diff --git a/flake.nix b/flake.nix index 5a43e32..48e5ffc 100644 --- a/flake.nix +++ b/flake.nix @@ -247,7 +247,10 @@ nixos-hardware.nixosModules.common-pc-ssd ./loki/hardware-configuration.nix ./loki/configuration.nix - { home-manager.users.bertof = import ./loki/hm.nix; } + { + home-manager.users.bertof = import ./loki/hm.nix; + home-manager.users.tiziano = import ./loki/hm_tiziano.nix; + } ]; }; }; diff --git a/hm_modules/development/docker.nix b/hm_modules/development/docker.nix index 39684ad..6b8ea0d 100644 --- a/hm_modules/development/docker.nix +++ b/hm_modules/development/docker.nix @@ -5,5 +5,11 @@ ] ++ lib.optionals config.programs.helix.enable [ nodePackages.dockerfile-language-server-nodejs ]; + home.shellAliases = { + "dkcd" = "docker-compose down"; + "dkc" = "docker-compose"; + "dkcu" = "docker-compose up"; + "dk" = "docker"; + }; } diff --git a/hm_modules/shell_aliases.nix b/hm_modules/shell_aliases.nix index 3ca1bb9..5ae578d 100644 --- a/hm_modules/shell_aliases.nix +++ b/hm_modules/shell_aliases.nix @@ -1,9 +1,5 @@ { home.shellAliases = { - "dkcd" = "docker-compose down"; - "dkc" = "docker-compose"; - "dkcu" = "docker-compose up"; - "dk" = "docker"; "jc" = "sudo journalctl"; "jcu" = "journalctl --user"; "nb" = "nix build"; diff --git a/hm_modules/syncthing.nix b/hm_modules/syncthing.nix index 66ea77d..18fe288 100644 --- a/hm_modules/syncthing.nix +++ b/hm_modules/syncthing.nix @@ -1 +1 @@ -{ services.syncthing = { enable = true; }; } +{ services.syncthing = { enable = true; extraOptions = [ "--gui-address=http://0.0.0.0:8384" ]; }; } diff --git a/hm_modules/syncthing_tiziano.nix b/hm_modules/syncthing_tiziano.nix new file mode 100644 index 0000000..e6317e5 --- /dev/null +++ b/hm_modules/syncthing_tiziano.nix @@ -0,0 +1,2 @@ +{ services.syncthing = { enable = true; extraOptions = [ "--gui-address=http://0.0.0.0:8385" ]; }; } + diff --git a/loki/configuration.nix b/loki/configuration.nix index b294feb..b929821 100644 --- a/loki/configuration.nix +++ b/loki/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ pkgs, lib, ... }: with lib; { boot = { binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; @@ -140,13 +140,13 @@ with lib; { in { bertof = recursiveUpdate common { - path = "/mnt/raid0/bertof"; + path = "/home/bertof/"; comment = "Bertof samba share"; "force user" = "bertof"; "valid users" = "bertof"; }; tiziano = recursiveUpdate common { - path = "/mnt/raid0/tiziano"; + path = "/home/tiziano/"; comment = "Tiziano samba share"; "force user" = "tiziano"; "valid users" = "tiziano"; @@ -160,27 +160,6 @@ with lib; { "force create mode" = "0660"; "force directory mode" = "2770"; }; - bertof_safe = recursiveUpdate common { - path = "/mnt/raid1/bertof"; - comment = "Bertof samba share"; - "force user" = "bertof"; - "valid users" = "bertof"; - }; - tiziano_safe = recursiveUpdate common { - path = "/mnt/raid1/tiziano"; - comment = "Tiziano samba share"; - "force user" = "tiziano"; - "valid users" = "tiziano"; - }; - condiviso_safe = recursiveUpdate common { - path = "/mnt/raid1/condiviso"; - comment = "Samba share condiviso"; - "valid users" = "bertof tiziano"; - "create mask" = "0770"; - "directory mask" = "2770"; - "force create mode" = "0660"; - "force directory mode" = "2770"; - }; }; }; smartd = { @@ -248,9 +227,15 @@ with lib; { }; tiziano = { isNormalUser = true; + extraGroups = [ + "audio" + "input" + "video" + ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMExwtJFk6HjySrTZwJH67SOHC3hlL28NO4oe2GXsv6k" ]; + shell = pkgs.zsh; }; jellyfin.extraGroups = [ "video" ]; }; @@ -259,21 +244,34 @@ with lib; { configs = let commonExtraConfig = '' - ALLOW_USERS="bertof" TIMELINE_CREATE=yes TIMELINE_CLEANUP=yes ''; in { bertof_raid0 = { - subvolume = "/mnt/raid0/bertof"; + subvolume = "/home/bertof/raid0"; extraConfig = '' ALLOW_USERS="bertof" ${commonExtraConfig} ''; }; tiziano_raid0 = { - subvolume = "/mnt/raid0/tiziano"; + subvolume = "/home/tiziano/raid0"; + extraConfig = '' + ALLOW_USERS="tiziano" + ${commonExtraConfig} + ''; + }; + bertof_raid1 = { + subvolume = "/home/bertof/raid1"; + extraConfig = '' + ALLOW_USERS="bertof" + ${commonExtraConfig} + ''; + }; + tiziano_raid1 = { + subvolume = "/home/tiziano/raid1"; extraConfig = '' ALLOW_USERS="tiziano" ${commonExtraConfig} @@ -286,73 +284,16 @@ with lib; { ${commonExtraConfig} ''; }; + condiviso_raid1 = { + subvolume = "/mnt/raid1/condiviso"; + extraConfig = '' + ALLOW_USERS="bertof tiziano" + ${commonExtraConfig} + ''; + }; }; }; - systemd.packages = with pkgs; [ syncthing ]; - systemd.services = - let - common = { - documentation = [ "man:syncthing(1)" ]; - startLimitIntervalSec = 60; - startLimitBurst = 4; - after = [ "network.target" ]; - environment = { - STNORESTART = "yes"; - STNOUPGRADE = "yes"; - }; - wantedBy = [ "default.target" ]; - serviceConfig = { - Restart = "on-failure"; - RestartSec = 1; - SuccessExitStatus = "3 4"; - RestartForceExitStatus = "3 4"; - - Group = config.ids.gids.users; - MemoryDenyWriteExecute = true; - NoNewPrivileges = true; - PrivateDevices = true; - PrivateMounts = true; - PrivateTmp = true; - PrivateUsers = true; - ProtectControlGroups = true; - ProtectHostname = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - RestrictNamespaces = true; - RestrictRealtime = true; - RestrictSUIDSGID = true; - CapabilityBoundingSet = [ - "~CAP_SYS_PTRACE" - "~CAP_SYS_ADMIN" - "~CAP_SETGID" - "~CAP_SETUID" - "~CAP_SETPCAP" - "~CAP_SYS_TIME" - "~CAP_KILL" - ]; - }; - }; - in - { - syncthing-bertof = recursiveUpdate common { - description = "Syncthing service bertof"; - serviceConfig = { - User = "bertof"; - ExecStart = - "${pkgs.syncthing}/bin/syncthing -no-browser -gui-address=0.0.0.0:8384 -home=/mnt/raid0/bertof/Syncthing/.config"; - }; - }; - syncthing-tiziano = recursiveUpdate common { - description = "Syncthing service tiziano"; - serviceConfig = { - User = "tiziano"; - ExecStart = - "${pkgs.syncthing}/bin/syncthing -no-browser -gui-address=0.0.0.0:8385 -home=/mnt/raid0/tiziano/Syncthing/.config"; - }; - }; - }; - networking.firewall = { enable = true; allowPing = true; diff --git a/loki/hardware-configuration.nix b/loki/hardware-configuration.nix index 6355fb9..75a69f1 100644 --- a/loki/hardware-configuration.nix +++ b/loki/hardware-configuration.nix @@ -1,10 +1,9 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { config, lib, modulesPath, ... }: { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; boot.initrd.availableKernelModules = [ "xhci_pci" @@ -29,27 +28,10 @@ fsType = "vfat"; }; - fileSystems."/mnt/raid1" = { - device = "/dev/disk/by-uuid/c84a38dc-9cc7-4762-b509-8fce1c1d95c8"; - fsType = "btrfs"; - }; - - fileSystems."/var/lib/docker/btrfs" = { - device = "/var/lib/docker/btrfs"; - fsType = "none"; - options = [ "bind" ]; - }; - - fileSystems."/mnt/raid0/bertof" = { + fileSystems."/var/lib/zoneminder/events" = { device = "/dev/disk/by-uuid/7ca4d382-eed7-4b49-b7d8-4b5ca139dd9c"; fsType = "btrfs"; - options = [ "subvol=@bertof" ]; - }; - - fileSystems."/mnt/raid0/tiziano" = { - device = "/dev/disk/by-uuid/7ca4d382-eed7-4b49-b7d8-4b5ca139dd9c"; - fsType = "btrfs"; - options = [ "subvol=@tiziano" ]; + options = [ "subvol=@zoneminder" ]; }; fileSystems."/mnt/raid0/condiviso" = { @@ -58,10 +40,58 @@ options = [ "subvol=@condiviso" ]; }; - fileSystems."/var/lib/zoneminder/events" = { + fileSystems."/mnt/raid1/condiviso" = { + device = "/dev/disk/by-uuid/c84a38dc-9cc7-4762-b509-8fce1c1d95c8"; + fsType = "btrfs"; + options = [ "subvol=@condiviso" ]; + }; + + fileSystems."/home/bertof/raid0" = { device = "/dev/disk/by-uuid/7ca4d382-eed7-4b49-b7d8-4b5ca139dd9c"; fsType = "btrfs"; - options = [ "subvol=@zoneminder" ]; + options = [ "subvol=@bertof" ]; + }; + + fileSystems."/home/bertof/raid1" = { + device = "/dev/disk/by-uuid/c84a38dc-9cc7-4762-b509-8fce1c1d95c8"; + fsType = "btrfs"; + options = [ "subvol=@bertof" ]; + }; + + fileSystems."/home/tiziano/raid0" = { + device = "/dev/disk/by-uuid/7ca4d382-eed7-4b49-b7d8-4b5ca139dd9c"; + fsType = "btrfs"; + options = [ "subvol=@tiziano" ]; + }; + + fileSystems."/home/tiziano/raid1" = { + device = "/dev/disk/by-uuid/c84a38dc-9cc7-4762-b509-8fce1c1d95c8"; + fsType = "btrfs"; + options = [ "subvol=@tiziano" ]; + }; + + fileSystems."/home/tiziano/Condiviso/raid1" = { + device = "/dev/disk/by-uuid/c84a38dc-9cc7-4762-b509-8fce1c1d95c8"; + fsType = "btrfs"; + options = [ "subvol=@condiviso" ]; + }; + + fileSystems."/home/tiziano/Condiviso/raid0" = { + device = "/dev/disk/by-uuid/7ca4d382-eed7-4b49-b7d8-4b5ca139dd9c"; + fsType = "btrfs"; + options = [ "subvol=@condiviso" ]; + }; + + fileSystems."/home/bertof/Condiviso/raid0" = { + device = "/dev/disk/by-uuid/7ca4d382-eed7-4b49-b7d8-4b5ca139dd9c"; + fsType = "btrfs"; + options = [ "subvol=@condiviso" ]; + }; + + fileSystems."/home/bertof/Condiviso/raid1" = { + device = "/dev/disk/by-uuid/c84a38dc-9cc7-4762-b509-8fce1c1d95c8"; + fsType = "btrfs"; + options = [ "subvol=@condiviso" ]; }; swapDevices = [ ]; @@ -70,12 +100,12 @@ # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault false; + # networking.useDHCP = lib.mkDefault true; # networking.interfaces.docker0.useDHCP = lib.mkDefault true; - networking.interfaces.eno1.useDHCP = lib.mkDefault true; - networking.interfaces.wlp7s0.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp7s0.useDHCP = lib.mkDefault true; # networking.interfaces.ztmjfdwjkp.useDHCP = lib.mkDefault true; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/loki/hm.nix b/loki/hm.nix index 64ae272..f181b4c 100644 --- a/loki/hm.nix +++ b/loki/hm.nix @@ -1,44 +1,16 @@ -{ pkgs, ... }: { - nixpkgs.overlays = [ - (_: _: { - devEnvironment = (import ./environment.nix) { - # enableCpp = true; - enableData = true; - # enableGo = true; - # enableHtml = true; - # enableJavascript = true; - # enableJava = true; - # enableLatex = true; - enableNix = true; - # enableOffice = true; - # enablePython = true; - # enableRust = true; - enableShell = true; - # enableSpelling = true; - }; - }) - ]; +{ home = { language.base = "it_IT.UTF-8"; keyboard = { layout = "it"; options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ]; }; - packages = with pkgs; [ - file - htop - neofetch - ripgrep - wget - xclip - yq - ]; }; imports = [ ../hm_modules/__basic.nix # ../hm_modules/development/cpp.nix - ../hm_modules/development/data.nix + # ../hm_modules/development/data.nix # ../hm_modules/development/go.nix # ../hm_modules/development/javascript.nix # ../hm_modules/development/latex.nix @@ -46,30 +18,12 @@ # ../hm_modules/development/python.nix # ../hm_modules/development/rust.nix - ../hm_modules/fonts.nix - ../hm_modules/bash.nix - ../hm_modules/bat.nix - ../hm_modules/bottom.nix - ../hm_modules/broot.nix - ../hm_modules/dircolors.nix - ../hm_modules/direnv.nix - ../hm_modules/git.nix - ../hm_modules/gpg.nix ../hm_modules/helix.nix - ../hm_modules/info.nix - ../hm_modules/jq.nix - # ../hm_modules/kakoune.nix - ../hm_modules/keychain.nix + ../hm_modules/kakoune.nix ../hm_modules/kitty.nix ../hm_modules/lf.nix - ../hm_modules/man.nix ../hm_modules/megasync.nix - ../hm_modules/noti.nix - ../hm_modules/ssh.nix - ../hm_modules/starship.nix - ../hm_modules/tmux.nix - ../hm_modules/zoxide.nix - ../hm_modules/zsh.nix + ../hm_modules/syncthing.nix ../hm_modules/shell_aliases.nix ]; diff --git a/loki/hm_tiziano.nix b/loki/hm_tiziano.nix new file mode 100644 index 0000000..0b8c1cb --- /dev/null +++ b/loki/hm_tiziano.nix @@ -0,0 +1,22 @@ +{ + home = { + language.base = "it_IT.UTF-8"; + keyboard = { + layout = "it"; + options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ]; + }; + }; + imports = [ + ../hm_modules/__basic.nix + + ../hm_modules/helix.nix + ../hm_modules/kakoune.nix + ../hm_modules/kitty.nix + ../hm_modules/lf.nix + ../hm_modules/syncthing_tiziano.nix + + ../hm_modules/shell_aliases.nix + ]; + + home.stateVersion = "21.11"; +}