nki/nix-home
1
0
Fork 0
Code Issues Pull requests 2 Packages Projects Releases Wiki Activity

Compare commits

base: nki:ea5aacd63daa95ee11666d16776835b0f397287b
Branches Tags
nki:master
nki:kakoune-package
nki:move-s3
nki:build-farm
nki:remove-macbook
nki:24.05
nki:peertube
nki:invi
nki:local-net
nki:test
..
compare: nki:fbcc19fc97d5e01ab411fa0f3da54b170b80fd82
Branches Tags
nki:master
nki:kakoune-package
nki:move-s3
nki:build-farm
nki:remove-macbook
nki:24.05
nki:peertube
nki:invi
nki:local-net
nki:test

4 commits
ea5aacd63d ... fbcc19fc97

Author SHA1 Message Date
Natsu Kagami fbcc19fc97
Add peertube-runner service to nki-home 2024-04-18 15:58:16 +02:00
Natsu Kagami 3e3a433bca
Universally add polkit 2024-04-18 14:56:52 +02:00
Natsu Kagami 94ce7860bb
Add /mnt/osu mount 2024-04-18 14:56:30 +02:00
Natsu Kagami c834fd0ef7
Update nixpkgs-unstable 2024-04-18 00:40:27 +02:00
7 changed files with 107 additions and 32 deletions
Show stats Expand all files Collapse all files

6
flake.lock
View file

@ -1056,11 +1056,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1712849433, "lastModified": 1713254108,
"narHash": "sha256-flQtf/ZPJgkLY/So3Fd+dGilw2DKIsiwgMEn7BbBHL0=", "narHash": "sha256-0TZIsfDbHG5zibtlw6x0yOp3jkInIGaJ35B7Y4G8Pec=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "f173d0881eff3b21ebb29a2ef8bedbc106c86ea5", "rev": "2fd19c8be2551a61c1ddc3d9f86d748f4db94f00",
"type": "github" "type": "github"
}, },
"original": { "original": {

4
home/macbook-nixos.nix
View file

@ -106,10 +106,6 @@ in
}; };
# Autostart # Autostart
xdg.configFile."autostart/polkit.desktop".text = ''
${builtins.readFile "${pkgs.pantheon.pantheon-agent-polkit}/etc/xdg/autostart/io.elementary.desktop.agent-polkit.desktop"}
OnlyShowIn=sway;
'';
xdg.configFile."autostart/input-remapper-autoload.desktop".source = xdg.configFile."autostart/input-remapper-autoload.desktop".source =
"${pkgs.input-remapper}/share/applications/input-remapper-autoload.desktop"; "${pkgs.input-remapper}/share/applications/input-remapper-autoload.desktop";

10
home/modules/linux/graphical/default.nix
View file

@ -167,6 +167,7 @@ in
qt.style.package = pkgs.adwaita-qt; qt.style.package = pkgs.adwaita-qt;
qt.style.name = "adwaita"; qt.style.name = "adwaita";
xdg.configFile = xdg.configFile =
let let
f = pkg: { f = pkg: {
@ -184,8 +185,15 @@ in
"${srcFile}/${pkg.name}.desktop"; "${srcFile}/${pkg.name}.desktop";
}; };
}; };
autoStartup = listToAttrs (map f (cfg.startup ++ alwaysStartup));
in in
listToAttrs (map f (cfg.startup ++ alwaysStartup)); autoStartup // {
## Polkit UI
"autostart/polkit.desktop".text = ''
${builtins.readFile "${pkgs.pantheon.pantheon-agent-polkit}/etc/xdg/autostart/io.elementary.desktop.agent-polkit.desktop"}
OnlyShowIn=sway;
'';
};
# IBus configuration # IBus configuration
# dconf.settings."desktop/ibus/general" = { # dconf.settings."desktop/ibus/general" = {
# engines-order = hm.gvariant.mkArray hm.gvariant.type.string [ "xkb:jp::jpn" "mozc-jp" "Bamboo" ]; # engines-order = hm.gvariant.mkArray hm.gvariant.type.string [ "xkb:jp::jpn" "mozc-jp" "Bamboo" ];

42
home/osu.nix
View file

@ -1,29 +1,29 @@
{ pkgs, lib, ... }: { pkgs, lib, ... }:
let let
# osu-pkg = pkgs.unstable.osu-lazer-bin; osu-pkg = pkgs.unstable.osu-lazer-bin;
osu-pkg = with pkgs; with lib; # osu-pkg = with pkgs; with lib;
appimageTools.wrapType2 rec { # appimageTools.wrapType2 rec {
pname = "osu-lazer-bin"; # pname = "osu-lazer-bin";
version = "2024.312.1"; # version = "2024.312.1";
src = pkgs.fetchurl { # src = pkgs.fetchurl {
url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage"; # url = "https://github.com/ppy/osu/releases/download/${version}/osu.AppImage";
hash = "sha256-1dzgs1p3/pf4eCdKvQ9JxowN+oBPBNaZv5e6qHeFPEM="; # hash = "sha256-1dzgs1p3/pf4eCdKvQ9JxowN+oBPBNaZv5e6qHeFPEM=";
}; # };
extraPkgs = pkgs: with pkgs; [ icu ]; # extraPkgs = pkgs: with pkgs; [ icu ];
extraInstallCommands = # extraInstallCommands =
let contents = appimageTools.extract { inherit pname version src; }; # let contents = appimageTools.extract { inherit pname version src; };
in # in
'' # ''
mv -v $out/bin/${pname}-${version} $out/bin/osu\! # mv -v $out/bin/${pname}-${version} $out/bin/osu\!
install -m 444 -D ${contents}/osu\!.desktop -t $out/share/applications # install -m 444 -D ${contents}/osu\!.desktop -t $out/share/applications
for i in 16 32 48 64 96 128 256 512 1024; do # for i in 16 32 48 64 96 128 256 512 1024; do
install -D ${contents}/osu\!.png $out/share/icons/hicolor/''${i}x$i/apps/osu\!.png # install -D ${contents}/osu\!.png $out/share/icons/hicolor/''${i}x$i/apps/osu\!.png
done # done
''; # '';
}; # };
in in
{ {
home.packages = [ osu-pkg ]; home.packages = [ osu-pkg ];

2
nki-home/configuration.nix
View file

@ -18,6 +18,7 @@ with lib;
../modules/services/edns ../modules/services/edns
# Other services # Other services
../modules/personal/u2f.nix ../modules/personal/u2f.nix
./peertube-runner.nix
]; ];
# Kernel # Kernel
@ -101,6 +102,7 @@ with lib;
"/mnt/Data" = ntfsMount "/dev/disk/by-uuid/A90680F8BBE62FE3"; "/mnt/Data" = ntfsMount "/dev/disk/by-uuid/A90680F8BBE62FE3";
"/mnt/Stuff" = ntfsMount "/dev/disk/by-uuid/717BF2EE20BB8A62"; "/mnt/Stuff" = ntfsMount "/dev/disk/by-uuid/717BF2EE20BB8A62";
"/mnt/Shared" = ntfsMount "/dev/disk/by-uuid/76AC086BAC0827E7"; "/mnt/Shared" = ntfsMount "/dev/disk/by-uuid/76AC086BAC0827E7";
"/mnt/osu" = ntfsMount "/dev/disk/by-uuid/530D3E1648CD1C26";
}; };
# PAM # PAM

67
nki-home/peertube-runner.nix Normal file
View file

@ -0,0 +1,67 @@
{ config, pkgs, lib, ... }:
let
user = "peertube-runner-nodejs";
instance = "systemd-instance";
in
{
sops.secrets."peertube/dtth-key" = {
restartUnits = [ "peertube-runner.service" ];
};
users.groups.${user} = { };
users.users.${user} = {
isSystemUser = true;
group = user;
};
sops.templates."peertube-config.toml".owner = user;
sops.templates."peertube-config.toml".content = ''
[jobs]
concurrency = 2
[ffmpeg]
threads = 12
nice = 20
[[registeredInstances]]
url = "https://peertube.dtth.ch"
runnerToken = "${config.sops.placeholder."peertube/dtth-key"}"
runnerName = "kagamipc"
'';
environment.etc."${user}/${instance}/config.toml".source = config.sops.templates."peertube-config.toml".path;
systemd.services.peertube-runner = {
description = "PeerTube runner daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
requires = [ ];
serviceConfig =
{
ExecStart = "${lib.getExe' pkgs.peertube.runner "peertube-runner"} server --id ${instance}";
User = user;
RuntimeDirectory = user;
StateDirectory = user;
CacheDirectory = user;
# Hardening
ProtectSystem = "full";
PrivateDevices = false;
NoNewPrivileges = true;
ProtectHome = true;
CapabilityBoundingSet = "~CAP_SYS_ADMIN";
};
environment = {
NODE_ENV = "production";
# Override XDG values to fit env-path
# https://github.com/sindresorhus/env-paths/blob/main/index.js
XDG_DATA_HOME = "/run";
XDG_CONFIG_HOME = "/etc";
XDG_CACHE_HOME = "/var/cache";
XDG_STATE_HOME = "/var/lib";
};
path = with pkgs; [ nodejs ffmpeg ];
};
}

8
nki-home/secrets/secrets.yaml
View file

@ -11,6 +11,8 @@ scrobble:
dtth-wg: dtth-wg:
private-key: ENC[AES256_GCM,data:ySxPGzOplKwNLxRnPNw7If7xzxMwRkwTasT7FaQE9n5YB04R+gaQVjDqPqg=,iv:f5t94bUoo9sCGGwWytiuhg5jcKjzRjbR3Q0OIM28VDU=,tag:fJos9Hb9XytQbfGaPMa1/A==,type:str] private-key: ENC[AES256_GCM,data:ySxPGzOplKwNLxRnPNw7If7xzxMwRkwTasT7FaQE9n5YB04R+gaQVjDqPqg=,iv:f5t94bUoo9sCGGwWytiuhg5jcKjzRjbR3Q0OIM28VDU=,tag:fJos9Hb9XytQbfGaPMa1/A==,type:str]
preshared-key: ENC[AES256_GCM,data:96q0ZfvPz4pb53XvTGameVkcETamYH8Xbv69672RBdacH6QjRCCVvPnBTfA=,iv:Q2Yonb07/Uu6KidhMgRX4zJuNU1ZySNC7g/5TwpMU80=,tag:1qQQdk20yIQlGZmX+/25RA==,type:str] preshared-key: ENC[AES256_GCM,data:96q0ZfvPz4pb53XvTGameVkcETamYH8Xbv69672RBdacH6QjRCCVvPnBTfA=,iv:Q2Yonb07/Uu6KidhMgRX4zJuNU1ZySNC7g/5TwpMU80=,tag:1qQQdk20yIQlGZmX+/25RA==,type:str]
peertube:
dtth-key: ENC[AES256_GCM,data:Gu7qOisVBZrFXKBr51165FJ7Ej4hV+lIf3AMC02R3UFNXOnTHF2xC8E=,iv:F83FuD1VjZEJFMcx3gkQuKCpJmYdHtO15fRHkYdMxJM=,tag:ScH42Tr5ZsIo9JMnXhylSw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -44,8 +46,8 @@ sops:
bUhIT0Z2b1dVWGNyS1hRVFRyZTA4d00KchP7EhSOMwBl5vFuuskzosRoi8jUu1sw bUhIT0Z2b1dVWGNyS1hRVFRyZTA4d00KchP7EhSOMwBl5vFuuskzosRoi8jUu1sw
hVjJNF2a40ewgkQgVAoWEzirHbknbQORzmepDDRth7Bve3UQU64+GA== hVjJNF2a40ewgkQgVAoWEzirHbknbQORzmepDDRth7Bve3UQU64+GA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2023-04-29T13:03:22Z" lastmodified: "2024-04-18T13:34:51Z"
mac: ENC[AES256_GCM,data:ZNDRS6LLy89TZoW27c57RMnjs6M/GBH0XfKKlrhys8gL7+I0V/++ry59VDbLxvqS4nPR4C5hk777+B5dqnseyYW2xRT3NKYxocCQu5kO6A8L/wB00j3bm3SSIGwLcKJPibEqi7ymU53K0bmZdjRMChkBwv3CnDNkM3Dc6rvZ2DM=,iv:Z1ZjnYW1Yk+oEzNknQDytTengjKxcud95LZTFfKMnpw=,tag:pnZ+UGQWuRCKoTll00oUKA==,type:str] mac: ENC[AES256_GCM,data:cinVE1pHSgjCRPIDwANzR0oHw7zdN8DVDQKkhXT5j+dGiaFzNvLoYyMcEsjoxAjEdup3YMo+Vg6I4C94AUCrTn7N9BGjnGFVQz3m9q13zORi1+HWam0VItBzJm1iIo8x0PPs79OBaIHVUFAz8r4DW46P/LQISl9MQSDpCCTjVVk=,iv:2VAehWaoh2lNZM8jlmt+dqo5eeHfcr++eAdQfm/tCcM=,tag:QSnbObe3046AnFpK3Y01Eg==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.7.3 version: 3.8.1