": "6358ff76821101c178e3ab4919a62799bfe3652e", "type": "github" }, "original": { @@ -654,11 +657,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1779786838, - "narHash": "sha256-0geHoGiR5f8qiXg+gO4rSF6Up6Var+kKqiOv9AO/uUc=", + "lastModified": 1781229721, + "narHash": "sha256-ORvqDbb/LYxiJljGIejapjkc/kJbVote2N1WSb9W45I=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f44f7788c891fbe5542177df78374f8cdab10e8f", + "rev": "173d0ad7a974f8543a9ab01d2271b2e290341b33", "type": "github" }, "original": { @@ -686,16 +689,29 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1779467186, - "narHash": "sha256-nOesoDCiXcUftqbRBMz9tt4blI5PvljMWbm3kuCA+0s=", + "lastModified": 1767892417, + "narHash": "sha256-8bW3q88CEg2u4hSP66Vf4lpbLonHz7hqDNBMcCY7E9U=", + "rev": "3497aa5c9457a9d88d71fa93a4a8368816fbeeba", + "type": "tarball", + "url": "https://releases.nixos.org/nixos/unstable/nixos-26.05pre924538.3497aa5c9457/nixexprs.tar.xz" + }, + "original": { + "type": "tarball", + "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1780902259, + "narHash": "sha256-q8yYEC5f1mFlQO9RGna4LTc9QrcvWunX6FYp83munkQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b77b3de8775677f84492abe84635f87b0e153f0f", + "rev": "bd0ff2d3eac24699c3664d5966b9ef36f388e2ca", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-25.11", + "ref": "nixos-26.05", "repo": "nixpkgs", "type": "github" } @@ -758,15 +774,16 @@ ] }, "locked": { - "lastModified": 1780005533, - "narHash": "sha256-6JsTRjhMgaFZTOuJDVmqys/nEKez6Ud/jOU3LoqfCw4=", + "lastModified": 1781477750, + "narHash": "sha256-JNbti1zopVDTxMJaZ16H4zIE2SUHgffLbsDdDyjbMdM=", "owner": "genebean", "repo": "private-flake", - "rev": "aeba0ca58ef1280b311f1a1d12fc6e389ac9fefb", + "rev": "f2b0de2baacb74c2e56262758626a4c47ecac501", "type": "github" }, "original": { "owner": "genebean", + "ref": "nix26.05", "repo": "private-flake", "type": "github" } @@ -787,13 +804,14 @@ "nix-homebrew": "nix-homebrew", "nixos-cosmic": "nixos-cosmic", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "private-flake": "private-flake", "simple-nixos-mailserver": "simple-nixos-mailserver", "sops-nix": "sops-nix", "statix": "statix", - "viscosity-cli": "viscosity-cli" + "viscosity-cli": "viscosity-cli", + "ytdlfin": "ytdlfin" } }, "rust-analyzer-src": { @@ -861,16 +879,16 @@ ] }, "locked": { - "lastModified": 1773912645, - "narHash": "sha256-QHzRqq6gh+t3F/QU9DkP7X63dDDcuIQmaDz12p7ANTg=", + "lastModified": 1781101699, + "narHash": "sha256-5erzbe5hgJufkqBr3KCYElX4nW+xfJJrFDOvweWZR3w=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "25e6dbb8fca3b6e779c5a46fd03bd760b2165bb5", + "rev": "d59fcaeef8144328b8801f987f1a3af7ca6aec41", "type": "gitlab" }, "original": { "owner": "simple-nixos-mailserver", - "ref": "nixos-25.11", + "ref": "nixos-26.05", "repo": "nixos-mailserver", "type": "gitlab" } @@ -882,11 +900,11 @@ ] }, "locked": { - "lastModified": 1777944972, - "narHash": "sha256-VfGRo1qTBKOe3s2gOv8LSoA6Fk19PvBlwQ1ECN0Evn8=", + "lastModified": 1780547341, + "narHash": "sha256-Gq8KNx5A7hBB3uGJaj6eQfLDIz5YdLu92gqBcvHvoUo=", "owner": "mic92", "repo": "sops-nix", - "rev": "c591bf665727040c6cc5cb409079acb22dcce33c", + "rev": "9ed65852b6257fbeae4355bc24ecfea307ca759a", "type": "github" }, "original": { @@ -966,11 +984,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1775636079, - "narHash": "sha256-pc20NRoMdiar8oPQceQT47UUZMBTiMdUuWrYu2obUP0=", + "lastModified": 1780220602, + "narHash": "sha256-eynAfOmbmxJnkp7YewvCEbShNnnYJ9gLLqkzsYtBPeM=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "790751ff7fd3801feeaf96d7dc416a8d581265ba", + "rev": "db947814a175b7ca6ded66e21383d938df01c227", "type": "github" }, "original": { @@ -1005,11 +1023,11 @@ ] }, "locked": { - "lastModified": 1780329762, - "narHash": "sha256-M3oXGATtDnZk/lwIW8K9PlWA1gKY0XhNfqM/1MeouZI=", + "lastModified": 1780334419, + "narHash": "sha256-U177vL9+4uX9u4j9fZzgVWgl9lj9dBTquFMSiX30nds=", "owner": "genebean", "repo": "viscosity-cli", - "rev": "ebc2d35382f85fbe39863c04cb8c2effc9d6ffd7", + "rev": "7e12b3f14abc85afcd9e8829687a13c3dd1e8170", "type": "github" }, "original": { @@ -1018,6 +1036,26 @@ "repo": "viscosity-cli", "type": "github" } + }, + "ytdlfin": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1781406295, + "narHash": "sha256-nJebrqSTVYpuxNEcClNOkzre7aPZ9M/NP+g+JpbCQKE=", + "owner": "genebean", + "repo": "ytdlfin", + "rev": "ba22b27fa3f762ef25fb44058a018fab23769ba8", + "type": "github" + }, + "original": { + "owner": "genebean", + "repo": "ytdlfin", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 2fec2114..7988a1f9 100644 --- a/flake.nix +++ b/flake.nix @@ -3,7 +3,7 @@ inputs = { # Where we get most of our software. Giant mono repo with recipes # called derivations that say how to build software. - nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11"; + nixpkgs.url = "github:nixos/nixpkgs/nixos-26.05"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable"; compose2nix = { @@ -12,7 +12,7 @@ }; cup-collector = { - url = "github:genebean/cup-collector/v1.0.0"; + url = "github:genebean/cup-collector/v1.1.2"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -45,7 +45,7 @@ # Manages things in home directory home-manager = { - url = "github:nix-community/home-manager/release-25.11"; + url = "github:nix-community/home-manager/release-26.05"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -56,7 +56,7 @@ # Controls system level software and settings including fonts on macOS nix-darwin = { - url = "github:lnl7/nix-darwin/nix-darwin-25.11"; + url = "github:lnl7/nix-darwin/nix-darwin-26.05"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -79,7 +79,7 @@ # Private flake for sensitive configs private-flake = { - url = "github:genebean/private-flake"; + url = "github:genebean/private-flake/nix26.05"; inputs = { nixpkgs.follows = "nixpkgs"; simple-nixos-mailserver.follows = "simple-nixos-mailserver"; @@ -88,7 +88,7 @@ }; simple-nixos-mailserver = { - url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.11"; + url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-26.05"; inputs.nixpkgs.follows = "nixpkgs"; }; @@ -109,6 +109,11 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + ytdlfin = { + url = "github:genebean/ytdlfin"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; # end inputs outputs = inputs@{ self, nixpkgs, ... }: @@ -178,17 +183,12 @@ inputs.private-flake.nixosModules.private.kiosk ]; }; - nixnas1 = localLib.mkNixosHost { - hostname = "nixnas1"; - additionalModules = [ - inputs.simple-nixos-mailserver.nixosModule - ]; - }; nixnuc = localLib.mkNixosHost { hostname = "nixnuc"; additionalModules = [ inputs.cup-collector.nixosModules.default inputs.private-flake.nixosModules.private.nixnuc + inputs.ytdlfin.nixosModules.default ]; }; # This machines is currently running Ubuntu and diff --git a/modules/hosts/darwin/default.nix b/modules/hosts/darwin/default.nix index 5fe5531a..208d3539 100644 --- a/modules/hosts/darwin/default.nix +++ b/modules/hosts/darwin/default.nix @@ -43,7 +43,7 @@ "theseal/ssh-askpass" ]; brews = [ - "fastfetch" + # "fastfetch" { name = "homebrew-ffmpeg/ffmpeg/ffmpeg"; args = [ "with-srt" ]; diff --git a/modules/hosts/nixos/bigboy/default.nix b/modules/hosts/nixos/bigboy/default.nix index dc1ea504..95501673 100644 --- a/modules/hosts/nixos/bigboy/default.nix +++ b/modules/hosts/nixos/bigboy/default.nix @@ -10,7 +10,11 @@ let withBDplus = true; withJava = true; }; - vlc-with-decoding = pkgs.vlc.override { inherit libbluray; }; + vlc-with-decoding = pkgs.vlc.overrideAttrs (oldAttrs: { + buildInputs = map (dep: if dep.pname or "" == "libbluray" then libbluray else dep) ( + oldAttrs.buildInputs or [ ] + ); + }); in { imports = [ @@ -28,7 +32,10 @@ in efi.canTouchEfiVariables = true; }; - environment.sessionVariables.NIXOS_OZONE_WL = "1"; + environment.sessionVariables = { + JAVA_HOME = "${pkgs.jdk}/lib/openjdk"; + NIXOS_OZONE_WL = "1"; + }; environment.systemPackages = with pkgs; [ #angryipscanner @@ -47,8 +54,8 @@ in vivaldi vlc-with-decoding wezterm - xorg.xf86videofbdev - xfce.xfce4-terminal + xf86-video-fbdev + xfce4-terminal zoom-us ]; diff --git a/modules/hosts/nixos/default.nix b/modules/hosts/nixos/default.nix index 6a3834fd..bf99be0e 100644 --- a/modules/hosts/nixos/default.nix +++ b/modules/hosts/nixos/default.nix @@ -24,7 +24,6 @@ lsof mosquitto net-tools - neofetch python3 rclone smartmontools diff --git a/modules/hosts/nixos/kiosk-entryway/default.nix b/modules/hosts/nixos/kiosk-entryway/default.nix index 90367de5..e7cc93c1 100644 --- a/modules/hosts/nixos/kiosk-entryway/default.nix +++ b/modules/hosts/nixos/kiosk-entryway/default.nix @@ -46,6 +46,10 @@ useNetworkd = true; wireless = { enable = true; + # Specify the interface explicitly so wpa_supplicant doesn't try to + # auto-detect via /sys/class/net, which is not mounted in the 26.05 + # hardening sandbox (RootDirectory=/run/wpa_supplicant). + interfaces = [ "wlp3s0" ]; secretsFile = "${config.sops.secrets.wifi_creds.path}"; }; }; @@ -96,8 +100,9 @@ }; wifi_creds = { sopsFile = ../../../shared/secrets.yaml; + owner = "wpa_supplicant"; restartUnits = [ - "wpa_supplicant.service" + "wpa_supplicant-wlp3s0.service" ]; }; }; @@ -105,7 +110,7 @@ systemd.services.cage-tty1 = { wants = [ - "wpa_supplicant.service" + "wpa_supplicant-wlp3s0.service" "network-online.target" ]; }; diff --git a/modules/hosts/nixos/kiosk-gene-desk/default.nix b/modules/hosts/nixos/kiosk-gene-desk/default.nix index 14f63ba0..398c99b0 100644 --- a/modules/hosts/nixos/kiosk-gene-desk/default.nix +++ b/modules/hosts/nixos/kiosk-gene-desk/default.nix @@ -40,6 +40,10 @@ useNetworkd = true; wireless = { enable = true; + # Specify the interface explicitly so wpa_supplicant doesn't try to + # auto-detect via /sys/class/net, which is not mounted in the 26.05 + # hardening sandbox (RootDirectory=/run/wpa_supplicant). + interfaces = [ "wlan0" ]; secretsFile = "${config.sops.secrets.wifi_creds.path}"; }; }; @@ -115,8 +119,9 @@ }; wifi_creds = { sopsFile = ../../../shared/secrets.yaml; + owner = "wpa_supplicant"; restartUnits = [ - "wpa_supplicant.service" + "wpa_supplicant-wlan0.service" ]; }; }; @@ -124,7 +129,7 @@ systemd.services.cage-tty1 = { wants = [ - "wpa_supplicant.service" + "wpa_supplicant-wlan0.service" "network-online.target" ]; }; diff --git a/modules/hosts/nixos/nixnas1/default.nix b/modules/hosts/nixos/nixnas1/default.nix deleted file mode 100644 index 799a8f20..00000000 --- a/modules/hosts/nixos/nixnas1/default.nix +++ /dev/null @@ -1,124 +0,0 @@ -{ - config, - pkgs, - username, - ... -}: -{ - imports = [ - ./disk-config.nix - ./hardware-configuration.nix - ../../../shared/nixos/restic.nix - ]; - - system.stateVersion = "24.05"; - - # Use the GRUB 2 boot loader. - boot = { - loader.grub = { - enable = true; - zfsSupport = true; - efiSupport = true; - efiInstallAsRemovable = true; - device = "nodev"; - mirroredBoots = [ - { - devices = [ "/dev/disk/by-uuid/02A5-6FCC" ]; - path = "/boot"; - } - { - devices = [ "/dev/disk/by-uuid/02F1-B12D" ]; - path = "/boot-fallback"; - } - ]; - }; - supportedFilesystems = [ "zfs" ]; - zfs = { - extraPools = [ "storage" ]; - forceImportRoot = false; - }; - }; - - environment.systemPackages = with pkgs; [ - net-snmp - ]; - - networking = { - # Open ports in the firewall. - firewall.allowedTCPPorts = [ - 22 # ssh - ]; - - hostId = "da074317"; # head -c4 /dev/urandom | od -A none -t x4 - hostName = "nixnas1"; - - networkmanager.enable = false; - useNetworkd = true; - }; - - programs.mtr.enable = true; - services = { - fwupd.enable = true; - lldpd.enable = true; - resolved.enable = true; - restic.backups.daily.paths = [ - # "/storage/foo" - ]; - smartd.enable = true; - zfs.autoScrub.enable = true; - }; - - sops = { - age.keyFile = "${config.users.users.${username}.home}/.config/sops/age/keys.txt"; - defaultSopsFile = ./secrets.yaml; - secrets = { - local_private_env = { - owner = "${username}"; - path = "${config.users.users.${username}.home}/.private-env"; - }; - }; - }; - - systemd.network = { - enable = true; - netdevs = { - "10-bond0" = { - netdevConfig = { - Kind = "bond"; - Name = "bond0"; - }; - bondConfig = { - Mode = "802.3ad"; - TransmitHashPolicy = "layer2+3"; - }; - }; - }; - networks = { - "30-eno1" = { - matchConfig.Name = "eno1"; - networkConfig.Bond = "bond0"; - }; - "30-enp3s0" = { - matchConfig.Name = "enp3s0"; - networkConfig.Bond = "bond0"; - }; - "40-bond0" = { - matchConfig.Name = "bond0"; - linkConfig = { - RequiredForOnline = "carrier"; - }; - networkConfig = { - DHCP = "yes"; - # accept Router Advertisements for Stateless IPv6 Autoconfiguraton (SLAAC) - IPv6AcceptRA = true; - }; - }; - }; - }; - - users.users.${username} = { - isNormalUser = true; - description = "Gene Liverman"; - extraGroups = [ "wheel" ]; - }; -} diff --git a/modules/hosts/nixos/nixnas1/disk-config.nix b/modules/hosts/nixos/nixnas1/disk-config.nix deleted file mode 100644 index 8720d6e7..00000000 --- a/modules/hosts/nixos/nixnas1/disk-config.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ - disko.devices = { - disk = { - sdc = { - device = "/dev/disk/by-id/ata-SATA_SSD_H2101081000455"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot = { - name = "BOOT"; - size = "1G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - zfs = { - size = "100%"; - content = { - type = "zfs"; - pool = "zroot"; - }; - }; - }; - }; - }; # end sdc - sdd = { - device = "/dev/disk/by-id/ata-SATA_SSD_D2109088000361"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - boot-fallback = { - name = "BOOT-FALLBACK"; - size = "1G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot-fallback"; - }; - }; - zfs = { - size = "100%"; - content = { - type = "zfs"; - pool = "zroot"; - }; - }; - }; - }; - }; # end sdd - sda = { - device = "/dev/disk/by-id/ata-TEAM_T2532TB_TPBF2401240030200343"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - zfs = { - size = "100%"; - content = { - type = "zfs"; - pool = "zstorage"; - }; - }; - }; - }; - }; # end sda - sdb = { - device = "/dev/disk/by-id/ata-TEAM_T2532TB_TPBF2401240030201870"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - zfs = { - size = "100%"; - content = { - type = "zfs"; - pool = "zstorage"; - }; - }; - }; - }; - }; # end sdb - }; - zpool = { - zroot = { - type = "zpool"; - mode = "mirror"; - # mountpoint = "none"; - postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank"; - options = { - ashift = "12"; - autotrim = "on"; - compatibility = "grub2"; - }; - rootFsOptions = { - mountpoint = "none"; - atime = "off"; - acltype = "posixacl"; - xattr = "sa"; - }; - datasets = { - "root" = { - type = "zfs_fs"; - options.mountpoint = "legacy"; - mountpoint = "/"; - }; - "root/home" = { - type = "zfs_fs"; - options.mountpoint = "legacy"; - mountpoint = "/home"; - }; - "root/nix" = { - type = "zfs_fs"; - options.mountpoint = "legacy"; - mountpoint = "/nix"; - }; - }; - }; # end zroot - }; - }; -} diff --git a/modules/hosts/nixos/nixnas1/hardware-configuration.nix b/modules/hosts/nixos/nixnas1/hardware-configuration.nix deleted file mode 100644 index 74232687..00000000 --- a/modules/hosts/nixos/nixnas1/hardware-configuration.nix +++ /dev/null @@ -1,83 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... -}: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot = { - initrd = { - availableKernelModules = [ - "ehci_pci" - "ahci" - "usbhid" - "usb_storage" - "sd_mod" - "sr_mod" - ]; - kernelModules = [ "nvme" ]; - }; - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; - }; - - fileSystems = { - "/" = { - device = "zroot/root"; - fsType = "zfs"; - }; - - "/nix" = { - device = "zroot/root/nix"; - fsType = "zfs"; - }; - - "/home" = { - device = "zroot/root/home"; - fsType = "zfs"; - }; - - "/boot" = - # { device = "/dev/disk/by-uuid/02A5-6FCC"; - { - device = "/dev/disk/by-partlabel/disk-sdc-BOOT"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; - }; - - "/boot-fallback" = - # { device = "/dev/disk/by-uuid/02F1-B12D"; - { - device = "/dev/disk/by-partlabel/disk-sdd-BOOT-FALLBACK"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" - ]; - }; - }; - - swapDevices = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.eno1.useDHCP = lib.mkDefault true; - # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/modules/hosts/nixos/nixnas1/home-gene.nix b/modules/hosts/nixos/nixnas1/home-gene.nix deleted file mode 100644 index 13c6855c..00000000 --- a/modules/hosts/nixos/nixnas1/home-gene.nix +++ /dev/null @@ -1,3 +0,0 @@ -{ - home.stateVersion = "24.05"; -} diff --git a/modules/hosts/nixos/nixnas1/secrets.yaml b/modules/hosts/nixos/nixnas1/secrets.yaml deleted file mode 100644 index 33731b4d..00000000 --- a/modules/hosts/nixos/nixnas1/secrets.yaml +++ /dev/null @@ -1,22 +0,0 @@ -local_git_config: ENC[AES256_GCM,data:ToPd/elv3VOuiSQtF/lBvpOwebQLTk986uc/jyYaKx8fepw9VaPPU5E=,iv:clW+JU4HtPo/Kwa95DxLSm71EL+TnBlvmLxUR6GOTEY=,tag:I7cnY580Tb5osur7pfSKTA==,type:str] -local_private_env: ENC[AES256_GCM,data:xeZv93xCk98UjvAUfjB1eEI9DL9Talpj00oB6zxOYSGnICprIDAzXdV86I5h6H+NgM/q20AsZ8ijpomQiFff,iv:iuhI0sKi0x3Ckw4bNxJAL4T6UzzdkJEMo6VMXl/X3sc=,tag:fHIDWL4Mmn42e2FUoaO/oQ==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1g4h5a4f5xfle2a6np8te342pphs3mcuan60emz2zp87nrwjzl5yquhr5vl - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDbTNUaUJDWHliYVJoTStU - ZjFlRjExYitrN3BDMWZWUnpTb204aUNRUWxVClZIWlJQeUlrdFhOYXRaQzRFUmNT - aTYyKzlZR1JFVkUwQkQyVGV0Mys2NjAKLS0tIEhBNWk5NDFoRnJUVUpnMDl2RlRS - bnA3M3dVdWNEVVFVYVF6R2xvQ2s4WTgKl8KsbY8lLraUZmZFlbKS50I+hemSa3lI - irdGQWBGL5aaeKFT9bOta9z+1YdMAsXxvAWOM/PZ2hwXTd6CCUpKtg== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-11-27T06:15:28Z" - mac: ENC[AES256_GCM,data:d3pkBfhvNpbxKla3Ki0Bcv2KMu0/S818d75e2uwgVXsVMJdiPNIjF1NyleB+6i4LAFnVvYdkVXdIzctWITQrQv/Bq0sQzlZx/EuioYzD9Z7c2SCrf2PWPnorm+1uc23rN8pc9uxCrOqf8P94qxJRieiLOoCQMJDQrAk/bn5NglU=,iv:C6b7z6tg295Peoh1rj+uG4t62AOxJjMf/SQN0DJDdeY=,tag:LneADYRHFVHSqN7PmiE/5w==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.8.1 diff --git a/modules/hosts/nixos/nixnuc/default.nix b/modules/hosts/nixos/nixnuc/default.nix index 03fdbfd8..1ee6393e 100644 --- a/modules/hosts/nixos/nixnuc/default.nix +++ b/modules/hosts/nixos/nixnuc/default.nix @@ -525,6 +525,19 @@ in forceSSL = true; locations."/".proxyPass = "http://${backend_ip}:${toString config.dots.ports.wallabag.port}"; }; + "ytdlfin.${home_domain}" = { + listen = [ + { + inherit (config.dots.ports.https) port; + addr = "0.0.0.0"; + ssl = true; + } + ]; + enableACME = true; + acmeRoot = null; + forceSSL = true; + locations."/".proxyPass = "http://${backend_ip}:${toString config.dots.ports.ytdlfin.port}"; + }; }; }; pinchflat = { @@ -542,6 +555,9 @@ in }; pocket-id = { enable = true; + credentials = { + ENCRYPTION_KEY = config.sops.secrets.pocketid_encryption_key.path; + }; settings = { APP_URL = "https://id.${home_domain}"; TRUST_PROXY = true; @@ -587,6 +603,21 @@ in ]; useRoutingFeatures = "both"; }; + ytdlfin = { + enable = true; + user = config.services.jellyfin.user; + group = config.services.jellyfin.group; + port = config.dots.ports.ytdlfin.port; + stagingDir = "/orico/jellyfin/staging/.ytdlfin-staging"; + environmentFile = config.sops.secrets.ytdlfin-env.path; + settings = { + oidcIssuerUrl = "https://id.${home_domain}"; + oidcRedirectUri = "https://ytdlfin.${home_domain}/auth/callback"; + oidcAdminGroup = "ytdlfin_admins"; + oidcUserGroup = "ytdlfin_users"; + mediaDirectories = [ "/orico/jellyfin/data" ]; + }; + }; zfs.autoScrub.enable = true; }; @@ -636,9 +667,16 @@ in owner = "nginx"; restartUnits = [ "nginx.service" ]; }; + pocketid_encryption_key = { + restartUnits = [ "pocket-id.service" ]; + }; tailscale_key = { restartUnits = [ "tailscaled-autoconnect.service" ]; }; + ytdlfin-env = { + owner = config.services.ytdlfin.user; + restartUnits = [ config.systemd.services.ytdlfin.name ]; + }; }; }; diff --git a/modules/hosts/nixos/nixnuc/monitoring-stack.nix b/modules/hosts/nixos/nixnuc/monitoring-stack.nix index 2c9da203..991df12c 100644 --- a/modules/hosts/nixos/nixnuc/monitoring-stack.nix +++ b/modules/hosts/nixos/nixnuc/monitoring-stack.nix @@ -268,6 +268,8 @@ in # No password needed - using peer authentication via Unix socket }; + security.secret_key = "$__file{${config.sops.secrets.grafana_secret_key.path}}"; + # Server configuration server = { domain = "monitoring.${home_domain}"; @@ -360,6 +362,10 @@ in owner = "grafana"; restartUnits = [ "grafana.service" ]; }; + grafana_secret_key = { + owner = "grafana"; + restartUnits = [ "grafana.service" ]; + }; home_assistant_token = { owner = "vmagent"; restartUnits = [ "vmagent.service" ]; diff --git a/modules/hosts/nixos/nixnuc/ports.nix b/modules/hosts/nixos/nixnuc/ports.nix index 7764ef8a..922fe566 100644 --- a/modules/hosts/nixos/nixnuc/ports.nix +++ b/modules/hosts/nixos/nixnuc/ports.nix @@ -74,6 +74,9 @@ immich = { port = 2283; }; + ytdlfin = { + port = 8001; + }; cadvisor = { port = 8081; }; diff --git a/modules/hosts/nixos/nixnuc/secrets.yaml b/modules/hosts/nixos/nixnuc/secrets.yaml index add71a18..0b2730de 100644 --- a/modules/hosts/nixos/nixnuc/secrets.yaml +++ b/modules/hosts/nixos/nixnuc/secrets.yaml @@ -8,20 +8,22 @@ firefly_simplefin_token: ENC[AES256_GCM,data:xJGII+ChIinSpJt+DNU8k8xtgxZkQPmr+02 firefly_vanity_url: ENC[AES256_GCM,data:ypIv2VA/B8RStW5Ifj5J20n/MI+jevd0vYrJPchERpt+txPJ0fo=,iv:16/hQyr/TJgLlNjJSUirEpth7jSHP/ooXQ/Vr97wBiA=,tag:p4WiNKm1zkizQCOFVKcW0Q==,type:str] grafana_oauth_client_id: ENC[AES256_GCM,data:AyqM4bV/9yiWyi0/wqu/SUt5cXYgpsvDcsOgCWENcLeFgGbV,iv:jbUSZQwGOc9V0RON9nAvI86HjGCDuh4wrnpgWcWNG0I=,tag:V6Xe1/r0srITkPDQZ2G+wA==,type:str] grafana_oauth_client_secret: ENC[AES256_GCM,data:As+m4hLWXy2uMq3KHWPtKzsRY4faYjGUrCdCSzP+TuI=,iv:3UAl8vuf7gUc5voyA2yuY8iiBaoI0iF3U7AFv0siskE=,tag:oD3B5SCNkIfqn88gBxy3Fw==,type:str] +grafana_secret_key: ENC[AES256_GCM,data:lETspO+n++qKtnxtCA6jK9qZRvQ=,iv:Xxe0Nw2/zaPCkqpekmvIH7KCvSqlwnCsDyc7qVi1pjI=,tag:eRRd1Z39GPiVIovHqtdLng==,type:str] home_assistant_token: ENC[AES256_GCM,data:fNpoH60rXAsoVx/NBoDobDw/e6IoeoZfef1uDR7HbmnHNI101b+kQKkB8wBXEDLf7MlqlXVc1ExlgYFUo7+h2msx4WZUCGzuHtp1cMP0O9s2PZoQU8KQM2Frd69vOUcOT5y5ShJZPRrf6H2UKrm//3jE9zDOxxy3cQj6Q+jQLXX4AfZ12JAKzSiee9URWdU8eCHbnquUl1RNHF7zZQ8Mr9m41sBOrpBXt7ErsrhxxRhwlk7qprLt,iv:1j/QmOkLYd7nA+wXS49drBHU09HzMP3XxPbPdaErV6E=,tag:ftyOeNaN5PwNebeMPNAmTg==,type:str] immich_kiosk_basic_auth: ENC[AES256_GCM,data:R/vaYXe0SRwSUg8zC367vA/OYhjIcgfbHxR3OhLt1YYUhPNXVuUGmn199zLD,iv:GBEjJKvbwHAS75negE2whTlI4wS8K2nQYNm3015DFoY=,tag:zs+bJEr9JlIrJtikHycN4g==,type:str] mealie: ENC[AES256_GCM,data:fZFBWlh/nbxK0GA6+fb1FK6aFfbiV/GsBYKYRPgavcsB9h4HwRSZN94gPQ3AfGnk1q08ORPBYShNUIaVdsf4+t3taDC7bNTwPqFGRxoeKOU15BPj6Fpw7SHlplApUg7RDmuTWZuXDH0F49N+09GU/Lc26ewHMAzL8CtGg/H7s3CQfFEqCYYcXJeUcnNDu6PRnKFIAppflSScREp29CUf/IfTYQXidQC25upZgcvGJ+dCTDyNFftlhQiFQh8nFRFVJfKk4iBqnig3fOYsTD32ohAotfDGsSUWb9yjoYQNnNn0V14/,iv:WRFiBtavTP3iP5YSaCMkd7ag8ccx1BO76Vlw6axPkJU=,tag:4BhAxbF8JUB0MV12yx86uQ==,type:str] mtnmesh_bot_dot_env: ENC[AES256_GCM,data:jKz0voG/a7Eq+zHI2fsejTpu5H+ic5ZE8VmtOQDQEOTvYT8GWr2oCGwh68ql7g+nU5hlNN7uLl9LreW59nTgmvWNCVjVNKchxJeydktMUoq2FlgyoC2I354bi9gFEL0X5JYRR7jG9iwy4WGyEFfhhUJn1MSwOurRZPw/tdWTUKQVwN5oqjMxkXrZhFLDzq6BrTs0hBpzRYTe,iv:ZBxHkW8VyU+8v4GiDJMEaeqm3Fdtuwm7M/7YXkfkMnw=,tag:S8hTOSicQNIAj/Gdxzw5+A==,type:str] nextcloud_admin_pass: ENC[AES256_GCM,data:KztB3Tkqlt73PEO41lthGYElrbwVdfqQgT6f,iv:kRwXqGJO4AUOMq+uYzndGhscaJiyvG4ANKabHHd78YM=,tag:dP3PgKafDTv8x7huKJGDqA==,type:str] nginx_basic_auth: ENC[AES256_GCM,data:9qy8ccV9yWOrQtagf4D4fTp4v8GuY5ORxsE8hUv/vKngOhlG1ikvuIJacIfTfZj9JCoVWnQ=,iv:UGh/KGqT93t91rXu0JN1Hi4/Hb0ICnGiKkymm/5VLU0=,tag:8X6+bKk9zqggRXQhXrhJAg==,type:str] +pocketid_encryption_key: ENC[AES256_GCM,data:N/V1XHU4NZOL02KJL6kqec9NyJl1UQI4q626j7apFxfz/LMXNavQQ8eKDtrY,iv:ukJAEWKq3SX1iU8qXhxEAGVlovY5N8FTwdShgMQ+zig=,tag:U9eWbhaPySsYlyhS+dEoQQ==,type:str] psitransfer_dot_env: ENC[AES256_GCM,data:bhvU0AOCjecZ62BtLw4H1DdkLeatI+uUl6L7UkdDRkBF3sayO45Z1eR4q60tflXucyTGhT8WgKFz53I+C2dn265wzojIRc3Xr4TBLyWpfJ7/dct40SckgUiRvOnrefiriWQ=,iv:DGMhDkzgeupzzTJnCdVWDPUSo2wxI3MAypKQwVfHExE=,tag:KbteGqrkqgj2XB1lvlk/yQ==,type:str] pinchflat_dot_env: ENC[AES256_GCM,data:8DLiFXThG5PGJ0ymW5bMVy5A8dM=,iv:BGkVvxaNwFIMSaA3F6h4ZsgkC9tm1lohA0lg2pgZhpw=,tag:qQNrluP5exdKG3NXgQHM8g==,type:str] tandoor_db_pass: ENC[AES256_GCM,data:X0unx5jquLsUXadbF6xLjjeGY+f8Ec4kdc15JQ==,iv:XptlJHfAkF+3jbgJTqxhVReYjuVVdk3NzfPepP78DRI=,tag:3RG5P9QGCJ/fjdxWpY1xWA==,type:str] tandoor_secret_key: ENC[AES256_GCM,data:aSQRdtWUZQzy5rvQBPAvYFvwTqyu16UGrvUayxqi2WdsTOfqOyxQ7ywNEy/g/qPqSbwM,iv:kbct/gvfYhU6GOhkomY80o/Sx5mr9FY9SAFJGNrj3Ow=,tag:v+LKQ9UM5nzzd77By7TnGg==,type:str] +ytdlfin-env: ENC[AES256_GCM,data:X33y2zqG7XRhUX0F7YoT8clGoOzTuBKTaKbyZ5/2UmFJfg5xxRYieelRwKxAw/FvZoMEHRaugXYfHinCjOvRT6+Zgk5BOiV1f4TvRInTAIrMq8ApFlYvsUS7rS6q1g9Q5/h/gmOmEaa400+7Aml4fuHUaIEJG3OBGQEdZc97pLLsfmBAG+uYxxom6+msXJ494Ua1cnfbsjcvVReJiIa1TjRH3BN8LrJY42UEv4QSGFhyJKEpNtJre3t+,iv:4pyijslimg8SKBt1EzuwFGxxAy3nDYk9razfEbfj+EE=,tag:blmVpDS1GDx/7kQEDVLkJg==,type:str] sops: age: - - recipient: age1g24zhwvgenpc4wqejt63thvgd4rn5x9n7nnwwme7dm83nfqpp93se2vmq4 - enc: | + - enc: | -----BEGIN AGE ENCRYPTED FILE----- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6djJ0Z2t4SFNjbzlHUmt2 NjVudktRcU9yZ0NEQXlnZG5uYTNoNExySFUwCldETHFwNzhwWEExTmxVV2dkTlBL @@ -29,7 +31,8 @@ sops: bHZlNTZDV2NYU1hQQy9mem80SFF6TFkKfmjkJBfTdh0vTtGaVx1t3tHJvSsAwdYD PF025X9U+yG2oIopwXEVBkxcD70eyuJn3OqH0xoVLBkbhNM9i8LHrA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-05-20T18:07:22Z" - mac: ENC[AES256_GCM,data:U7j8qeIWrww09vRoguZb43eKmlRDqUivrX3egwvAgSQm/Fovp1P86ADvLl3W7gMyBut/7dqg09GdaZDZfn9djgdrJ7Ky7F3CsmAAejWOvPBLNpsbSncdveMkaIx4XWdwYmTPg02svz1Rdh4kQy0Nfd6xy4BjwHaHUTrZVROX6/M=,iv:RWrogMtP2BO2urccGJQE2VHjjQOH8XdIVRXzLRP00cQ=,tag:XI7m8SvR+0EK4QTD1sex/A==,type:str] + recipient: age1g24zhwvgenpc4wqejt63thvgd4rn5x9n7nnwwme7dm83nfqpp93se2vmq4 + lastmodified: "2026-06-13T23:53:00Z" + mac: ENC[AES256_GCM,data:flcQgdp3x15cy/SY8FwF3LWJy54l4Si/mW3dXhjFWCBO/qPoceAqgFSRKnZsNxtJYZWP3n43gqpMLQQXk7667VoDC/YDrAZRZVbdQXakXmxZzASBki2BX6iT2JQ1+VDeo4tpK5WGH3aL6uhzwtw1a3GQEGkysV/D1Vb7mXv7U6A=,iv:dTofpuoxJabzw34L+Wm6VszRkVGTr19lCblwbE0umdI=,tag:+AR2ndMOwDgl3QPWUYZhpQ==,type:str] unencrypted_suffix: _unencrypted - version: 3.12.1 + version: 3.13.1 diff --git a/modules/shared/home/general/default.nix b/modules/shared/home/general/default.nix index 7fc6b4e7..014c1658 100644 --- a/modules/shared/home/general/default.nix +++ b/modules/shared/home/general/default.nix @@ -13,10 +13,12 @@ cheat colordiff deadnix - dogdns + # dogdns # seems this is now unmaintained :( + doggo dos2unix duf dust + (fastfetch.override { enlightenmentSupport = false; }) fd f2 git-filter-repo @@ -261,6 +263,7 @@ }; zsh = { enable = true; + dotDir = config.home.homeDirectory; enableCompletion = true; autosuggestion.enable = true; history.save = 1000000; diff --git a/modules/shared/home/linux/default.nix b/modules/shared/home/linux/default.nix index 2cc695b1..f5c98d4a 100644 --- a/modules/shared/home/linux/default.nix +++ b/modules/shared/home/linux/default.nix @@ -1,8 +1,8 @@ { pkgs, ... }: { - home.packages = with pkgs; [ - fastfetch - ]; + #home.packages = with pkgs; [ + # fastfetch + #]; programs = { # Linux-specific aliases