diff --git a/flake.nix b/flake.nix index 5659c43..95bc850 100755 --- a/flake.nix +++ b/flake.nix @@ -138,7 +138,7 @@ config.nixosModules.mantle config.nixosModules.crust inputs.home-manager.nixosModules.home-manager - inputs.lix-module.nixosModules.default + # inputs.lix-module.nixosModules.default inputs.nur.modules.nixos.default inputs.sops-nix.nixosModules.sops ]; @@ -149,7 +149,6 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - inputs.impermanence.nixosModules.impermanence # inputs.lix-module.nixosModules.default inputs.microvm.nixosModules.host inputs.sops-nix.nixosModules.sops @@ -161,7 +160,7 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - inputs.lix-module.nixosModules.default + # inputs.lix-module.nixosModules.default inputs.sops-nix.nixosModules.sops ]; iso = inputs.self.lib.mkLinuxSystem [ diff --git a/modules/config/instances/config/torrent.nix b/modules/config/instances/config/qbittorrent.nix similarity index 100% rename from modules/config/instances/config/torrent.nix rename to modules/config/instances/config/qbittorrent.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index e90e271..0eeac2d 100755 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -42,10 +42,8 @@ in gparted heroic imageViewing - # plasma hypr wayland - ivpn kolourPaint ledger libreOffice diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix index 5ab6ace..d820bbe 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/flake/selfHosted.nix @@ -17,11 +17,13 @@ let }) (builtins.map (service: instances.${service}.name) services); instanceList = [ + instances.firefly-iii.name instances.forgejo.name instances.jellyfin.name instances.mastodon.name + instances.ollama.name + instances.qbittorrent.name instances.vaultwarden.name - instances.firefly-iii.name ]; bookmarkConfigs = [ { diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/tools.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/tools.nix index 5039b7f..27e094d 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/tools.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/tools.nix @@ -2,6 +2,16 @@ name = "Tools"; toolbar = false; bookmarks = [ + { + name = "Backblaze"; + url = "https://secure.backblaze.com/b2_buckets.htm"; + tags = [ + "backblaze" + "cloud" + "storage" + ]; + keyword = "Back"; + } { name = "Google Docs"; url = "https://docs.google.com"; @@ -20,15 +30,6 @@ ]; keyword = "Sheets"; } - { - name = "IVPN"; - url = "https://www.ivpn.net"; - tags = [ - "ivpn" - "vpn" - ]; - keyword = "IVPN"; - } { name = "Mega"; url = "https://mega.io"; @@ -47,16 +48,6 @@ ]; keyword = "Migadu"; } - - { - name = "Mullvad"; - url = "https://mullvad.net"; - tags = [ - "mullvad" - "vpn" - ]; - keyword = "Mull"; - } { name = "Monkeytype"; url = "https://monkeytype.com/"; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 71ea442..d6517dd 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -10,9 +10,7 @@ in flatpak hypr wayland - ivpn network - ollamaMars plymouth tuios wireguard @@ -52,15 +50,16 @@ in comfyui firefly-iii forgejo + impermanence jellyfin mastodon microvm minecraft ollama projectSite + qbittorrent restic sambaCeres - torrent vaultwarden website zookeeper @@ -73,10 +72,9 @@ in inherit (modules) acme caddy - logrotate + impermanence microvm sambaEris - postgresEris ; }; }; diff --git a/modules/nixos/guests/torrent/default.nix b/modules/nixos/guests/qbittorrent/default.nix similarity index 99% rename from modules/nixos/guests/torrent/default.nix rename to modules/nixos/guests/qbittorrent/default.nix index b89cea1..b3e49f9 100755 --- a/modules/nixos/guests/torrent/default.nix +++ b/modules/nixos/guests/qbittorrent/default.nix @@ -7,8 +7,8 @@ let inherit (flake.config.people) user0; inherit (flake.config.services) instances; - serviceCfg = instances.torrent; - host = instances.torrent.domains.url0; + serviceCfg = instances.qbittorrent; + host = instances.qbittorrent.domains.url0; dns0 = instances.web.dns.provider0; dns0Path = "dns/${dns0}"; torrentPort = 51820; diff --git a/modules/nixos/guests/torrent/rqbit.nix b/modules/nixos/guests/qbittorrent/rqbit.nix similarity index 100% rename from modules/nixos/guests/torrent/rqbit.nix rename to modules/nixos/guests/qbittorrent/rqbit.nix diff --git a/modules/nixos/impermanence/default.nix b/modules/nixos/impermanence/default.nix new file mode 100755 index 0000000..97d18aa --- /dev/null +++ b/modules/nixos/impermanence/default.nix @@ -0,0 +1,6 @@ +{ flake, ... }: +{ + imports = [ + flake.inputs.impermanence.nixosModules.impermanence + ]; +} diff --git a/modules/nixos/services/samba/sambaCeres/default.nix b/modules/nixos/services/samba/sambaCeres/default.nix index c1af1a6..4f2d9cd 100755 --- a/modules/nixos/services/samba/sambaCeres/default.nix +++ b/modules/nixos/services/samba/sambaCeres/default.nix @@ -29,10 +29,24 @@ in "force create mode" = "0664"; "force directory mode" = "0775"; }; + "transfer" = { + path = "/mnt/transfer"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + "create mask" = "0664"; + "directory mask" = "0775"; + "force user" = user0; + "force group" = "users"; + }; }; }; }; + systemd.tmpfiles.rules = [ + "d /mnt/transfer 2775 ${user0} users -" + ]; + networking = { firewall = { allowedTCPPorts = [ diff --git a/systems/ceres/config/graphics.nix b/systems/ceres/config/graphics.nix index ca5e4c4..be7b52c 100755 --- a/systems/ceres/config/graphics.nix +++ b/systems/ceres/config/graphics.nix @@ -29,10 +29,16 @@ enable = true; enable32Bit = true; extraPackages = builtins.attrValues { - inherit (pkgs) nvidia-vaapi-driver libva-vdpau-driver; + inherit (pkgs) + nvidia-vaapi-driver + libva-vdpau-driver + ; }; extraPackages32 = builtins.attrValues { - inherit (pkgs.pkgsi686Linux) nvidia-vaapi-driver libva-vdpau-driver; + inherit (pkgs.pkgsi686Linux) + nvidia-vaapi-driver + libva-vdpau-driver + ; }; }; nvidia = { diff --git a/systems/eris/config/filesystem.nix b/systems/eris/config/filesystem.nix index 7e27956..2f1c295 100755 --- a/systems/eris/config/filesystem.nix +++ b/systems/eris/config/filesystem.nix @@ -1,42 +1,45 @@ { flake, config, + lib, ... }: let - inherit (flake.config.machines.devices) ceres; - ceresSecrets = config.sops.secrets."network/server".path; - - sambaDrives = [ - "samba0" - ]; - - sambaFolders = [ - "storage" - ]; - - sambaMounts = sambaDrive: folder: { - name = "${ceres.${sambaDrive}.mount}/${folder}"; - value = { - device = "${ceres.${sambaDrive}.device}/${folder}"; - fsType = "cifs"; - options = ceres.${sambaDrive}.options ++ [ - "credentials=${ceresSecrets}" - ]; - }; - }; - + inherit (flake.config.people) user0; + rootDevice = "/dev/disk/by-label/root"; + bootDevice = "/dev/disk/by-label/BOOT"; in - { fileSystems = { "/" = { - device = "/dev/disk/by-uuid/df2d42e7-e91c-4525-a8d9-80aa0897b1be"; - fsType = "ext4"; + device = rootDevice; + fsType = "btrfs"; + options = [ + "subvol=root" + ]; + }; + "/nix" = { + device = rootDevice; + fsType = "btrfs"; + options = [ + "subvol=nix" + ]; + }; + "/persist" = { + device = rootDevice; + fsType = "btrfs"; + neededForBoot = true; + options = [ + "subvol=persist" + ]; }; "/boot" = { - device = "/dev/disk/by-uuid/B645-7527"; + device = bootDevice; fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; }; "/mnt/storage" = { device = "/dev/md0"; @@ -47,23 +50,91 @@ in "x-systemd.device-timeout=10" ]; }; - } - // (builtins.listToAttrs ( - builtins.concatMap (drive: map (folder: sambaMounts drive folder) sambaFolders) sambaDrives - )); + "/etc/ssh" = { + neededForBoot = true; + }; + }; + environment.persistence."/persist" = { + directories = [ + "/var/cache" + "/var/lib" + { + directory = "/etc/ssh"; + mode = "u=rwx,g=rx,o=rx"; + user = "root"; + } + ]; + hideMounts = true; + users.${user0} = { + directories = [ + ".cache" + ".config" + ".local/share/direnv" + ".local/state/nix" + { + directory = ".ssh"; + mode = "u=rwx,g=,o="; + } + ]; + }; + }; + boot = { + initrd.postResumeCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount -o subvolid=5 ${rootDevice} /btrfs_tmp - swapDevices = [ - { device = "/dev/disk/by-uuid/9a2e032d-8627-49cf-8f3f-8fdf2be5fed4"; } - ]; + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi - boot.swraid.enable = true; - boot.swraid.mdadmConf = '' - ARRAY /dev/md0 metadata=1.2 name=eris:storage UUID=64659038:a939a18d:8cdc0f3f:97171a50 - ''; + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; + swraid.enable = true; + # mdadmConf = '' + # ARRAY /dev/md0 metadata=1.2 name=eris:storage UUID=64659038:a939a18d:8cdc0f3f:97171a50 + # ''; + }; systemd.tmpfiles.rules = [ + "Z ${config.home-manager.users.${user0}.home.homeDirectory} 0755 ${user0} users -" "d /mnt/storage 2775 root root -" ]; - services.udisks2.enable = true; } + +# sudo mount /dev/disk/by-label/root /mnt +# sudo btrfs subvolume create /mnt/persist +# sudo btsfs subvolume create /mnt/root +# sudo btrfs subvolume create /mnt/nix +# sudo umount /mnt + +# sudo mount -o subvol=root /dev/disk/by-label/root /mnt + +# sudo mount -o subvol=nix /dev/disk/by-label/root /mnt/nix +# sudo mount -o subvol=persist /dev/disk/by-label/root /mnt/persist + +# sudo mount /dev/disk/by-label/BOOT /mnt/boot + +# sudo nixos-generate-config --root /mnt + +# sudo nixos-install --root /mnt + +# sudo nixos-enter --root /mnt +# nixos-rebuild boot +# exit + +# sudo reboot diff --git a/systems/mars/config/filesystem.nix b/systems/mars/config/filesystem.nix index 7b5bbdc..fa09336 100755 --- a/systems/mars/config/filesystem.nix +++ b/systems/mars/config/filesystem.nix @@ -26,6 +26,7 @@ in ]; ceresFolders = [ "storage" + "transfer" ]; storageMounts = storageDrive: { name = "${mars.${storageDrive}.mount}";