christoph/flake-nixinator
1
Fork 0
Code Activity

Compare commits

base: christoph:2e78898c5a39af85d0ba3e27e6978e9d154f5354
Branches Tags
christoph:master
...
compare: christoph:c90e685808526bc4e65b0cb98849749485f8db82
Branches Tags
christoph:master

7 Commits
2e78898c5a ... c90e685808

Author SHA1 Message Date
Christoph Urlacher
c90e685808 Home: Extract common nixos/darwin packages/programs/module-configs into terminal+packages modules 2026-03-24 11:57:05 +01:00
Christoph Urlacher
f514387f64 System: Use lib.networking to configure static networks 2026-03-24 11:32:11 +01:00
Christoph Urlacher
c328c188b8 Lib/Networking: Add option to configure route-less addresses 2026-03-24 11:31:56 +01:00
Christoph Urlacher
585f74ce0f System: Use common nix configuration 2026-03-24 11:30:38 +01:00
Christoph Urlacher
8263fe01eb Lib/Nixos: Add common nix configuration 2026-03-24 11:30:22 +01:00
Christoph Urlacher
d61e6f8b9c Services: Use common dockerhub login 2026-03-24 11:29:21 +01:00
Christoph Urlacher
7c7c195083 Lib/Containers: Add common dockerhub login 2026-03-24 11:27:22 +01:00
43 changed files with 399 additions and 725 deletions
Expand all files Collapse all files

123
home/christoph/darwinix/default.nix
View File

@ -8,17 +8,13 @@
inputs,
...
}: {
config = let
inherit (config.homemodules) color;
in {
config = {
paths = rec {
nixflake = "${config.home.homeDirectory}/NixFlake";
dotfiles = "${nixflake}/config";
};
homemodules = {
bat.enable = true;
color = {
scheme = "catppuccin-mocha";
accent = "mauve";
@ -29,29 +25,7 @@
font = "MonoLisa Alt Script";
};
fastfetch.enable = true;
fish.enable = true;
git = {
enable = true;
userName = "Christoph Urlacher";
userEmail = "christoph.urlacher@protonmail.com";
signCommits = true;
};
kitty.enable = true;
lazygit.enable = true;
neovim = {
enable = true;
alias = true;
neovide = true;
};
ssh.enable = true;
tmux.enable = true;
yazi.enable = true;
packages.enable = true;
};
home = {
@ -67,101 +41,12 @@
TERMINAL = "kitty";
};
packages = with pkgs; [
(ripgrep.override {withPCRE2 = true;})
gdu
duf
sd
fclones
tealdeer
killall
atool
exiftool
ouch
ffmpegthumbnailer
mediainfo
file
unrar
p7zip
unzip
progress
tokei
nix-search-tv
nix-tree
just
ffmpeg-full
imagemagick
poppler-utils
pdf2svg
pandoc
dig
tcpdump
gping
curlie
wget
doggo
rsync
rclone
httpie
speedtest-cli
jellyfin-tui
inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default
cachix
# GUI
ripdrag
# Darwin
# alt-tab-macos
# discord # HomeBrew
# obsidian # HomeBrew
# nextcloud-client # HomeBrew
# protonvpn-gui # HomeBrew
# iina
];
# packages = with pkgs; []; # Configured in homemodules/packages
stateVersion = "25.11";
};
# TODO: Deduplicate with other configs
programs = {
home-manager.enable = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
fd.enable = true;
fzf = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
navi = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
yt-dlp.enable = true;
zoxide = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
};
programs = {};
services = {};
};

206
home/christoph/default.nix
View File

@ -33,9 +33,7 @@ in
};
homemodules = {
bat.enable = true;
beets.enable = !headless;
btop.enable = true;
cava.enable = !headless;
chromium = {
@ -71,8 +69,6 @@ in
docs.enable = !headless;
fastfetch.enable = true;
firefox = {
enable = !headless;
wayland = true;
@ -81,39 +77,15 @@ in
disableTabBar = true;
};
fish.enable = true;
git = {
enable = true;
userName = "Christoph Urlacher";
userEmail = "christoph.urlacher@protonmail.com";
signCommits = true;
};
kitty.enable = !headless;
lazygit.enable = true;
mpd.enable = !headless;
neovim = {
enable = true;
alias = true;
neovide = !headless;
};
niri.enable = nixosConfig.programs.niri.enable;
nnn.enable = false; # Use yazi
packages.enable = true;
qutebrowser.enable = !headless;
rmpc.enable = !headless;
rofi = {
enable = false;
};
ssh.enable = true;
tmux.enable = true;
rofi.enable = false;
terminal.enable = true;
waybar.enable = !headless;
yazi.enable = true;
zathura.enable = !headless;
};
@ -275,171 +247,13 @@ in
};
# Add stuff for your user as you see fit:
# TODO: Make the headless installations smaller. Don't install stuff here if !headless but in nixinator config.
packages = with pkgs;
lib.mkMerge [
[
# Shell utils
(ripgrep.override {withPCRE2 = true;}) # fast as fuck
gdu # Alternative to du-dust (I like it better)
duf # Disk usage analyzer (for all disk overview)
sd # Sed alternative
fclones # Duplicate file finder
tealdeer # Very fast tldr (so readable man)
killall
atool # Archive preview
exiftool
ouch # Unified compression/decompression
ffmpegthumbnailer # Video thumbnails
mediainfo # Media meta information
file # File meta information
unrar # Cooler WinRar
p7zip # Zip stuff
unzip # Unzip stuff
progress # Find coreutils processes and show their progress
tokei # Text file statistics in a project
playerctl # Media player control
pastel # Color tools
nvd # Nix rebuild diff
nix-search-tv # Search nixpkgs, nur, nixos options and homemanager options
nix-tree # Browse the nix store sorted by size (gdu for closures)
nurl # Generate nix fetcher sections based on URLs
python313 # Nicer scripting than bash
lazyjournal # Journalctl viewer
systemctl-tui
restic # Backups
gnumake
just # make alternative
binsider # .elf analyzer
jujutsu # git-like vcs
lurk # strace analysis
radare2
# Hardware/Software info
pciutils # lspci
mesa-demos # OpenGL info
wayland-utils # wayland-info
clinfo # OpenCL info
vulkan-tools # vulkaninfo
libva-utils # vainfo
vdpauinfo # Video-Decode and Presentation API for Unix info
hwloc # Generate CPU topology diagram
lm_sensors # Readout hardware sensors
acpica-tools # Dump ACPI tables etc.
smartmontools # Disk health
nvme-cli # NVME disk health
# Video/Image/Audio utils
ffmpeg-full # I love ffmpeg (including ffplay)
ffmpeg-normalize # Normalize audio
imagemagick # Convert image (magic)
mp3val # Validate mp3 files
flac # Validate flac files
# spotdl
# Document utils
poppler-utils # pdfunite
graphviz # generate graphs from code
d2 # generate diagrams from code
plantuml # generate diagrams
gnuplot # generate function plots
pdf2svg # extract vector graphics from pdf
pandoc # document converting madness
# Networking
dig # Make DNS requests
tcpdump # Listen in on TCP traffic
traceroute # "Follow" a packet
gping # ping with graph
curlie # curl a'la httpie
wget # download that shit
doggo # dns client
rsync # cp on steroids
rclone # Rsync for cloud
httpie # Cool http client
cifs-utils # Mount samba shares
nfs-utils # Mount NFS shares
sshfs # Mount remote directories via SSH
speedtest-cli
# Run unpatched binaries on NixOS
# Sets NIX_LD_LIBRARY_PATH and NIX_LD variables for nix-ld.
# Usage: "nix-alien-ld -- <Executable>".
inputs.nix-alien.packages.${pkgs.stdenv.hostPlatform.system}.nix-alien
# Search nixpkgs
inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default
# Use NixCommunity binary cache
cachix
]
(lib.mkIf (!headless) [
ripdrag # drag & drop from terminal
veracrypt
wl-clipboard
# Proton
protonvpn-gui
protonmail-bridge-gui
# GUI stuff
nautilus # Just in case
signal-desktop
anki
font-manager # Previews fonts, but doesn't set them
nextcloud-client
keepassxc
thunderbird # TODO: Email module
obsidian
zotero
zeal # docs browser
# helvum # unmaintained
crosspipe
vlc
audacity
ferdium
gparted
# feishin # electron :(
jellyfin-tui
czkawka-full # file deduplicator
# Office
kdePackages.wacomtablet # For xournalpp/krita
xournalpp # Write with a pen, like old people
hunspell # I cna't type
hunspellDicts.en_US
hunspellDicts.de_DE
inputs.masssprings.packages.${stdenv.hostPlatform.system}.default
])
];
# packages = with pkgs; []; # Configured in homemodules/packages
};
# home.file.".options-doc".source = "${pkgs.modules-options-doc}";
# Packages with extra options managed by HomeManager natively
programs = {
# The home-manager management tool.
# Will only be enabled if HM is installed standalone.
home-manager.enable = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
fd.enable = true;
fzf = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
imv = {
enable = !headless;
settings = {
@ -467,11 +281,6 @@ in
};
};
navi = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
nix-index = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
@ -501,13 +310,6 @@ in
# pointer
# ];
# };
yt-dlp.enable = true;
zoxide = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
};
services = {

1
home/christoph/nixinator/default.nix
View File

@ -101,6 +101,7 @@
jellyfin-mpv-shim
# tidal-hifi
# tidal-dl-ng # TODO: Borked
# spotdl
tiddl
picard
handbrake

2
home/homemodules/default.nix
View File

@ -21,12 +21,14 @@
./neovim
./niri
./nnn
./packages
./paths
./qutebrowser
./rmpc
./rofi
./waybar
./ssh
./terminal
./tmux
./yazi
./zathura

217
home/homemodules/packages/default.nix Normal file
View File

@ -0,0 +1,217 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
headless,
inputs,
...
}: let
inherit (config.homemodules) packages color;
in {
options.homemodules.packages = import ./options.nix {inherit lib mylib;};
config = lib.mkIf packages.enable {
home.packages = with pkgs;
lib.mkMerge [
# Common packages
[
# Shell utils
(ripgrep.override {withPCRE2 = true;}) # fast as fuck
gdu # Alternative to du-dust (I like it better)
duf # Disk usage analyzer (for all disk overview)
sd # Sed alternative
fclones # Duplicate file finder
tealdeer # Very fast tldr (so readable man)
killall
atool # Archive preview
exiftool
ouch # Unified compression/decompression
ffmpegthumbnailer # Video thumbnails
mediainfo # Media meta information
file # File meta information
unrar # Cooler WinRar
p7zip # Zip stuff
unzip # Unzip stuff
progress # Find coreutils processes and show their progress
tokei # Text file statistics in a project
# Nix
nix-search-tv # Search nixpkgs, nur, nixos options and homemanager options
nix-tree # Browse the nix store sorted by size (gdu for closures)
inputs.nps.packages.${pkgs.stdenv.hostPlatform.system}.default # Search nixpkgs
# Video/Image/Audio utils
ffmpeg-full # I love ffmpeg (including ffplay)
ffmpeg-normalize # Normalize audio
# Document utils
poppler-utils # pdfunite
pdf2svg # extract vector graphics from pdf
pandoc # document converting madness
# Networking
dig # Make DNS requests
tcpdump # Listen in on TCP traffic
gping # ping with graph
curlie # curl a'la httpie
wget # download that shit
doggo # dns client
rsync # cp on steroids
rclone # Rsync for cloud
httpie # Cool http client
speedtest-cli
# Use NixCommunity binary cache
cachix
]
# Common !headless packages
(lib.optionals (!headless) [
ripdrag # drag & drop from terminal
jellyfin-tui
])
# Linux exclusive packages
(lib.optionals (pkgs.stdenv.isLinux) [
pastel # Color tools
nvd # Nix rebuild diff
nurl # Generate nix fetcher sections based on URLs
python313 # Nicer scripting than bash
lazyjournal # Journalctl viewer
systemctl-tui
restic # Backups
gnumake
just # make alternative
binsider # .elf analyzer
jujutsu # git-like vcs
lurk # strace analysis
radare2
# Hardware/Software info
pciutils # lspci
mesa-demos # OpenGL info
wayland-utils # wayland-info
clinfo # OpenCL info
vulkan-tools # vulkaninfo
libva-utils # vainfo
vdpauinfo # Video-Decode and Presentation API for Unix info
hwloc # Generate CPU topology diagram
lm_sensors # Readout hardware sensors
acpica-tools # Dump ACPI tables etc.
smartmontools # Disk health
nvme-cli # NVME disk health
# Video/Image/Audio utils
imagemagick # Convert image (magic)
mp3val # Validate mp3 files
flac # Validate flac files
# Document utils
graphviz # generate graphs from code
d2 # generate diagrams from code
plantuml # generate diagrams
gnuplot # generate function plots
# Networking
traceroute # "Follow" a packet
cifs-utils # Mount samba shares
nfs-utils # Mount NFS shares
sshfs # Mount remote directories via SSH
# Run unpatched binaries on NixOS
# Sets NIX_LD_LIBRARY_PATH and NIX_LD variables for nix-ld.
# Usage: "nix-alien-ld -- <Executable>".
inputs.nix-alien.packages.${pkgs.stdenv.hostPlatform.system}.nix-alien
])
# Linux exclusive packages (!headless)
(lib.optionals (pkgs.stdenv.isLinux && (!headless)) [
veracrypt
wl-clipboard
# Proton
protonvpn-gui
protonmail-bridge-gui
# GUI stuff
nautilus # Just in case
signal-desktop
anki
font-manager # Previews fonts, but doesn't set them
nextcloud-client
keepassxc
thunderbird # TODO: Email module
obsidian
zotero
zeal # docs browser
# helvum # unmaintained
crosspipe
vlc
audacity
ferdium
gparted
# feishin # electron :(
jellyfin-tui
playerctl # Media player control
czkawka-full # file deduplicator
# Office
kdePackages.wacomtablet # For xournalpp/krita
xournalpp # Write with a pen, like old people
hunspell # I cna't type
hunspellDicts.en_US
hunspellDicts.de_DE
inputs.masssprings.packages.${stdenv.hostPlatform.system}.default
])
# Darwin exclusive packages
(lib.optionals pkgs.stdenv.isDarwin [
# Use homebrew instead
# alt-tab-macos
# discord
# obsidian
# nextcloud-client
# protonvpn-gui
# iina
])
];
programs = {
# The home-manager management tool.
# Will only be enabled if HM is installed standalone.
home-manager.enable = true;
direnv = {
enable = true;
nix-direnv.enable = true;
};
eza = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
fd.enable = true;
fzf = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
navi = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
yt-dlp.enable = true;
zoxide = {
enable = true;
enableFishIntegration = config.homemodules.fish.enable;
};
};
};
}

7
home/homemodules/packages/options.nix Normal file
View File

@ -0,0 +1,7 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable common packages";
}

43
home/homemodules/terminal/default.nix Normal file
View File

@ -0,0 +1,43 @@
{
config,
nixosConfig,
lib,
mylib,
pkgs,
headless,
...
}: let
inherit (config.homemodules) terminal color;
in {
options.homemodules.terminal = import ./options.nix {inherit lib mylib;};
config = lib.mkIf terminal.enable {
homemodules = {
bat.enable = true;
btop.enable = true;
fastfetch.enable = true;
fish.enable = true;
git = {
enable = true;
userName = "Christoph Urlacher";
userEmail = "christoph.urlacher@protonmail.com";
signCommits = true;
};
kitty.enable = true;
lazygit.enable = true;
neovim = {
enable = true;
alias = true;
neovide = !headless;
};
ssh.enable = true;
tmux.enable = true;
yazi.enable = true;
};
};
}

7
home/homemodules/terminal/options.nix Normal file
View File

@ -0,0 +1,7 @@
{
lib,
mylib,
...
}: {
enable = lib.mkEnableOption "Enable terminal tools";
}

13
lib/containers.nix Normal file
View File

@ -0,0 +1,13 @@
{
inputs,
pkgs,
lib,
...
}: {
# Standard DockerHub login used by all oci-container services.
# Usage: login = mylib.containers.mkDockerLogin config;
mkDockerLogin = config: {
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
}

1
lib/default.nix
View File

@ -13,4 +13,5 @@
rofi = import ./rofi.nix {inherit inputs pkgs lib;};
generators = import ./generators.nix {inherit inputs pkgs lib;};
color = import ./color.nix {inherit inputs pkgs lib;};
containers = import ./containers.nix {inherit inputs pkgs lib;};
}

5
lib/networking.nix
View File

@ -43,6 +43,8 @@
routers,
nameservers,
routable,
# Extra addresses declared without creating routes (e.g. IPv6 ULA).
extraAddresses ? [],
}: {
enable = true;
@ -56,7 +58,8 @@
address = ips;
gateway = routers;
dns = nameservers;
routes = builtins.map (r: {Gateway = r;}) routers; # TODO: We need to add a way to specify addresses without routes (IPv6 ULA)
routes = builtins.map (r: {Gateway = r;}) routers;
addresses = builtins.map (a: {Address = a;}) extraAddresses;
# See man systemd.network
networkConfig = {

20
lib/nixos.nix
View File

@ -4,6 +4,26 @@
lib,
...
}: {
# Common nix daemon settings shared between NixOS and nix-darwin.
# Darwin additionally needs nix.enable = true.
mkCommonNixSettings = username: {
enable = true;
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes pipe-operators
'';
settings.trusted-users = ["root" username];
gc.automatic = false;
gc.options = "--delete-older-than 5d";
settings.auto-optimise-store = true;
optimise.automatic = true;
registry = lib.mapAttrs' (n: v: lib.nameValuePair n {flake = v;}) inputs;
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"home-manager=${inputs.home-manager.outPath}"
];
};
mkNixosConfigWithHomeManagerModule = {
system,
mylib,

23
system/darwinix/default.nix
View File

@ -10,28 +10,7 @@
hostname,
...
}: {
nix = {
enable = true;
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes pipe-operators
'';
settings.trusted-users = ["root" "${username}"];
gc.automatic = false;
gc.options = "--delete-older-than 5d";
settings.auto-optimise-store = true;
optimise.automatic = true;
registry = lib.mapAttrs' (n: v: lib.nameValuePair n {flake = v;}) inputs;
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"home-manager=${inputs.home-manager.outPath}"
];
};
nix = mylib.nixos.mkCommonNixSettings username;
networking = {
hostName = "${hostname}";

26
system/default.nix
View File

@ -104,31 +104,7 @@ with mylib.networking; {
};
# Enable flakes
nix = {
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes pipe-operators
'';
settings.trusted-users = ["root" "${username}"];
# Auto garbage-collect and optimize store
gc.automatic = false; # Done by nh.clean.enable;
gc.options = "--delete-older-than 5d";
settings.auto-optimise-store = true;
optimise.automatic = true;
# This will add your inputs as registries, making operations with them (such
# as nix shell nixpkgs#name) consistent with your flake inputs.
# (Registry contains flakes)
registry = lib.mapAttrs' (n: v: lib.nameValuePair n {flake = v;}) inputs;
# Set NIX_PATH to find nixpgks
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"home-manager=${inputs.home-manager.outPath}"
];
};
nix = mylib.nixos.mkCommonNixSettings username;
# Bootloader/Kernel stuff
boot = {

53
system/servenix/default.nix
View File

@ -65,52 +65,13 @@
useNetworkManager = false;
networks = {
# "10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
# interface = "ens18";
# ips = ["192.168.86.25/24" "fd00::19/64"];
# routers = ["192.168.86.5" "fd00::5"];
# nameservers = ["8.8.8.8" "2001:4860:4860::8888"]; # NOTE: Use reliable DNS for servers instead of 192.168.86.26
# routable = true;
# };
# TODO: mylib.networking.mkStaticSystemdNetwork needs improvement to accomodate for this
"10-ether-1G" = rec {
enable = true;
# See man systemd.link, man systemd.netdev, man systemd.network
matchConfig = {
# This corresponds to the [MATCH] section
Name = "ens18"; # Match ethernet interface
};
# Static IP + DNS + Gateway
address = ["192.168.86.25/24"];
gateway = ["192.168.86.5"]; # Don't add IPv6 gateway, rely on router advertisement instead
dns = ["8.8.8.8" "8.8.4.4" "2001:4860:4860:8888" "2001:4860:4860:8844"];
routes = builtins.map (r: {Gateway = r;}) gateway;
# See man systemd.network
networkConfig = {
# This corresponds to the [NETWORK] section
DHCP = "no";
IPv6AcceptRA = "yes"; # Accept Router Advertisements
# MulticastDNS = "no";
# LLMNR = "no";
# LinkLocalAddressing = "ipv6";
};
addresses = [
{
# Don't add this to address, we don't want to create any routes with this
Address = "fd00::19/64";
}
];
linkConfig = {
# This corresponds to the [LINK] section
RequiredForOnline = "routable";
};
"10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
interface = "ens18";
ips = ["192.168.86.25/24"];
routers = ["192.168.86.5"]; # Don't add IPv6 gateway, rely on router advertisement instead
nameservers = ["8.8.8.8" "8.8.4.4" "2001:4860:4860:8888" "2001:4860:4860:8844"]; # NOTE: Use reliable DNS for servers instead of 192.168.86.26
routable = true;
extraAddresses = ["fd00::19/64"]; # IPv6 ULA — declared without creating a route
};
};

10
system/services/0_TEMPLATE.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -16,14 +17,7 @@ in {
image = "TEMPLATE:${TEMPLATEVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/adguard.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "adguard/adguardhome:${adguardVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/authelia.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "authelia/authelia:${autheliaVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/bazarr.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/bazarr:${bazarrVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/box.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "stashapp/stash:${boxVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/comfyui.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -12,14 +13,7 @@ in {
image = "yanwk/comfyui-boot:${comfyuiVersion}";
autoStart = false;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/fileflows-node.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "revenz/fileflows:${fileflowsVersion}";
autoStart = false;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/fileflows.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "revenz/fileflows:${version}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

28
system/services/gitea.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -27,14 +28,7 @@ in {
image = "postgres:14";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];
@ -59,14 +53,7 @@ in {
image = "gitea/gitea:${giteaVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [
"gitea-db"
@ -107,14 +94,7 @@ in {
image = "gitea/act_runner:${runnerVersion}"; # NOTE: vegardit has other runner images
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [
"gitea"

10
system/services/immich.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -39,14 +40,7 @@ in {
image = "redis";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/jellyfin.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/jellyfin:${jellyfinVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [
# "pihole"

10
system/services/kopia.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -18,14 +19,7 @@ in {
image = "kopia/kopia:${kopiaVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

28
system/services/nextcloud.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -33,14 +34,7 @@ in {
image = "postgres:alpine";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];
@ -67,14 +61,7 @@ in {
image = "redis:alpine";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];
@ -97,14 +84,7 @@ in {
image = "nextcloud:${nextcloudVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [
"nextcloud-db"

10
system/services/nginx-proxy-manager.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "jc21/nginx-proxy-manager:${nginxVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

28
system/services/paperless.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -16,14 +17,7 @@ in {
image = "flor1der/paperless-nextcloud-sync:${paperlessNCVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];
@ -59,14 +53,7 @@ in {
image = "redis:7";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];
@ -87,14 +74,7 @@ in {
image = "postgres:15";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/plex.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "plexinc/pms-docker:${plexVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [
# "pihole"

10
system/services/portainer-agent.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -13,14 +14,7 @@ in {
image = "portainer/agent:${portainerVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/portainer.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -12,14 +13,7 @@ in {
image = "portainer/portainer-ce:${portainerVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/prowlarr.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/prowlarr:${prowlarrVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/pulse.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "rcourtman/pulse:${pulseVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/radarr.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/radarr:${radarrVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/sabnzbd-movies.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/sabnzbd:${sabnzbdVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/sabnzbd-shows.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/sabnzbd:${sabnzbdVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/sonarr.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "linuxserver/sonarr:${sonarrVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/teamspeak.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "teamspeaksystems/teamspeak6-server:${teamspeakVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/tinymediamanager.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "tinymediamanager/tinymediamanager:${version}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [];

10
system/services/whats-up-docker.nix
View File

@ -1,4 +1,5 @@
{
mylib,
config,
lib,
pkgs,
@ -11,14 +12,7 @@ in {
image = "getwud/wud:${wudVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
login = mylib.containers.mkDockerLogin config;
dependsOn = [
# "pihole"

53
system/thinknix/default.nix
View File

@ -46,52 +46,13 @@
useNetworkManager = false;
networks = {
# "10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
# interface = "ens18";
# ips = ["192.168.86.26/24" "fd00::1a/64"];
# routers = ["192.168.86.5" "fd00::5"];
# nameservers = ["8.8.8.8" "2001:4860:4860::8888"]; # NOTE: Use reliable DNS for servers instead of 127.0.0.1
# routable = true;
# };
# TODO: mylib.networking.mkStaticSystemdNetwork needs improvement to accomodate for this
"10-ether-1G" = rec {
enable = true;
# See man systemd.link, man systemd.netdev, man systemd.network
matchConfig = {
# This corresponds to the [MATCH] section
Name = "ens18"; # Match ethernet interface
};
# Static IP + DNS + Gateway
address = ["192.168.86.26/24"];
gateway = ["192.168.86.5"]; # Don't add "fd00::5", rely on router advertisement instead
dns = ["8.8.8.8" "8.8.4.4" "2001:4860:4860::8888" "2001:4860:4860::8844"];
routes = builtins.map (r: {Gateway = r;}) gateway;
# See man systemd.network
networkConfig = {
# This corresponds to the [NETWORK] section
DHCP = "no";
IPv6AcceptRA = "yes"; # Accept Router Advertisements
# MulticastDNS = "no";
# LLMNR = "no";
# LinkLocalAddressing = "ipv6";
};
addresses = [
{
# Don't add this to address, we don't want to create any routes with this
Address = "fd00::1a/64"; # IPv6 Unique-Local Address (ULA)
}
];
linkConfig = {
# This corresponds to the [LINK] section
RequiredForOnline = "routable";
};
"10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
interface = "ens18";
ips = ["192.168.86.26/24"];
routers = ["192.168.86.5"]; # Don't add "fd00::5", rely on router advertisement instead
nameservers = ["8.8.8.8" "8.8.4.4" "2001:4860:4860::8888" "2001:4860:4860::8844"]; # NOTE: Use reliable DNS for servers instead of 127.0.0.1
routable = true;
extraAddresses = ["fd00::1a/64"]; # IPv6 ULA — declared without creating a route
};
};