jonas/nixos
1
0
Fork 0
mirror of https://github.com/Ascyii/nixos.git synced 2026-01-01 06:44:26 -05:00
Code Issues Packages Projects Releases Wiki Activity

Some lsp refactor. Made webdav finally work with some internet search

Browse Source
This commit is contained in:
Jonas Hahn
2025-08-31 22:38:24 +02:00
parent b781a9f492
commit 85fbdb5795
14 changed files with 224 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
.sops.yaml
View File

@@ -1,2 +1,19 @@
# Documentation https://github.com/Mic92/sops-nix
# For example see here https://github.com/Mic92/dotfiles/blob/d6114726d859df36ccaa32891c4963ae5717ef7f/nixos/.sops.yaml
# Get the public host key with
# nix-shell -p ssh-to-age --run 'cat /etc/ssh/ssh_host_ed25519_key.pub | ssh-to-age'
# The user key should be in ~/.config/sops/age/keys.txt
keys: keys:
- &primary age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv - &jonas age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv
- &minoxy age1qddfn6apphafe4muvvv3vguxewa03ay2jlgqkng3uwwzfjw204dsfpt0uu
creation_rules:
- path_regex: secrets.yaml
key_groups:
- age:
- *jonas
- *minoxy

15
flake.nix
View File

@@ -4,18 +4,23 @@
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-25.05"; nixpkgs.url = "nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
xremap-flake.url = "github:xremap/nix-flake?rev=8001f37b1ffe86e76b62f36afadee2f4acf90e70"; # One commit behind head
xremap-flake.url =
"github:xremap/nix-flake?rev=8001f37b1ffe86e76b62f36afadee2f4acf90e70"; # One commit behind head
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, sops-nix, home-manager, ... }@inputs: outputs =
{ self, nixpkgs, nixpkgs-unstable, sops-nix, home-manager, ... }@inputs:
let let
system = "x86_64-linux"; system = "x86_64-linux";
@@ -24,9 +29,7 @@
}; };
helperModules = [ helperModules = [
({ config, pkgs, ... }: { ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
nixpkgs.overlays = [ overlay-unstable ];
})
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
@@ -40,7 +43,7 @@
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = [ path ] ++ helperModules; modules = [ path sops-nix.nixosModules.sops ] ++ helperModules;
}; };
in { in {
nixosConfigurations = { nixosConfigurations = {

3
hosts/minoxy-workstation/configuration.nix
View File

@@ -6,7 +6,8 @@
./../../user/users.nix ./../../user/users.nix
./../../modules/common.nix ./../../modules/essential.nix
./../../modules/common/sops.nix
./../../modules/services/webdav.nix ./../../modules/services/webdav.nix

3
hosts/nixyos-asus/configuration.nix
View File

@@ -6,7 +6,8 @@
./../../user/users.nix ./../../user/users.nix
./../../modules/common.nix ./../../modules/essential.nix
./../../modules/common/sops.nix
./../../modules/hardware/xremap.nix ./../../modules/hardware/xremap.nix
./../../modules/hardware/boot.nix ./../../modules/hardware/boot.nix

3
hosts/thinix-thinkpad/configuration.nix
View File

@@ -6,7 +6,8 @@
./../../user/users.nix ./../../user/users.nix
./../../modules/common.nix ./../../modules/essential.nix
./../../modules/common/sops.nix
./../../modules/hardware/xremap.nix ./../../modules/hardware/xremap.nix
./../../modules/hardware/boot.nix ./../../modules/hardware/boot.nix

8
modules/common/sops.nix Normal file
View File

@@ -0,0 +1,8 @@
{ ... }:
{
sops.defaultSopsFile = ./../../secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.age.keyFile = "/var/lib/sops-nix/key.txt";
sops.age.generateKey = true;
}

1
modules/common.nix → modules/essential.nix
View File

@@ -3,6 +3,7 @@
{ {
# Basic services # Basic services
services.locate.enable = true; services.locate.enable = true;
services.openssh.enable = true;
# Nix fun # Nix fun
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;

6
modules/hardware/nvidia.nix
View File

@@ -1,10 +1,10 @@
{ config, ... }: { config, ... }:
{ {
hardware.graphics = { hardware.graphics = { enable = true; };
enable = true;
};
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
hardware.nvidia = { hardware.nvidia = {
modesetting.enable = true; modesetting.enable = true;
powerManagement.enable = false; powerManagement.enable = false;

4
modules/hardware/xremap.nix
View File

@@ -1,9 +1,7 @@
{ inputs, ... }: { inputs, ... }:
{ {
imports = [ imports = [ inputs.xremap-flake.nixosModules.default ];
inputs.xremap-flake.nixosModules.default
];
services.xremap = { services.xremap = {
withHypr = true; withHypr = true;

6
modules/laptop/battery.nix
View File

@@ -1,9 +1,7 @@
{ config, lib, ... }: { config, lib, ... }:
let let inherit (lib) mkOption types;
inherit (lib) mkOption types; in {
in
{
options.batMode = mkOption { options.batMode = mkOption {
type = types.enum [ "single" "double" ]; type = types.enum [ "single" "double" ];

6
modules/laptop/powersave.nix
View File

@@ -1,9 +1,5 @@
{ ... }: { ... }:
{ {
networking = { networking = { networkmanager = { wifi.powersave = true; }; };
networkmanager = {
wifi.powersave = true;
};
};
} }

26
modules/services/webdav.nix
View File

@@ -1,20 +1,22 @@
{ inputs, ... }: { ... }:
{ {
imports = [ inputs.sops-nix.nixosModules.sops ];
# For web mounting # For web mounting
services.davfs2.enable = true; services.davfs2.enable = true;
# Maybe the failed encryption is due to the btrfs system please remove this in the future # Load the secret
sops = { sops = {
defaultSopsFile = ./../../secrets.yaml; secrets = {
age.keyFile = "/home/jonas/.config/sops/age/keys.txt"; webdav_authstring = {
secrets = { webdav_secret = { path = "/etc/davfs2/secrets"; }; }; mode = "0600";
path = "/etc/davfs2/secrets";
};
};
}; };
systemd.mounts = [{ systemd.mounts = [{
description = "WebDAV mount point"; description = "Webdav mount point";
after = [ "network-online.target" ];
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
what = "https://dav.hahn1.one"; what = "https://dav.hahn1.one";
where = "/mnt/webdav"; where = "/mnt/webdav";
@@ -22,4 +24,12 @@
options = "uid=1000,gid=1000,file_mode=0664,dir_mode=2775,_netdev"; options = "uid=1000,gid=1000,file_mode=0664,dir_mode=2775,_netdev";
mountConfig.TimeoutSec = "5s"; mountConfig.TimeoutSec = "5s";
}]; }];
# Is this too much power drain?
systemd.automounts = [{
description = "Webdav automount";
where = "/mnt/webdav";
wantedBy = [ "multi-user.target" ];
automountConfig = { TimeoutIdleSec = "2m"; };
}];
} }

25
secrets.yaml
View File

@@ -1,16 +1,25 @@
webdav_secret: ENC[AES256_GCM,data:OZyEFW/Aw2dPqZFvZoPWA/BBO7k/lzw0UVffuuEuNBTkjN+eHAxFZw==,iv:Y6kTyMb5wD5iJ1g6OHPiHGuu8qFjiduau0mjcS8KLjs=,tag:97OIL+aegLCMjlJM0SdJBg==,type:str] webdav_authstring: ENC[AES256_GCM,data:9Q9hEgwNjKs75/5KDok4DGQZ7EAJakcFYLLjehmVDzgdXJyv8D52oQ==,iv:dWGWgZXyw49zJqIbPdy4zpGzGk5H/m47DV08NB1w9go=,tag:PAVUDk8+6ZXlD8o8MHyD3Q==,type:str]
sops: sops:
age: age:
- recipient: age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv - recipient: age1a2kpues0gayampkn9pn2czhk24r0yl4jnw84qg4gh5l72dflx95qkmyqzv
enc: | enc: |
-----BEGIN AGE ENCRYPTED FILE----- -----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBncWNwT2F1ZkxhY3h4UFFs YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGV1BLWnpIWlVCMHRLRFJR
U2lpM3lXdVZqNDFiSTRTaDI4UFFDRk1QNUUwCnpvdjAzNFQ0dnJ5Wm52b1hBUUFL UXhBOGFNN2ZMd1JNVGhyOU12b1JaajNBYUh3CkZFNzR6NElhYldQbmtTTlpIK0sx
dzdHb0RwbU02Y3FzMkM2eFNPUzg2UGMKLS0tIDZrdXc1RFc5NUJNb0ZhclNuYUNX UUVZb3BqYWEwQUxiTklKeGJFYmxUaWcKLS0tIDExc1lqV3BITzA3ME9jM3FWU09V
dmFEc1hrR3czZTBzU2pLQ0ZUL3VPblEKRwy03xI+qiTMJsmG/pe/3WoB8c+vLtXo Q2p1UHVBNW54UnIydU5yM25OK0llRkUKnr2SftBM+rBFfakhoHL1UyVm9BIgmW05
kaYY18r3tICKfxQQyDWh3Gevo2+CGhblCcgJ3AnyWQBqIZwIudDuHw== ARXyD4DR2MF5pPRnE6s1avfocX4IObB0xNHeuOegXUYhKWlSkTztNw==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-31T02:50:46Z" - recipient: age1qddfn6apphafe4muvvv3vguxewa03ay2jlgqkng3uwwzfjw204dsfpt0uu
mac: ENC[AES256_GCM,data:Gl7cLnEJ3TVL4gS4CAZQESJyzVWqm3aSLN/doLBHnAYL/Shu42ygJuuT+jKdFXo4tXKjYJuvw7gmuoVFx0L23lRpqUeU4b9fExmJX/ZVGZwJC3nreFCBqx8LWkF2cGtZJ1HObu97EzlKBxQ8c/QZZ/v3C4pAfwxNNiVavu8BUfg=,iv:qeKjETggLjtCNCyuM2z5WX4JGPcxcN99QBPQmK/a0NE=,tag:NwV56PeRGcxsdn46lre2Sg==,type:str] enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhQUlLNm5wdHc1Q3VFZFZQ
eEN2VzkycStHQUlMK1MrdElrYTFJN0VCUFgwCjlsT1BpZVNWdzBmeDdSbXpTbEtB
MEhXVTJ1czRSLzdXQ0l2bzlLMU53ak0KLS0tIG5yUHVQSDk3eTJTenBDNXhGYXk2
SnM5V2VDMmxiRExqeFZrcm01ME5FRlUKCq047F8LGPCAdcpLBr66O4FVAt9q7Ug6
o5Dpn6Mo5c08tdF2m88Q1fXMSXIpfdTJCffIjk82WiU4M3Ni/8Mmaw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-31T20:35:46Z"
mac: ENC[AES256_GCM,data:trZFOIIrxWXpj5+qL1fWGYWBKlnkU+SSqra+k1S7NW3LtSsmx1ZW/qRCSoiFIJeP+jWEQ32S95d53Kt2Fw0hta+7r/rMc9MOwmy4U/ML66p0bj7A57QZQ1sbi3fkEbCSRU3G0es215I8Db7zeyBXBSfqoukBekcs3GsESBDVhkQ=,iv:Z2CNOzLWB/DRPoekiwroU4aftEhm2hYzXx9Vzmz7EA0=,tag:0PsB6B2RHu6l0EZlaYkqKA==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2