diff --git a/common/nvim/nvim.nix b/common/nvim/nvim.nix index da08602..f3e677b 100644 --- a/common/nvim/nvim.nix +++ b/common/nvim/nvim.nix @@ -22,7 +22,7 @@ nixfmt-rfc-style gcc typst - python313Full + python313 ]; defaultEditor = true; viAlias = true; diff --git a/flake.lock b/flake.lock index 223825c..fa8f22d 100644 --- a/flake.lock +++ b/flake.lock @@ -99,11 +99,11 @@ "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1756476223, - "narHash": "sha256-6/t+3UyXzncCLsqq2rg5Ci8XhUpF9lQmyHu8A+aMcGo=", + "lastModified": 1757062396, + "narHash": "sha256-403iuoMVVjk64sF1GgZfrRwOnVU1H14sflE+LNp927c=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "a31bbcc1bf41baa9fca1028221068377bba8cd2e", + "rev": "22827e9a0cc002a076ee8bd14c3433ebc6c87f95", "type": "github" }, "original": { @@ -115,16 +115,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1753187012, - "narHash": "sha256-bs/ThY3YixwBObahcS7BrOWj0gsaUXI664ldUQlJul8=", + "lastModified": 1755873658, + "narHash": "sha256-5l1g55b0xozGg0NaZFimiO5JbHGcudaNSEn1/XsweaU=", "owner": "goauthentik", "repo": "authentik", - "rev": "23ffad1c6be80bea223caf5f1cf265b984b76328", + "rev": "dd7c6b29d950664deadbcf5390272619a8bf9a5e", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.6.4", + "ref": "version/2025.8.1", "repo": "authentik", "type": "github" } @@ -154,11 +154,11 @@ "fromYaml": "fromYaml" }, "locked": { - "lastModified": 1746562888, - "narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=", + "lastModified": 1755819240, + "narHash": "sha256-qcMhnL7aGAuFuutH4rq9fvAhCpJWVHLcHVZLtPctPlo=", "owner": "SenchoPens", "repo": "base16.nix", - "rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89", + "rev": "75ed5e5e3fce37df22e49125181fa37899c3ccd6", "type": "github" }, "original": { @@ -216,6 +216,22 @@ "type": "github" } }, + "booktheme": { + "flake": false, + "locked": { + "lastModified": 1741979577, + "narHash": "sha256-SECuhWk5pDEgERURb78QrzSyKINV62fLXladfPA5q9w=", + "owner": "getzola", + "repo": "book", + "rev": "4ee06ce568e1c9f6d19f53bf521fb267603bc6c4", + "type": "github" + }, + "original": { + "owner": "getzola", + "repo": "book", + "type": "github" + } + }, "crane": { "locked": { "lastModified": 1748047550, @@ -305,11 +321,11 @@ ] }, "locked": { - "lastModified": 1756733629, - "narHash": "sha256-dwWGlDhcO5SMIvMSTB4mjQ5Pvo2vtxvpIknhVnSz2I8=", + "lastModified": 1757255839, + "narHash": "sha256-XH33B1X888Xc/xEXhF1RPq/kzKElM0D5C9N6YdvOvIc=", "owner": "nix-community", "repo": "disko", - "rev": "a5c4f2ab72e3d1ab43e3e65aa421c6f2bd2e12a1", + "rev": "c8a0e78d86b12ea67be6ed0f7cae7f9bfabae75a", "type": "github" }, "original": { @@ -340,6 +356,18 @@ "type": "github" } }, + "export_templates": { + "flake": false, + "locked": { + "narHash": "sha256-rtBhRkzwg9imC8WSr4AsuQnMcfv3n/jB8+/mPRPGzzk=", + "type": "file", + "url": "https://github.com/godotengine/godot/releases/download/4.4.1-stable/Godot_v4.4.1-stable_export_templates.tpz" + }, + "original": { + "type": "file", + "url": "https://github.com/godotengine/godot/releases/download/4.4.1-stable/Godot_v4.4.1-stable_export_templates.tpz" + } + }, "fenix": { "inputs": { "nixpkgs": [ @@ -441,11 +469,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1748383148, - "narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=", + "lastModified": 1756083905, + "narHash": "sha256-UqYGTBgI5ypGh0Kf6zZjom/vABg7HQocB4gmxzl12uo=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf", + "rev": "b655eaf16d4cbec9c3472f62eee285d4b419a808", "type": "github" }, "original": { @@ -489,11 +517,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1749398372, - "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "lastModified": 1754487366, + "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18", "type": "github" }, "original": { @@ -528,11 +556,11 @@ ] }, "locked": { - "lastModified": 1751413152, - "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", + "rev": "4524271976b625a4a605beefd893f270620fd751", "type": "github" }, "original": { @@ -694,11 +722,11 @@ }, "hardware": { "locked": { - "lastModified": 1756750488, - "narHash": "sha256-e4ZAu2sjOtGpvbdS5zo+Va5FUUkAnizl4wb0/JlIL2I=", + "lastModified": 1757103352, + "narHash": "sha256-PtT7ix43ss8PONJ1VJw3f6t2yAoGH+q462Sn8lrmWmk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "47eb4856cfd01eaeaa7bb5944a0f27db8fb9b94a", + "rev": "11b2a10c7be726321bb854403fdeec391e798bf0", "type": "github" }, "original": { @@ -736,11 +764,11 @@ ] }, "locked": { - "lastModified": 1756734952, - "narHash": "sha256-H6jmduj4QIncLPAPODPSG/8ry9lpr1kRq6fYytU52qU=", + "lastModified": 1757475826, + "narHash": "sha256-x6x30IzUOxKmOtE0KzQu9UxLrxg0HLurd5rpak62OL0=", "owner": "nix-community", "repo": "home-manager", - "rev": "29ab63bbb3d9eee4a491f7ce701b189becd34068", + "rev": "a60021a8c99bf5a28919c0a9fbb6b04422a6a8da", "type": "github" }, "original": { @@ -749,6 +777,72 @@ "type": "github" } }, + "lix": { + "inputs": { + "flake-compat": "flake-compat_2", + "nix2container": "nix2container", + "nix_2_18": "nix_2_18", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-regression": "nixpkgs-regression", + "pre-commit-hooks": "pre-commit-hooks" + }, + "locked": { + "lastModified": 1756426754, + "narHash": "sha256-EVJDo/KjdGtvJKelVPoL92TsPNrqnOJUnaLTIqP+F0o=", + "ref": "refs/heads/main", + "rev": "f4bdddf0fdaabc68546cf561c5343b83d95d2466", + "revCount": 18327, + "type": "git", + "url": "https://git.lix.systems/lix-project/lix.git" + }, + "original": { + "type": "git", + "url": "https://git.lix.systems/lix-project/lix.git" + } + }, + "lix-module": { + "inputs": { + "flake-utils": "flake-utils_5", + "flakey-profile": "flakey-profile", + "lix": [ + "lix" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1756511062, + "narHash": "sha256-IgD1JR7scSEwlK/YAbmrcTWpAYT30LPldCUHdzXkaMs=", + "ref": "refs/heads/main", + "rev": "3f09a5eb772e02d98bb8878ab687d5b721f00d16", + "revCount": 162, + "type": "git", + "url": "https://git.lix.systems/lix-project/nixos-module.git" + }, + "original": { + "type": "git", + "url": "https://git.lix.systems/lix-project/nixos-module.git" + } + }, + "lowdown-src": { + "flake": false, + "locked": { + "lastModified": 1633514407, + "narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=", + "owner": "kristapsdz", + "repo": "lowdown", + "rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8", + "type": "github" + }, + "original": { + "owner": "kristapsdz", + "repo": "lowdown", + "type": "github" + } + }, "napalm": { "inputs": { "flake-utils": [ @@ -781,11 +875,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1756628420, - "narHash": "sha256-GWuU2XP+/72ybXSMXDugP3/qNbgyQWSFE9ZG5euk8cc=", + "lastModified": 1757358784, + "narHash": "sha256-UNeUJW3c10z0aMJ87QKS85C/JgK9ng6pdRS0EwY6OLg=", "owner": "YaLTeR", "repo": "niri", - "rev": "db419b4fc7dbfb32a5c954502839c2331bcb4ecc", + "rev": "bdee1a657699a77bc4cdb050f7355f37f64c45a6", "type": "github" }, "original": { @@ -801,11 +895,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1756516619, - "narHash": "sha256-iWNyhVIBO/CxQdLeQAfedynD68+SmIq5lj/TJpJyUSA=", + "lastModified": 1757492326, + "narHash": "sha256-+fsabChnPFSm6LNsE53SqrBuykBTvuN45YWvRyZ8tjM=", "owner": "kaylorben", "repo": "nixcord", - "rev": "eed47b8dc6601e94f0b4ce71bfea349869b541c0", + "rev": "5554d927b44444fff8c58584408cd8b2f892f22f", "type": "github" }, "original": { @@ -832,11 +926,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1748740939, - "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", + "lastModified": 1753579242, + "narHash": "sha256-zvaMGVn14/Zz8hnp4VWT9xVnhc8vuL3TStRqwk22biA=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "656a64127e9d791a334452c6b6606d17539476e2", + "rev": "0f36c44e01a6129be94e3ade315a5883f0228a6e", "type": "github" }, "original": { @@ -860,13 +954,61 @@ "type": "github" } }, - "nixpkgs_2": { + "nixpkgs-regression": { "locked": { - "lastModified": 1750776420, - "narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=", + "lastModified": 1643052045, + "narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2", + "type": "github" + } + }, + "nixpkgs_10": { + "locked": { + "lastModified": 1756911493, + "narHash": "sha256-6n/n1GZQ/vi+LhFXMSyoseKdNfc2QQaSBXJdgamrbkE=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c6a788f552b7b7af703b1a29802a7233c0067908", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_11": { + "locked": { + "lastModified": 1756819007, + "narHash": "sha256-12V64nKG/O/guxSYnr5/nq1EfqwJCdD2+cIGmhz3nrE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "aaff8c16d7fc04991cac6245bee1baa31f72b1e1", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1756386758, + "narHash": "sha256-1wxxznpW2CKvI9VdniaUnTT2Os6rdRJcRUf65ZK9OtE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "dfb2f12e899db4876308eba6d93455ab7da304cd", "type": "github" }, "original": { @@ -942,11 +1084,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1756542300, - "narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=", + "lastModified": 1757496692, + "narHash": "sha256-68Tu1YM/XreiNvQw4QlpwyiP8Ztyh6Pr3aP6YLprzu8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d7600c775f877cd87b4f5a831c28aa94137377aa", + "rev": "2d18d6a4b153a45f1eff4936afe35f83a6ef19d2", "type": "github" }, "original": { @@ -1019,11 +1161,11 @@ ] }, "locked": { - "lastModified": 1751906969, - "narHash": "sha256-BSQAOdPnzdpOuCdAGSJmefSDlqmStFNScEnrWzSqKPw=", + "lastModified": 1756961635, + "narHash": "sha256-hETvQcILTg5kChjYNns1fD5ELdsYB/VVgVmBtqKQj9A=", "owner": "nix-community", "repo": "NUR", - "rev": "ddb679f4131e819efe3bbc6457ba19d7ad116f25", + "rev": "6ca27b2654ac55e3f6e0ca434c1b4589ae22b370", "type": "github" }, "original": { @@ -1048,11 +1190,11 @@ ] }, "locked": { - "lastModified": 1749519371, - "narHash": "sha256-UJONN7mA2stweZCoRcry2aa1XTTBL0AfUOY84Lmqhos=", + "lastModified": 1756087852, + "narHash": "sha256-4jc3JDQt75fYXFrglgqyzF6C6zLU0QGLymzian4aP+U=", "owner": "pyproject-nix", "repo": "build-system-pkgs", - "rev": "7c06967eca687f3482624250428cc12f43c92523", + "rev": "6edb3ae27395cd88be3d64b732d1539957dad59c", "type": "github" }, "original": { @@ -1069,11 +1211,11 @@ ] }, "locked": { - "lastModified": 1750499893, - "narHash": "sha256-ThKBd8XSvITAh2JqU7enOp8AfKeQgf9u7zYC41cnBE4=", + "lastModified": 1756395552, + "narHash": "sha256-5aJM14MpoLk2cdZAetu60OkLQrtFLWTICAyn1EP7ZpM=", "owner": "pyproject-nix", "repo": "pyproject.nix", - "rev": "e824458bd917b44bf4c38795dea2650336b2f55d", + "rev": "030dffc235dcf240d918c651c78dc5f158067b51", "type": "github" }, "original": { @@ -1082,6 +1224,27 @@ "type": "github" } }, + "qubit-quilt": { + "inputs": { + "booktheme": "booktheme", + "export_templates": "export_templates", + "nixpkgs": "nixpkgs_10" + }, + "locked": { + "lastModified": 1757509969, + "narHash": "sha256-REVjNzIxTBRRlPyCHAE48zOi+uh4Kl6CSruZjqPxneA=", + "owner": "itepastra", + "repo": "Quantum-surface-application", + "rev": "b8664751b6c88fdf9b6f18151f46c432f21403ee", + "type": "github" + }, + "original": { + "owner": "itepastra", + "ref": "qubit-controls", + "repo": "Quantum-surface-application", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", @@ -1096,6 +1259,7 @@ "nixcord": "nixcord", "nixpkgs": "nixpkgs_7", "nixsg": "nixsg", + "qubit-quilt": "qubit-quilt", "stylix": "stylix", "tsunami": "tsunami_2" } @@ -1130,7 +1294,7 @@ "firefox-gnome-theme": "firefox-gnome-theme", "flake-parts": "flake-parts_3", "gnome-shell": "gnome-shell", - "nixpkgs": "nixpkgs_9", + "nixpkgs": "nixpkgs_11", "nur": "nur", "systems": "systems_6", "tinted-foot": "tinted-foot", @@ -1140,11 +1304,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1755997543, - "narHash": "sha256-/fejmCQ7AWa655YxyPxRDbhdU7c5+wYsFSjmEMXoBCM=", + "lastModified": 1757360005, + "narHash": "sha256-VwzdFEQCpYMU9mc7BSQGQe5wA1MuTYPJnRc9TQCTMcM=", "owner": "danth", "repo": "stylix", - "rev": "f47c0edcf71e802378b1b7725fa57bb44fe85ee8", + "rev": "834a743c11d66ea18e8c54872fbcc72ce48bc57f", "type": "github" }, "original": { @@ -1294,11 +1458,11 @@ "tinted-schemes": { "flake": false, "locked": { - "lastModified": 1750770351, - "narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=", + "lastModified": 1754779259, + "narHash": "sha256-8KG2lXGaXLUE0F/JVwLQe7kOVm21IDfNEo0gfga5P4M=", "owner": "tinted-theming", "repo": "schemes", - "rev": "5a775c6ffd6e6125947b393872cde95867d85a2a", + "rev": "097d751b9e3c8b97ce158e7d141e5a292545b502", "type": "github" }, "original": { @@ -1310,11 +1474,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1751159871, - "narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=", + "lastModified": 1754788770, + "narHash": "sha256-LAu5nBr7pM/jD9jwFc6/kyFY4h7Us4bZz7dvVvehuwo=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "bded5e24407cec9d01bd47a317d15b9223a1546c", + "rev": "fb2175accef8935f6955503ec9dd3c973eec385c", "type": "github" }, "original": { @@ -1326,11 +1490,11 @@ "tinted-zed": { "flake": false, "locked": { - "lastModified": 1751158968, - "narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=", + "lastModified": 1755613540, + "narHash": "sha256-zBFrrTxHLDMDX/OYxkCwGGbAhPXLi8FrnLhYLsSOKeY=", "owner": "tinted-theming", "repo": "base16-zed", - "rev": "86a470d94204f7652b906ab0d378e4231a5b3384", + "rev": "937bada16cd3200bdbd3a2f5776fc3b686d5cba0", "type": "github" }, "original": { @@ -1397,11 +1561,11 @@ ] }, "locked": { - "lastModified": 1750987094, - "narHash": "sha256-GujDElxLgYatnNvuL1U6qd18lcuG6anJMjpfYRScV08=", + "lastModified": 1756466761, + "narHash": "sha256-ALXRHIMXQ4qVNfCbcWykC23MjMwUoHn9BreoBfqmq0Y=", "owner": "pyproject-nix", "repo": "uv2nix", - "rev": "4b703d851b61e664a70238711a8ff0efa1aa2f52", + "rev": "0529e6d8227517205afcd1b37eee3088db745730", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index b202924..0ca86f6 100644 --- a/flake.nix +++ b/flake.nix @@ -45,6 +45,20 @@ }; # scrolling window manager niri.url = "github:YaLTeR/niri"; + # alternative nix implementation + lix = { + url = "git+https://git.lix.systems/lix-project/lix.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # module for lix + lix-module = { + url = "git+https://git.lix.systems/lix-project/nixos-module.git"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.lix.follows = "lix"; + }; + qubit-quilt = { + url = "github:itepastra/Quantum-surface-application/qubit-controls"; + }; # declarative vencord client nixcord.url = "github:kaylorben/nixcord"; # for styling apps etc in a consistent theme diff --git a/hosts/lambdaos/configuration.nix b/hosts/lambdaos/configuration.nix index 7944cad..6b7a21c 100644 --- a/hosts/lambdaos/configuration.nix +++ b/hosts/lambdaos/configuration.nix @@ -91,6 +91,16 @@ "nvidia_uvm" ]; + programs = { + nix-ld = { + enable = true; + libraries = with pkgs; [ + libc + icu + ]; + }; + }; + services = { postgresql = { enable = true; diff --git a/hosts/nuos/configuration.nix b/hosts/nuos/configuration.nix index ebddbde..7694e5f 100644 --- a/hosts/nuos/configuration.nix +++ b/hosts/nuos/configuration.nix @@ -10,9 +10,6 @@ config, ... }: -let - enableFlurry = true; -in { imports = [ # Include the results of the hardware scan. @@ -23,6 +20,7 @@ in (modulesPath + "/profiles/qemu-guest.nix") ./home-assistant.nix + ./nginx.nix ../../common ]; @@ -216,7 +214,7 @@ in }; "flurry" = { - enable = enableFlurry; + enable = (import ./toggles.nix).enableFlurry; description = "Pixelflut server"; serviceConfig = { ExecStart = "${ @@ -337,19 +335,6 @@ in }; services = { - authentik = { - enable = true; - environmentFile = config.age.secrets."authentik/env".path; - nginx = { - enable = true; - enableACME = true; - host = "auth.itepastra.nl"; - }; - settings = { - disable_startup_analytics = true; - avatars = "initials"; - }; - }; factorio = { enable = false; # package = pkgs.factorio-headless.override { @@ -404,96 +389,32 @@ in }; }; }; - nginx = - let - - extra = '' - client_max_body_size 50000M; - - proxy_redirect off; - - proxy_read_timeout 600s; - proxy_send_timeout 600s; - send_timeout 600s;''; - proxy = name: url: { - forceSSL = true; - useACMEHost = name; - extraConfig = extra; - locations."/" = { - proxyWebsockets = true; - proxyPass = url; - }; - }; - in - { - enable = true; - package = pkgs.nginx.override { - modules = [ pkgs.nginxModules.brotli ]; - }; - - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedBrotliSettings = true; - sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; - - virtualHosts = lib.mkMerge [ - ({ - "noa.voorwaarts.nl" = { - forceSSL = true; - enableACME = true; - extraConfig = extra; - locations."/" = { - proxyWebsockets = true; - proxyPass = "http://192.168.42.5:8000"; - }; - }; - - "images.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:2283/"; - "maintenance.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:5000/"; - "map.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://127.0.0.1:8123/"; - - "itepastra.nl" = { - forceSSL = true; - enableACME = true; - extraConfig = extra; - locations."/" = { - proxyWebsockets = true; - proxyPass = "http://192.168.42.5:9001/"; - }; - }; - - "calendar.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:29341"; - - # home-assistant proxy - "home.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:8123"; - }) - - (lib.mkIf enableFlurry { - "flurry.itepastra.nl" = proxy "itepastra.nl" "http://127.0.0.1:3000"; - }) - ]; - }; }; security.acme = { acceptTerms = true; defaults.email = "noa@voorwaarts.nl"; - certs = { - "noa.voorwaarts.nl".extraDomainNames = [ - "images.noa.voorwaarts.nl" - "maintenance.noa.voorwaarts.nl" - "map.noa.voorwaarts.nl" - ]; - "itepastra.nl".extraDomainNames = [ - "locked.itepastra.nl" - "calendar.itepastra.nl" - "home.itepastra.nl" - ] - ++ [ - (lib.mkIf enableFlurry "flurry.itepastra.nl") - ]; - }; + certs = lib.mkMerge [ + ({ + "noa.voorwaarts.nl".extraDomainNames = [ + "images.noa.voorwaarts.nl" + "maintenance.noa.voorwaarts.nl" + "map.noa.voorwaarts.nl" + ]; + "itepastra.nl".extraDomainNames = [ + "locked.itepastra.nl" + "calendar.itepastra.nl" + "home.itepastra.nl" + ] + ++ [ + (lib.mkIf (import ./toggles.nix).enableFlurry "flurry.itepastra.nl") + ]; + }) + (lib.mkIf (import ./toggles.nix).enableQubitQuilt { + "geenit.nl" = { }; + }) + ]; + }; stylix = { diff --git a/hosts/nuos/nginx.nix b/hosts/nuos/nginx.nix new file mode 100644 index 0000000..803d061 --- /dev/null +++ b/hosts/nuos/nginx.nix @@ -0,0 +1,91 @@ +{ + pkgs, + lib, + inputs, + ... +}: +let + enableFlurry = true; + enableQubitQuilt = true; +in +{ + services.nginx = + let + + extra = '' + client_max_body_size 50000M; + + proxy_redirect off; + + proxy_read_timeout 600s; + proxy_send_timeout 600s; + send_timeout 600s;''; + proxy = name: url: { + forceSSL = true; + useACMEHost = name; + extraConfig = extra; + locations."/" = { + proxyWebsockets = true; + proxyPass = url; + }; + }; + in + { + enable = true; + package = pkgs.nginx.override { + modules = [ pkgs.nginxModules.brotli ]; + }; + + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedBrotliSettings = true; + sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; + + virtualHosts = lib.mkMerge [ + ({ + "noa.voorwaarts.nl" = { + forceSSL = true; + enableACME = true; + extraConfig = extra; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://192.168.42.5:8000"; + }; + }; + + "images.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:2283/"; + "maintenance.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://192.168.42.5:5000/"; + "map.noa.voorwaarts.nl" = proxy "noa.voorwaarts.nl" "http://127.0.0.1:8123/"; + + "itepastra.nl" = { + forceSSL = true; + enableACME = true; + extraConfig = extra; + locations."/" = { + proxyWebsockets = true; + proxyPass = "http://192.168.42.5:9001/"; + }; + }; + + "calendar.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:29341"; + + # home-assistant proxy + "home.itepastra.nl" = proxy "itepastra.nl" "http://[::1]:8123"; + }) + (lib.mkIf (import ./toggles.nix).enableFlurry { + "flurry.itepastra.nl" = proxy "itepastra.nl" "http://127.0.0.1:3000"; + }) + (lib.mkIf (import ./toggles.nix).enableQubitQuilt { + "geenit.nl" = { + forceSSL = true; + enableACME = true; + extraConfig = extra; + locations."/" = { + root = inputs.qubit-quilt.packages."x86_64-linux".default; + }; + }; + }) + ]; + }; +} diff --git a/hosts/nuos/toggles.nix b/hosts/nuos/toggles.nix new file mode 100644 index 0000000..19a7a6b --- /dev/null +++ b/hosts/nuos/toggles.nix @@ -0,0 +1,4 @@ +{ + enableFlurry = true; + enableQubitQuilt = true; +} diff --git a/modules/games/steam.nix b/modules/games/steam.nix index 98de4bf..d7aa1c0 100644 --- a/modules/games/steam.nix +++ b/modules/games/steam.nix @@ -17,11 +17,6 @@ dedicatedServer.openFirewall = true; }; - alvr = { - enable = true; - openFirewall = true; - }; - gamemode.enable = true; }; diff --git a/packages/niri-config/template.kdl b/packages/niri-config/template.kdl index aa143dd..1545511 100644 --- a/packages/niri-config/template.kdl +++ b/packages/niri-config/template.kdl @@ -23,10 +23,6 @@ input { focus-follows-mouse max-scroll-amount="40%" } -debug { - wait-for-frame-completion-in-pipewire -} - environment { DISPLAY ":0" }