diff options
Diffstat (limited to 'nix/modules')
| -rw-r--r-- | nix/modules/conduit.nix | 3 | ||||
| -rw-r--r-- | nix/modules/configuration.nix | 4 | ||||
| -rw-r--r-- | nix/modules/default.nix | 13 | ||||
| -rw-r--r-- | nix/modules/heisenbridge.nix | 9 | ||||
| -rw-r--r-- | nix/modules/home/default.nix | 14 | ||||
| -rw-r--r-- | nix/modules/home/emacs.nix | 13 | ||||
| -rw-r--r-- | nix/modules/home/hyprland.nix | 1 | ||||
| -rw-r--r-- | nix/modules/home/mbsync.nix | 18 | ||||
| -rw-r--r-- | nix/modules/home/pantalaimon.nix | 2 | ||||
| -rw-r--r-- | nix/modules/home/user.nix | 8 | ||||
| -rw-r--r-- | nix/modules/home/zsh.nix | 5 | ||||
| -rw-r--r-- | nix/modules/honk.nix | 8 | ||||
| -rw-r--r-- | nix/modules/impermanence.nix | 85 | ||||
| -rw-r--r-- | nix/modules/maddy.nix | 8 | ||||
| -rw-r--r-- | nix/modules/mautrix.nix | 150 | ||||
| -rw-r--r-- | nix/modules/murmur.nix | 6 | ||||
| -rw-r--r-- | nix/modules/nginx.nix | 10 | ||||
| -rw-r--r-- | nix/modules/ngircd.nix | 6 | ||||
| -rw-r--r-- | nix/modules/ollama.nix | 8 | ||||
| -rw-r--r-- | nix/modules/vars.nix | 26 |
20 files changed, 358 insertions, 39 deletions
diff --git a/nix/modules/conduit.nix b/nix/modules/conduit.nix index e47c7a2..dc3ea56 100644 --- a/nix/modules/conduit.nix +++ b/nix/modules/conduit.nix @@ -3,10 +3,11 @@ services.matrix-conduit = { enable = lib.mkDefault config.monorepo.profiles.server.enable; settings.global = { - server_name = "matrix.${config.monorepo.vars.remoteHost}"; + server_name = "matrix.${config.monorepo.vars.orgHost}"; trusted_servers = [ "matrix.org" "nixos.org" + "conduit.rs" ]; address = "0.0.0.0"; port = 6167; diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix index 27002ff..a2912ea 100644 --- a/nix/modules/configuration.nix +++ b/nix/modules/configuration.nix @@ -2,6 +2,7 @@ { imports = [ ./matterbridge.nix + ./mautrix.nix ./xserver.nix ./ssh.nix ./pipewire.nix @@ -20,6 +21,7 @@ ./ngircd.nix ./znc.nix ./docker.nix + ./impermanence.nix ]; documentation = { @@ -162,7 +164,7 @@ "kernel.kptr_restrict" = 2; # madaidan - "kernel.smtcontrol" = "on"; + "kernel.smtcontrol" = "on"; "vm.swappiness" = 1; "vm.unprivileged_userfaultfd" = 0; "dev.tty.ldisc_autoload" = 0; diff --git a/nix/modules/default.nix b/nix/modules/default.nix index becaac8..adf54b9 100644 --- a/nix/modules/default.nix +++ b/nix/modules/default.nix @@ -18,19 +18,27 @@ ttyonly.enable = lib.mkEnableOption "TTY only, no xserver"; grub.enable = lib.mkEnableOption "Enables grub instead of systemd-boot"; workstation.enable = lib.mkEnableOption "Enables workstation services"; + impermanence.enable = lib.mkEnableOption "Enables imperamanence"; }; }; }; config = { - environment.systemPackages = lib.mkIf config.monorepo.profiles.documentation.enable (with pkgs; [ + environment.systemPackages = lib.mkIf config.monorepo.profiles.documentation.enable ((with pkgs; [ linux-manual man-pages man-pages-posix iproute2 silver-searcher ripgrep - ]); + ]) ++ + (if (config.monorepo.vars.fileSystem == "btrfs") then with pkgs; [ + btrfs-progs + btrfs-snap + btrfs-list + btrfs-heatmap + ] else [])); + boot.loader.grub = lib.mkIf config.monorepo.profiles.grub.enable { enable = true; }; @@ -41,6 +49,7 @@ pipewire.enable = lib.mkDefault true; tor.enable = lib.mkDefault true; home.enable = lib.mkDefault true; + impermanence.enable = lib.mkDefault false; }; }; }; diff --git a/nix/modules/heisenbridge.nix b/nix/modules/heisenbridge.nix new file mode 100644 index 0000000..f3b88fc --- /dev/null +++ b/nix/modules/heisenbridge.nix @@ -0,0 +1,9 @@ +{ lib, config, ... }: +{ + services.heisenbridge = { + enable = true; + registrationUrl = "http://localhost:6167"; + owner = "@ret2pop:matrix.nullring.xyz"; + homeserver = "http://localhost:6167"; + }; +} diff --git a/nix/modules/home/default.nix b/nix/modules/home/default.nix index a522872..f5f8d34 100644 --- a/nix/modules/home/default.nix +++ b/nix/modules/home/default.nix @@ -36,6 +36,8 @@ lang-openscad.enable = lib.mkEnableOption "Enables openscad language support"; lang-js.enable = lib.mkEnableOption "Enables javascript language support"; lang-nix.enable = lib.mkEnableOption "Enables nix language support"; + lang-idris.enable = lib.mkEnableOption "Enables idris language support"; + lang-agda.enable = lib.mkEnableOption "Enables agda language support"; lang-coq.enable = lib.mkEnableOption "Enables coq language support"; lang-lean.enable = lib.mkEnableOption "Enables lean language support"; lang-haskell.enable = lib.mkEnableOption "Enables haskell language support"; @@ -81,6 +83,7 @@ gnumake bear clang-tools + autotools-language-server ]) else []) ++ (if config.monorepo.profiles.workstation.enable then (with pkgs; [ @@ -135,6 +138,15 @@ lean4 ]) else []) ++ + (if config.monorepo.profiles.lang-agda.enable then (with pkgs; [ + agda + ]) else []) + ++ + (if config.monorepo.profiles.lang-idris.enable then (with pkgs; [ + idris + idris2Packages.idris2Lsp + ]) else []) + ++ (if config.monorepo.profiles.lang-nix.enable then (with pkgs; [ nil nixd @@ -197,6 +209,8 @@ lang-coq.enable = lib.mkDefault config.monorepo.profiles.enable; lang-lean.enable = lib.mkDefault config.monorepo.profiles.enable; lang-haskell.enable = lib.mkDefault config.monorepo.profiles.enable; + lang-idris.enable = lib.mkDefault config.monorepo.profiles.enable; + lang-agda.enable = lib.mkDefault config.monorepo.profiles.enable; crypto.enable = lib.mkDefault config.monorepo.profiles.enable; art.enable = lib.mkDefault config.monorepo.profiles.enable; diff --git a/nix/modules/home/emacs.nix b/nix/modules/home/emacs.nix index e44db8d..c5bd383 100644 --- a/nix/modules/home/emacs.nix +++ b/nix/modules/home/emacs.nix @@ -5,10 +5,14 @@ enable = lib.mkDefault config.monorepo.profiles.graphics.enable; package = pkgs.emacs-pgtk; extraConfig = '' - (setq debug-on-error t) - (org-babel-load-file - (expand-file-name "~/monorepo/config/emacs.org"))''; +(setq debug-on-error t) +(setq system-email "${config.monorepo.profiles.email.email}") +(setq system-username "${config.monorepo.vars.internetName}") +(setq system-fullname "${config.monorepo.vars.fullName}") +(org-babel-load-file + (expand-file-name "~/${config.monorepo.vars.repoName}/config/emacs.org"))''; extraPackages = epkgs: [ + epkgs.agda2-mode epkgs.all-the-icons epkgs.auctex epkgs.catppuccin-theme @@ -17,6 +21,7 @@ epkgs.company-solidity epkgs.counsel epkgs.dashboard + epkgs.doom-themes epkgs.doom-modeline epkgs.elfeed epkgs.elfeed-org @@ -39,6 +44,7 @@ epkgs.gruvbox-theme epkgs.haskell-mode epkgs.htmlize + epkgs.idris-mode epkgs.irony-eldoc epkgs.ivy epkgs.ivy-pass @@ -48,6 +54,7 @@ epkgs.lsp-mode epkgs.lsp-haskell epkgs.lyrics-fetcher + epkgs.mastodon epkgs.magit epkgs.magit-delta epkgs.mu4e diff --git a/nix/modules/home/hyprland.nix b/nix/modules/home/hyprland.nix index 819f1fa..dbe0b39 100644 --- a/nix/modules/home/hyprland.nix +++ b/nix/modules/home/hyprland.nix @@ -64,6 +64,7 @@ "$mod, B, exec, bitcoin-qt" "$mod, M, exec, monero-wallet-gui" "$mod, V, exec, vesktop" + "$mod, C, exec, fluffychat" "$mod, D, exec, wofi --show run" "$mod, P, exec, bash ${scripts}/powermenu.sh" "$mod, Q, killactive" diff --git a/nix/modules/home/mbsync.nix b/nix/modules/home/mbsync.nix index 67d971a..b7c7424 100644 --- a/nix/modules/home/mbsync.nix +++ b/nix/modules/home/mbsync.nix @@ -3,7 +3,7 @@ programs.mbsync = { enable = lib.mkDefault config.monorepo.profiles.email.enable; extraConfig = '' - IMAPAccount ret2pop + IMAPAccount ${config.monorepo.vars.internetName} Host ${config.monorepo.profiles.email.imapsServer} User ${config.monorepo.profiles.email.email} PassCmd "cat ${config.sops.secrets.mail.path}" @@ -12,17 +12,17 @@ AuthMechs * CertificateFile /etc/ssl/certs/ca-certificates.crt - IMAPStore ret2pop-remote - Account ret2pop + IMAPStore ${config.monorepo.vars.internetName}-remote + Account ${config.monorepo.vars.internetName} - MaildirStore ret2pop-local - Path ~/email/ret2pop/ - Inbox ~/email/ret2pop/INBOX + MaildirStore ${config.monorepo.vars.internetName}-local + Path ~/email/${config.monorepo.vars.internetName}/ + Inbox ~/email/${config.monorepo.vars.internetName}/INBOX SubFolders Verbatim - Channel ret2pop - Far :ret2pop-remote: - Near :ret2pop-local: + Channel ${config.monorepo.vars.internetName} + Far :${config.monorepo.vars.internetName}-remote: + Near :${config.monorepo.vars.internetName}-local: Patterns * Create Near Sync All diff --git a/nix/modules/home/pantalaimon.nix b/nix/modules/home/pantalaimon.nix index 4645687..b523865 100644 --- a/nix/modules/home/pantalaimon.nix +++ b/nix/modules/home/pantalaimon.nix @@ -8,7 +8,7 @@ SSL = true; }; local-matrix = { - Homeserver = "https://social.nullring.xyz"; + Homeserver = "https://matrix.${config.monorepo.vars.orgHost}"; ListenAddress = "127.0.0.1"; ListenPort = "8008"; }; diff --git a/nix/modules/home/user.nix b/nix/modules/home/user.nix index 24b61da..c02d9a0 100644 --- a/nix/modules/home/user.nix +++ b/nix/modules/home/user.nix @@ -2,8 +2,8 @@ { home = { activation.startup-files = lib.hm.dag.entryAfter [ "installPackages" ] '' - if [ ! -d "/home/${config.monorepo.vars.userName}/email/ret2pop/" ]; then - mkdir -p /home/${config.monorepo.vars.userName}/email/ret2pop/ + if [ ! -d "/home/${config.monorepo.vars.userName}/email/${config.monorepo.vars.internetName}/" ]; then + mkdir -p /home/${config.monorepo.vars.userName}/email/${config.monorepo.vars.internetName}/ fi if [ ! -d "/home/${config.monorepo.vars.userName}/music" ]; then mkdir -p /home/${config.monorepo.vars.userName}/music @@ -41,7 +41,7 @@ # Apps # octaveFull - vesktop grim swww vim telegram-desktop qwen-code + vesktop grim swww vim telegram-desktop qwen-code fluffychat # Sound/media pavucontrol alsa-utils imagemagick ffmpeg helvum @@ -53,7 +53,7 @@ torsocks tor-browser # fonts - nerd-fonts.iosevka noto-fonts noto-fonts-cjk-sans noto-fonts-emoji fira-code font-awesome_6 + nerd-fonts.iosevka noto-fonts noto-fonts-cjk-sans noto-fonts-emoji fira-code font-awesome_6 victor-mono (aspellWithDicts (dicts: with dicts; [ en en-computers en-science ])) diff --git a/nix/modules/home/zsh.nix b/nix/modules/home/zsh.nix index cb4f1b0..574e6ac 100644 --- a/nix/modules/home/zsh.nix +++ b/nix/modules/home/zsh.nix @@ -21,6 +21,7 @@ }; shellAliases = { + get-channel-id = "yt-dlp --print \"%(channel_id)s\" --playlist-end 1 \"$1\""; se = "sops edit"; f = "vim $(fzf)"; e = "cd $(find . -type d -print | fzf)"; @@ -30,9 +31,9 @@ py = "python3"; rb = "sudo nixos-rebuild switch --flake $HOME/monorepo/nix#${systemHostName}"; nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; - usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; + usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/${config.monorepo.vars.internetName}-website/"; usite - = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/ret2pop-website/"; + = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/var/www/${config.monorepo.vars.internetName}-website/"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; i3 = "exec ${pkgs.i3-gaps}/bin/i3"; }; diff --git a/nix/modules/honk.nix b/nix/modules/honk.nix new file mode 100644 index 0000000..b13a9dc --- /dev/null +++ b/nix/modules/honk.nix @@ -0,0 +1,8 @@ +{ lib, config, ... }: +{ + services.honk = { + enable = config.monorepo.vars.ttyonly; + servername = "ret2pop.net"; + username = "ret2pop"; + }; +} diff --git a/nix/modules/impermanence.nix b/nix/modules/impermanence.nix new file mode 100644 index 0000000..73bccdc --- /dev/null +++ b/nix/modules/impermanence.nix @@ -0,0 +1,85 @@ +{ lib, config, ... }: +{ + assertions = [ + { + assertion = ! (config.monorepo.profiles.impermanence.enable && (! (config.monorepo.vars.filesystem == "btrfs"))); + message = "Impermanence requires btrfs filesystem."; + } + ]; + + boot.initrd.postResumeCommands = (if config.monorepo.profiles.impermanence.enable then lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/root_vg/root /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + '' else ""); + + environment.persistence."/persistent" = { + enable = config.monorepo.profiles.impermanence.enable; + hideMounts = true; + directories = [ + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + "/etc/NetworkManager/system-connections" + ]; + files = [ + "/etc/machine-id" + "/etc/matterbridge.toml" + { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; } + ]; + users."${config.monorepo.vars.userName}" = { + directories = [ + "Downloads" + "music" + "Pictures" + "Documents" + "Videos" + "Monero" + "org" + "monorepo" + "soundfont" + "website_html" + "ardour" + "audacity" + "img" + "email" + "projects" + "secrets" + + ".emacs.d" + ".elfeed" + ".electrum" + ".mozilla" + ".bitmonero" + ".config" + { directory = ".gnupg"; mode = "0700"; } + { directory = ".ssh"; mode = "0700"; } + { directory = ".local/share/keyrings"; mode = "0700"; } + ".local/share/direnv" + ]; + files = [ + ".emacs" + ]; + }; + }; +} diff --git a/nix/modules/maddy.nix b/nix/modules/maddy.nix index f97ba05..c84b59c 100644 --- a/nix/modules/maddy.nix +++ b/nix/modules/maddy.nix @@ -3,7 +3,8 @@ services.maddy = { enable = lib.mkDefault config.monorepo.profiles.server.enable; openFirewall = true; - primaryDomain = "${config.monorepo.vars.remoteHost}"; + hostName = "${config.monorepo.vars.remoteHost}"; + primaryDomain = "mail.${config.monorepo.vars.remoteHost}"; tls = { loader = "acme"; }; @@ -14,5 +15,10 @@ "imap tls://0.0.0.0:993 tcp://0.0.0.0:143" "submission tls://0.0.0.0:465 tcp://0.0.0.0:587" ] options.services.maddy.config.default; + ensureCredentials = { + "${config.monorepo.vars.userName}@localhost" = { + passwordFile = "/secrets/${config.monorepo.vars.userName}-localhost"; + }; + }; }; } diff --git a/nix/modules/mautrix.nix b/nix/modules/mautrix.nix new file mode 100644 index 0000000..5eacb4a --- /dev/null +++ b/nix/modules/mautrix.nix @@ -0,0 +1,150 @@ +{ lib, config, ... }: +{ + services.mautrix-discord = { + enable = lib.mkDefault config.monorepo.profiles.server.enable; + environmentFile = "/etc/mautrix"; + settings = { + bridge = { + animated_sticker = { + args = { + fps = 25; + height = 320; + width = 320; + }; + target = "webp"; + }; + autojoin_thread_on_open = true; + avatar_proxy_key = "generate"; + backfill = { + forward_limits = { + initial = { + channel = 0; + dm = 0; + thread = 0; + }; + max_guild_members = -1; + missed = { + channel = 0; + dm = 0; + thread = 0; + }; + }; + }; + cache_media = "unencrypted"; + channel_name_template = "{{if or (eq .Type 3) (eq .Type 4)}}{{.Name}}{{else}}#{{.Name}}{{end}}"; + command_prefix = "!discord"; + custom_emoji_reactions = true; + delete_guild_on_leave = true; + delete_portal_on_channel_delete = false; + delivery_receipts = false; + direct_media = { + allow_proxy = true; + enabled = false; + server_key = "generate"; + }; + displayname_template = "{{if .Webhook}}Webhook{{else}}{{or .GlobalName .Username}}{{if .Bot}} (bot){{end}}{{end}}"; + double_puppet_allow_discovery = true; + double_puppet_server_map = { }; + embed_fields_as_tables = true; + enable_webhook_avatars = true; + encryption = { + allow = false; + allow_key_sharing = false; + appservice = false; + default = false; + delete_keys = { + delete_fully_used_on_decrypt = false; + delete_on_device_delete = false; + delete_outbound_on_ack = false; + delete_outdated_inbound = false; + delete_prev_on_new_session = false; + dont_store_outbound = false; + periodically_delete_expired = false; + ratchet_on_decrypt = false; + }; + msc4190 = false; + plaintext_mentions = false; + require = false; + rotation = { + disable_device_change_key_rotation = false; + enable_custom = false; + messages = 100; + milliseconds = 604800000; + }; + verification_levels = { + receive = "unverified"; + send = "unverified"; + share = "cross-signed-tofu"; + }; + }; + federate_rooms = true; + guild_name_template = "{{.Name}}"; + login_shared_secret_map = { }; + management_room_text = { + additional_help = ""; + welcome = "Hello, I'm a Discord bridge bot."; + welcome_connected = "Use `help` for help."; + welcome_unconnected = "Use `help` for help or `login` to log in."; + }; + message_error_notices = true; + message_status_events = false; + mute_channels_on_create = false; + permissions = { + "@${config.monorepo.vars.internetName}:matrix.${config.monorepo.vars.orgHost}" = "admin"; + "*" = "user"; + }; + portal_message_buffer = 128; + prefix_webhook_messages = true; + private_chat_portal_meta = "default"; + provisioning = { + debug_endpoints = false; + prefix = "/_matrix/provision"; + shared_secret = "generate"; + }; + public_address = null; + resend_bridge_info = false; + restricted_rooms = false; + startup_private_channel_create_limit = 5; + sync_direct_chat_list = false; + use_discord_cdn_upload = true; + username_template = "discord_{{.}}"; + }; + + appservice = { + address = "http://localhost:29334"; + hostname = "0.0.0.0"; + port = 29334; + id = "discord"; + bot = { + username = "discordbot"; + displayname = "Discord bridge bot"; + avatar = "mxc://maunium.net/nIdEykemnwdisvHbpxflpDlC"; + }; + ephemeral_events = true; + async_transactions = false; + database = { + type = "sqlite3"; + uri = "file:${config.services.mautrix-discord.dataDir}/mautrix-discord.db?_txlock=immediate"; + max_open_conns = 20; + max_idle_conns = 2; + max_conn_idle_time = null; + max_conn_lifetime = null; + }; + as_token = "$MAUTRIX_DISCORD_APPSERVICE_AS_TOKEN"; + hs_token = "$MAUTRIX_DISCORD_APPSERVICE_HS_TOKEN"; + }; + + dataDir = "/var/lib/mautrix-discord"; + homeserver = { + async_media = false; + message_send_checkpoint_endpoint = null; + ping_interval_seconds = 0; + software = "standard"; + status_endpoint = null; + websocket = false; + domain = "matrix.${config.monorepo.vars.orgHost}"; + address = "http://localhost:6167"; + }; + }; + }; +} diff --git a/nix/modules/murmur.nix b/nix/modules/murmur.nix index 7595520..b809fc7 100644 --- a/nix/modules/murmur.nix +++ b/nix/modules/murmur.nix @@ -7,8 +7,8 @@ hostName = "0.0.0.0"; welcometext = "Wecome to the Null Murmur instance!"; registerName = "nullring"; - registerHostname = "nullring.xyz"; - sslCert = "/var/lib/acme/nullring.xyz/fullchain.pem"; - sslKey = "/var/lib/acme/nullring.xyz/sslKey.pem"; + registerHostname = "${config.monorepo.vars.orgHost}"; + sslCert = "/var/lib/acme/${config.monorepo.vars.orgHost}/fullchain.pem"; + sslKey = "/var/lib/acme/${config.monorepo.vars.orgHost}/sslKey.pem"; }; } diff --git a/nix/modules/nginx.nix b/nix/modules/nginx.nix index bb87fce..9337774 100644 --- a/nix/modules/nginx.nix +++ b/nix/modules/nginx.nix @@ -16,7 +16,7 @@ }; virtualHosts = { - "matrix.${config.monorepo.vars.remoteHost}" = { + "matrix.${config.monorepo.vars.orgHost}" = { enableACME = true; forceSSL = true; listen = [ @@ -55,14 +55,14 @@ }; "${config.monorepo.vars.remoteHost}" = { serverName = "${config.monorepo.vars.remoteHost}"; - serverAliases = [ "ret2pop.nullring.xyz" ]; - root = "/var/www/ret2pop-website/"; + serverAliases = [ "${config.monorepo.vars.internetName}.${config.monorepo.vars.orgHost}" ]; + root = "/var/www/${config.monorepo.vars.internetName}-website/"; addSSL = true; enableACME = true; }; - "nullring.xyz" = { - serverName = "nullring.xyz"; + "${config.monorepo.vars.orgHost}" = { + serverName = "${config.monorepo.vars.orgHost}"; root = "/var/www/nullring/"; addSSL = true; enableACME = true; diff --git a/nix/modules/ngircd.nix b/nix/modules/ngircd.nix index 0900017..c8348bf 100644 --- a/nix/modules/ngircd.nix +++ b/nix/modules/ngircd.nix @@ -4,7 +4,7 @@ enable = lib.mkDefault config.monorepo.profiles.server.enable; config = '' [Global] - Name = nullring.xyz + Name = ${config.monorepo.vars.orgHost} Info = NullRing IRC Instance Listen = 0.0.0.0 MotdFile = /etc/motd.txt @@ -13,9 +13,9 @@ [Options] PAM = no [SSL] - CertFile = /var/lib/acme/nullring.xyz/fullchain.pem + CertFile = /var/lib/acme/${config.monorepo.vars.orgHost}/fullchain.pem CipherList = HIGH:!aNULL:@STRENGTH:!SSLv3 - KeyFile = /var/lib/acme/nullring.xyz/key.pem + KeyFile = /var/lib/acme/${config.monorepo.vars.orgHost}/key.pem Ports = 6697 ''; }; diff --git a/nix/modules/ollama.nix b/nix/modules/ollama.nix index 33c41c9..bfa0cf3 100644 --- a/nix/modules/ollama.nix +++ b/nix/modules/ollama.nix @@ -1,14 +1,16 @@ { config, lib, ... }: { services.ollama = { - enable = lib.mkDefault (!config.monorepo.profiles.ttyonly.enable); + enable = lib.mkDefault (!config.monorepo.profiles.server.enable); acceleration = if (config.monorepo.profiles.workstation.enable) then "cuda" else null; - loadModels = [ + loadModels = if (config.monorepo.profiles.workstation.enable) then [ "qwen3:30b" "qwen3-coder:latest" "qwen2.5-coder:latest" - "qwen2.5-coder:3b" "gemma3:12b-it-qat" + ] else [ + "qwen3:0.6b" + "qwen2.5-coder:0.5b" ]; host = "0.0.0.0"; openFirewall = true; diff --git a/nix/modules/vars.nix b/nix/modules/vars.nix index de9736e..c991588 100644 --- a/nix/modules/vars.nix +++ b/nix/modules/vars.nix @@ -1,4 +1,7 @@ { lib, ... }: +let + vars = import ../flakevars.nix; +in { options.monorepo.vars = { device = lib.mkOption { @@ -8,6 +11,20 @@ description = "device that NixOS is installed to"; }; + internetName = lib.mkOption { + type = lib.types.str; + default = "${vars.internetName}"; + example = "myinternetname"; + description = "Internet name to be used for internet usernames"; + }; + + repoName = lib.mkOption { + type = lib.types.str; + default = "monorepo"; + example = "myreponame"; + description = "Name of this repository"; + }; + fileSystem = lib.mkOption { type = lib.types.str; default = "ext4"; @@ -43,11 +60,18 @@ remoteHost = lib.mkOption { type = lib.types.str; - default = "ret2pop.net"; + default = "${vars.remoteHost}"; example = "example.com"; description = "Address to push to and pull from for website and git repos"; }; + orgHost = lib.mkOption { + type = lib.types.str; + default = "${vars.orgHost}"; + example = "orgname.org"; + description = "Domain name of your organization"; + }; + timeZone = lib.mkOption { type = lib.types.str; default = "America/Vancouver"; |