diff --git a/hosts/dregil/configuration.nix b/hosts/dregil/configuration.nix index 0c532fd..3974771 100644 --- a/hosts/dregil/configuration.nix +++ b/hosts/dregil/configuration.nix @@ -93,7 +93,28 @@ in extraGroups = [ "wheel" # Enable ‘sudo’ for the user. "input" ]; - }; + packages = with pkgs; [ + # gui tool + alacritty + firefox + jitsi-meet-electron + + # editing + helix + nil # nix language server + + # system tools + htop-vim # htop with vim bindings + erdtree # du+tree had sex + dua # ncdu but better + bat # better cat + uhk-agent + + # gaming support + lutris + #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" + ]; + }; # List packages installed in system profile. To search, run: # $ nix search wget @@ -102,7 +123,6 @@ in ripgrep git nvidia-offload - pinentry ]; # adjust channels to nixpkgs used on this system via this flake @@ -114,10 +134,10 @@ in # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; programs.neovim = { enable = true; diff --git a/hosts/thrall/default.nix b/hosts/thrall/default.nix index bc3c402..9631cb7 100644 --- a/hosts/thrall/default.nix +++ b/hosts/thrall/default.nix @@ -36,7 +36,6 @@ in { age.secrets = { mailPass.file = ../../secrets/mailPass.age; - paperless-mail.file = ../../secrets/paperless-mail.age; wireguard-thrall.file = ../../secrets/wireguard-thrall.age; }; @@ -135,7 +134,6 @@ in { htop tmux git - git-annex #agenix.defaultPackage.x86_64-linux restic # fast and secure backup rclone @@ -177,56 +175,25 @@ in { services.restic.backups = { }; services.keybase = { enable = true; }; + services.nginx.enable = true; services.nginx = { - enable = true; - - statusPage = true; - clientMaxBodySize = "64m"; recommendedTlsSettings = true; recommendedOptimisation = true; recommendedGzipSettings = true; recommendedProxySettings = true; }; services.nginx.virtualHosts = { - # main site "failco.de" = { forceSSL = true; enableACME = true; root = "/srv/www/failco.de"; serverAliases = [ "www.failco.de" "mail.failco.de" ]; - extraConfig = '' - add_header X-Frame-Options 'SAMEORIGIN'; - ''; }; - "www.jakalx.net" = { - forceSSL = true; - enableACME = true; - root = "/srv/www/jakalx.net"; - serverAliases = [ "jakalx.net" ]; - extraConfig = '' - add_header X-Frame-Options 'SAMEORIGIN'; - ''; - }; - - # gitea "git.failco.de" = { forceSSL = true; enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3001/"; - proxyWebsockets = true; - }; - }; - - # paperless - "docs.failco.de" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3002/"; - proxyWebsockets = true; - }; + locations."/" = { proxyPass = "http://127.0.0.1:3001/"; }; }; }; @@ -239,28 +206,7 @@ in { httpAddress = "127.0.0.1"; httpPort = 3001; - settings = { - service.DISABLE_REGISTRATION = true; - - mailer = { - ENABLED = true; - MAILER_TYPE = "smtp"; - FROM = "git@failco.de"; - HOST = "thrall.failco.de:25"; - IS_TLS_ENABLED = false; - }; - }; - }; - - services.paperless = { - enable = true; - address = "127.0.0.1"; - port = 3002; - consumptionDirIsPublic = true; - extraConfig = { - PAPERLESS_OCR_LANGUAGE = "deu+eng"; - PAPERLESS_URL = "https://docs.failco.de"; - }; + settings.service.DISABLE_REGISTRATION = true; }; services.fail2ban = { @@ -306,17 +252,7 @@ in { aliases = [ "lx@failco.de" "alex@failco.de" ]; - catchAll = [ "failco.de" ]; - }; - - "alex@jakalx.net" = { - hashedPasswordFile = config.age.secrets.mailPass.path; - - catchAll = [ "jakalx.net" ]; - }; - - "archive@failco.de" = { - hashedPasswordFile = config.age.secrets.paperless-mail.path; + catchAll = [ "failco.de" "jakalx.net" ]; }; }; diff --git a/modules/common-system.nix b/modules/common-system.nix index a640d0f..fb4273f 100644 --- a/modules/common-system.nix +++ b/modules/common-system.nix @@ -14,12 +14,16 @@ fd fzf bat - lshw - pciutils ]; networking.firewall.enable = true; + users.users.alex = { + isNormalUser = true; + extraGroups = [ "wheel" "input" ]; + shell = pkgs.zsh; + }; + nix = { gc = { automatic = true; diff --git a/outputs/homeConfigurations/default.nix b/outputs/homeConfigurations/default.nix index ea49a02..4fe9a2a 100644 --- a/outputs/homeConfigurations/default.nix +++ b/outputs/homeConfigurations/default.nix @@ -17,50 +17,12 @@ in username = "alex"; homeDirectory = "/home/alex"; stateVersion = "22.11"; + packages = with pkgs; [ - alacritty # fast terminal - firefox # the browser with the fox - - # social - jitsi-meet-electron # jitsi as a stand-alone app - discord # talk to other people - #inputs.simplex-chat.packages."x86_64-linux"."exe:simplex-chat" - - # editing - helix # vim like editor - nil # nix language server - - # system tools - htop-vim # htop with vim bindings - erdtree # du+tree had sex - dua # ncdu but better - bat # better cat - uhk-agent # my keyboard - mosh # ssh via udp - - # gaming support lutris ]; }; - programs.bash = { - enable = true; - }; - - programs.zsh = { - enable = true; - }; - - programs.git = { - enable = true; - userName = "Alexander Kobjolke"; - userEmail = "me@failco.de"; - }; - - programs.password-store = { - enable = true; - }; - # do not show home-manager notifications news.display = "silent"; } diff --git a/secrets/paperless-mail.age b/secrets/paperless-mail.age deleted file mode 100644 index ae80b74..0000000 Binary files a/secrets/paperless-mail.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 794f07e..0d7b55f 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,12 +1,10 @@ let thrall = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHNRSYszckbCwKoX/cci8D40DGM/SG/NJ/u/uB361re"; - alex = "age13uv5phqjuvd90rr3aa7mg3xsmcmyx8cfz9v52w2a782qecssja9sw9nt8a"; systems = [ thrall ]; - users = [ alex ]; + users = []; in { "mailPass.age".publicKeys = users ++ systems; - "paperless-mail.age".publicKeys = users ++ systems; "wireguard-thrall.age".publicKeys = [thrall]; }