| nixos/DICT | ●●●●● patch | view | raw | blame | history | |
| nixos/btrfs.nix | ●●●●● patch | view | raw | blame | history | |
| nixos/home-assistant.nix | ●●●●● patch | view | raw | blame | history | |
| nixos/nginx.nix | ●●●●● patch | view | raw | blame | history | |
| nixos/ssh.nix | ●●●●● patch | view | raw | blame | history | |
| nixos/user.nix | ●●●●● patch | view | raw | blame | history | |
| nixos/zsh.nix | ●●●●● patch | view | raw | blame | history | |
| smini/DICT | ●●●●● patch | view | raw | blame | history | |
| smini/configuration.nix | ●●●●● patch | view | raw | blame | history | |
| smini/hardware-configuration.nix | ●●●●● patch | view | raw | blame | history |
nixos/DICT
@@ -1,2 +1,8 @@ #SUDO_FILES="configuration.nix" #SUDO_LOCATIONS="/etc/nixos/configuration.nix" # Install all local nix files with wildcard # Enable desired ones in system's configuration.nix custom () { for i in *.nix; do install_conflict $i /etc/nixos/$i 1 done } nixos/btrfs.nix
New file @@ -0,0 +1,10 @@ { config, libs, pkgs, modulesPath, ... }: { services.btrfs = { autoScrub = { enable = true; interval = "weekly"; }; }; } nixos/home-assistant.nix
New file @@ -0,0 +1,46 @@ { config, libs, pkgs, modulesPath, ... }: { services.home-assistant = { enable = true; extraComponents = [ # Components required to complete the onboarding "analytics" "google_translate" "met" "radio_browser" "shopping_list" # Recommended for fast zlib compression # https://www.home-assistant.io/integrations/isal "isal" "zha" "plex" "braviatv" "roku" ]; config = { # Includes dependencies for a basic setup # https://www.home-assistant.io/integrations/default_config/ default_config = {}; homeassistant = { unit_system = "metric"; }; http = { server_host = "::1"; trusted_proxies = [ "::1" ]; use_x_forwarded_for = true; }; }; }; services.nginx.virtualHosts."home.ush.bouncr.xyz" = { extraConfig = '' proxy_buffering off; ''; enableACME = true; forceSSL = true; locations."/" = { proxyPass = "http://[::1]:8123"; proxyWebsockets = true; }; }; } nixos/nginx.nix
New file @@ -0,0 +1,19 @@ { config, libs, pkgs, modulesPath, ... }: { services.nginx = { enable = true; recommendedOptimisation = true; recommendedTlsSettings = true; recommendedProxySettings = true; recommendedBrotliSettings = true; recommendedGzipSettings = true; recommendedZstdSettings = true; }; security.acme = { acceptTerms = true; defaults.email = "joelgrun@gmail.com"; # "*.ush.bouncr.xyz".email = "joelgrun@gmail.com"; }; } nixos/ssh.nix
New file @@ -0,0 +1,14 @@ { config, libs, pkgs, modulesPath, ... }: { services.openssh = { enable = true; ports = [ 22 ]; settings = { PasswordAuthentication = false; KbdInteractiveAuthentication = false; PermitRootLogin = "no"; }; }; } nixos/user.nix
New file @@ -0,0 +1,12 @@ { config, libs, pkgs, modulesPath, ... }: { users.users.joel = { isNormalUser = true; description = "Joel Grunbaum"; shell = pkgs.zsh; extraGroups = [ "networkmanager" "wheel" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIATFC5gWcw58fSBHwfn+3FoAnxZfJEJH1bCe5cQof0YN joelgrun@gmail.com" ]; packages = with pkgs; []; }; } nixos/zsh.nix
New file @@ -0,0 +1,10 @@ { config, libs, pkgs, modulesPath, ... }: { programs.zsh = { enable = true; enableCompletion = true; #autosuggestion.enable = true; syntaxHighlighting.enable = true; }; } smini/DICT
New file @@ -0,0 +1,3 @@ DEPS="nixos" SUDO_FILES="configuration.nix hardware-configuration.nix" SUDO_LOCATIONS="/etc/nixos/configuration.nix /etc/nixos/hardware-configuration.nix" smini/configuration.nix
New file @@ -0,0 +1,101 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: { # local_configs = ../nixos; imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ../nixos/user.nix ../nixos/zsh.nix ../nixos/ssh.nix ../nixos/btrfs.nix ../nixos/nginx.nix ../nixos/home-assistant.nix ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # Use latest kernel. boot.kernelPackages = pkgs.linuxPackages_latest; networking.hostName = "smini"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable networking networking.networkmanager.enable = true; # Set your time zone. time.timeZone = "America/New_York"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = ""; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget git htop gnumake tmux ]; security.sudo.wheelNeedsPassword = false; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 80 443 8123 ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "25.05"; # Did you read the comment? } smini/hardware-configuration.nix
New file @@ -0,0 +1,40 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = { device = "/dev/disk/by-uuid/c5820e22-2f08-461e-8003-1e99d0e783e9"; fsType = "btrfs"; options = [ "subvol=@" "compress=zstd" ]; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/F559-C127"; fsType = "vfat"; options = [ "fmask=0077" "dmask=0077" ]; }; swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. networking.useDHCP = lib.mkDefault true; # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }
