From 35d822799be90580ecc4168ff81effa9447c736f Mon Sep 17 00:00:00 2001 From: smad Date: Wed, 22 Oct 2025 16:59:40 +0200 Subject: [PATCH] first commit --- ca.pem | 31 +++ flake.lock | 48 +++++ flake.nix | 54 ++++++ fullchain.pem | 68 +++++++ hosts/server/ca.pem | 31 +++ hosts/server/configuration.nix | 178 ++++++++++++++++++ hosts/server/fullchain.pem | 68 +++++++ hosts/server/hardware-configuration.nix | 38 ++++ hosts/server/home.nix | 87 +++++++++ hosts/worker/ca.pem | 31 +++ hosts/worker/configuration.nix | 174 +++++++++++++++++ hosts/worker/fullchain.pem | 68 +++++++ hosts/worker/hardware-configuration.nix | 38 ++++ hosts/worker/home.nix | 87 +++++++++ modules/home-manager/btop.nix | 11 ++ modules/home-manager/tmux.nix | 7 + modules/nixos/amon.nix | 30 +++ modules/nixos/asura.nix | 30 +++ modules/nixos/baal.nix | 30 +++ modules/nixos/belial.nix | 30 +++ modules/nixos/gaap.nix | 30 +++ modules/nixos/ifrit.nix | 30 +++ modules/nixos/mara.nix | 30 +++ modules/nixos/moloch.nix | 30 +++ modules/nixos/smad.nix | 31 +++ .../catpucchin/btop/catppuccin_frappe.theme | 83 ++++++++ themes/catpucchin/btop/catppuccin_latte.theme | 84 +++++++++ .../btop/catppuccin_macchiato.theme | 83 ++++++++ themes/catpucchin/btop/catppuccin_mocha.theme | 83 ++++++++ 29 files changed, 1623 insertions(+) create mode 100644 ca.pem create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 fullchain.pem create mode 100644 hosts/server/ca.pem create mode 100644 hosts/server/configuration.nix create mode 100644 hosts/server/fullchain.pem create mode 100644 hosts/server/hardware-configuration.nix create mode 100644 hosts/server/home.nix create mode 100644 hosts/worker/ca.pem create mode 100644 hosts/worker/configuration.nix create mode 100644 hosts/worker/fullchain.pem create mode 100644 hosts/worker/hardware-configuration.nix create mode 100644 hosts/worker/home.nix create mode 100644 modules/home-manager/btop.nix create mode 100644 modules/home-manager/tmux.nix create mode 100644 modules/nixos/amon.nix create mode 100644 modules/nixos/asura.nix create mode 100644 modules/nixos/baal.nix create mode 100644 modules/nixos/belial.nix create mode 100644 modules/nixos/gaap.nix create mode 100644 modules/nixos/ifrit.nix create mode 100644 modules/nixos/mara.nix create mode 100644 modules/nixos/moloch.nix create mode 100644 modules/nixos/smad.nix create mode 100644 themes/catpucchin/btop/catppuccin_frappe.theme create mode 100644 themes/catpucchin/btop/catppuccin_latte.theme create mode 100644 themes/catpucchin/btop/catppuccin_macchiato.theme create mode 100644 themes/catpucchin/btop/catppuccin_mocha.theme diff --git a/ca.pem b/ca.pem new file mode 100644 index 0000000..c0b8179 --- /dev/null +++ b/ca.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFSzCCAzOgAwIBAgIUHUOaGhxpyfBqp26tObthWeSavXIwDQYJKoZIhvcNAQEL +BQAwNTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoM +CG1hZHJpZ2FsMB4XDTI1MDkxNjE1NTA1MloXDTM1MDkxNDE1NTA1MlowNTELMAkG +A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoMCG1hZHJpZ2Fs +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyxyH1uvcTq+ZuQbu22gW +TsAjY2xHbnW9toLtR+ifn+OJPR850964zhTZ+755b+IF46mw4ToKXhrUhwFmy9uh +dNP5tAHysqrTOh+60hjxO/RC3fyOWWAxy2+a/D5dB15GZ1JqLV/lysLvfb3BJ0ZO +JFddsbNPbijIQlA6ntkpc1rv0UVPnus6MrTksXU8UOGmD/ldlu5u/3u/pYWU0n1C +3JJyW2nFOgx1MpT0fku3Xx5HIG41S4PWJ/50vwkmVoXDE1cmxoO4SmbvLNPpw41C +pnVucL3b4mwBsnYMXUiygwdupxnfNfX6EblG7cGF93/R90MWp5pfQyByjVlZ6E/J +2xZJCWLMguSSfVF+NBuprUFhPzxBDpGdHBMHag8B5rRPdw9QwKGV2K4fskDxk4X4 +HswHXbXB+oYL7yKNttVP2+dua9eGT8xZI6te0ppxK5E7uoFdsQHQN+riRSC50VuT +IQPuNByE0Tkdu1Sa8+jsiL/wCpmLSs1kLq15IOlAAEZSta6ZWw24Ua0kwb1F7LZt +BLgWAucAHkTJasopJl6IPOxGdfl9tpFzQ+I1izQuhRgfXTBJRbcemA8dJw6qVEe4 +ppJFykiopmAi8L33f6l7VbJU/M4l9FcB0kpA5lrZ6EICDxsihc568mWrdg3Kj1pW +56mKar5r0oZgCuxfj3zvdr0CAwEAAaNTMFEwHQYDVR0OBBYEFL6gtvcLz11vGar6 +smDnBp2fbVzZMB8GA1UdIwQYMBaAFL6gtvcLz11vGar6smDnBp2fbVzZMA8GA1Ud +EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAMPb5lOh9/SFcnAM7pOO+8H8 +X7ID/yDAeiU43NV0PHnvcyKQM6s+22ZlAxqe3rZ3Ajx5yb2ED4cV+iA4W7Pt88j4 +MuriFU8sUh209XwRXCtigw5hwtNyLmdYmyFS2azikLMg9fJ/oHYY8GnOg4JSp0tO +nX63FID1bCuN/kU7RSjb3HVSuoQcEizQbE9DE1Fo9JA36qyagKCzvfW1KNhqPkUu +ofTgjVnmTcbRtkUSxp9bzvYZOgnwLSyoCVYAnNSZjmM7DZMGtvJjgoEOlV1OBtFR +4IasRoczElscXr2NEH967HO8P/4XJDr17wJaQpnZ8Plsw/7TXfSNH6EG+eU1fREn +hSCZOogGMNZHi/L7i4UlvZhwm/I6Lt7IkH8zCCMp0Ilr9gexLmGPMus7kolmQxCG +4d1AT5CY1/z+hPQAyepErvy9EynHE+yYhfbV2YV8u+sxqnCZsvGaStCe6xV6o/UK +gKXkVgW/ulD1nvcrMmsGrWTCMYwO0zefxJtZqXB3ICBnTV5cwj0g88EqPQP9yvcr +nyXNQfg4dnCj63tylfE/v23RPpXmNnE0kjjpL8znNDoizrUV58aC/JwwkFCTV6MY +aeof4jzsHa7LPiYrIIr+zNX+MoCPaaRxGifBE0i4uY0yvka7eJHFtB35aPMojnnz +LZ4GGlHmVuUac04JUcKT +-----END CERTIFICATE----- diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..e000621 --- /dev/null +++ b/flake.lock @@ -0,0 +1,48 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1753282444, + "narHash": "sha256-QGeWgozKiGBTJrLYnXd9xwOY9HKsm4cFHsU8fopGVnU=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "62975b8e23c4e39599b3303f6e76faa280a02c63", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1752950548, + "narHash": "sha256-NS6BLD0lxOrnCiEOcvQCDVPXafX1/ek1dfJHX1nUIzc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c87b95e25065c028d31a94f06a62927d18763fdf", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..31759d4 --- /dev/null +++ b/flake.nix @@ -0,0 +1,54 @@ +# + +{ + + + description = "Nixos config flake"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; +## proxmox-nixos.url = "github:SaumonNet/proxmox-nixos"; + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + + outputs = { self, nixpkgs, ... }@inputs: { + # use "nixos", or your hostname as the name of the configuration + # it's a better practice than "default" shown in the video + nixosConfigurations.nixxramas = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = {inherit inputs;}; + modules = [ + ./hosts/nixxramas/configuration.nix + inputs.home-manager.nixosModules.default +## proxmox-nixos.nixosModules.proxmox-ve + +## ({pkgs,lib, ...}: { +## services.proxmox-ve = { +## enable = true; +## ipAddress = "192.168.0.1"; +## }; +## nixpkgs.overlays = [ +## proxmox-nixos.overlays.${system} +## ]; +## }) + ]; + }; + nixosConfigurations.server = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs;}; + modules = [ + ./hosts/server/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + nixosConfigurations.worker = nixpkgs.lib.nixosSystem { + specialArgs = {inherit inputs;}; + modules = [ + ./hosts/worker/configuration.nix + inputs.home-manager.nixosModules.default + ]; + }; + }; +} diff --git a/fullchain.pem b/fullchain.pem new file mode 100644 index 0000000..447c7ce --- /dev/null +++ b/fullchain.pem @@ -0,0 +1,68 @@ +-----BEGIN CERTIFICATE----- +MIIFzjCCA7agAwIBAgIUaqLdBL4bX5sEJlkOxCsjSFeOQM0wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAkRFMR8wHQYDVQQIDBZOb3J0aCBSaGluZS1XZXN0cGhh +bGlhMREwDwYDVQQHDAhEdWlzYnVyZzEpMCcGA1UECgwgTWVpc3RlcmJldHJpZWIg +VGhvbWFzIFRlcGFzcyBTSEsxFjAUBgNVBAMMDVRob21hcyBUZXBhc3MwIBcNMjUw +OTA5MTUyMTMzWhgPMjA2MzAxMjMxNTIxMzNaMBgxFjAUBgNVBAMMDW1hZHJpZ2Fs +LmhvbWUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8qfL1vPz7xKKQ +lERS8gCOS+F7xXGYiNrNkhEsiyQINGb6SIz6QJKVUy6cXUs1YFQFirPCDwT3xh3J +UAcPSuAIaiHAZYE1TOC9OJUhR3+ckKK+zMq3Qigjo8Y42W2rSZafjsG2Qcr3UYky +9tV4fPkNx9/HwPIoKihz5MhqUs9HowvkHAFq8WLTAmpiVkNChM0qll9CtQJzyiSB +qffgIWzgx6GhbdEFseuV718v7RoXAHNltZO+C7jqkiSrVd7kH3cQBYuorFIxKeFq +qs0yOg73ilmbfvzNIpIkHwcDBnzwdILmr/wEdXtBnuepc/rXabJx7NrthIwMF7In +VjQ1Gc9bETG2ZUDJ6wVW+7jOT1fMNTLYvfTst9Vjb0JSo5LPxpPQv0bcD22g9mp0 +pj4AutQaWAPAJMExs+ClV6HwfVGJFXcKpiGt9ZtGRcVvQvfym/L9iuoFE+VCz2bt +mDjId/SrC0baB6a0OwpAsh5Bxahu6mDKht5sJXO0D5aizDQmA5gaTBtx044ZAkzq +Fj4qqA19UxbeXnWWN81xjYOK5kwFpnjwTM6KdsazUGcA+aM3xYRRAjczlCIbzg6o +TrqOzLJV2ea2TpPkggJQ6XOs0KVqtBwjuwbCnX4+NJca/Sygq3Cqu20XBeawH4bp +KlxhZl/qU4CpOzje1AzCMmLLQINlGQIDAQABo4GgMIGdMFsGA1UdEQRUMFKCDyou +bWFkcmlnYWwuaG9tZYINKi50ZXBhc3MuaG9tZYIKKi5uYXMuaG9tZYINbWFkcmln +YWwuaG9tZYILdGVwYXNzLmhvbWWCCG5hcy5ob21lMB0GA1UdDgQWBBTuFkhjY7Qr +BkQqlHuaOQsLBvsS5DAfBgNVHSMEGDAWgBR4lUkjIMJjZ/zjE7X3Ckx3ufzVJjAN +BgkqhkiG9w0BAQsFAAOCAgEAb5KXejT/moh+nPtpNgwleK47gh/Th3ZY8x1kpFP+ +I8xPLzVIJIdjtU1g5XDwY/i3tPAfu+LBhu+xrLL7EyZrT6atCTNWo09nK++sgYA7 +VwpTKvsaiM4j7LQAK9NeYaBlK2GThnTy0wGPCV1Vm5R4UQ0UeI9btAtg+TLp/5V2 +qG+IvMyyCkt12buRKw7wV29t7If3AJPkOw/LFqNVow0QFU49i9flVJzE7odbH2bj +4jdgJnH8TbYKi30VnRmysIgglVUt69TDINZRf9dTmvritTlDmNZyjBCOL42b8HXQ +vhXwnItPr4AQvc19+1x1FHczvaHCRtpS5rdvCg50/q+NBJW7+BFXeU7jXOS7Dlcl +C+Dq185DU1fx0Pl3t20FNdoe9ek4S7L58H/DXujhfX5men0xlRujfJDUHxtgX1SA +GpAY60HS9BN5k+CzS3IOGEQwIJnaADuCb3HTV+6Dwy8dGe7cKVWa0ur3D0MMHan/ +d2rzdtW88ZJ1K7/8q+rEBbrWBU11IBSJQDIKVgHFW6oWiczHms6FBGnXp9P8gp2K +vOtpgRvqtKJOpVvJE4OFU3tGWG9M3O/c71Rslae6zLO033MEx7Vq3oI1GSVgXHk4 +XVGEoqt9psi7kEqn5CHzVnnOrtXObikA52XD2vXvbBnTggYQ9JfBEkyA12j5dDwS +WZk= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF6zCCA9OgAwIBAgIUTPMzEwxNcX2E8na24Kmeo2eFwR4wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAkRFMR8wHQYDVQQIDBZOb3J0aCBSaGluZS1XZXN0cGhh +bGlhMREwDwYDVQQHDAhEdWlzYnVyZzEpMCcGA1UECgwgTWVpc3RlcmJldHJpZWIg +VGhvbWFzIFRlcGFzcyBTSEsxFjAUBgNVBAMMDVRob21hcyBUZXBhc3MwHhcNMjUw +OTA5MTUwODA5WhcNMzUwOTA3MTUwODA5WjCBhDELMAkGA1UEBhMCREUxHzAdBgNV +BAgMFk5vcnRoIFJoaW5lLVdlc3RwaGFsaWExETAPBgNVBAcMCER1aXNidXJnMSkw +JwYDVQQKDCBNZWlzdGVyYmV0cmllYiBUaG9tYXMgVGVwYXNzIFNISzEWMBQGA1UE +AwwNVGhvbWFzIFRlcGFzczCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +AOPXp1FfICsnsJ4ZVAKx4iurfF2hVnrAhPHZ02qQW8APCrp2JjH00HqpOM9s0kIr +CiVzN2rKoLAEhe8LHlaM1ncQ4ui5UHcbGeyxv3xrhyYAD85joevSNnku01q1MpPr +G2xSC5v5iXEQPr1x8ZaJAu6ajUeqQDQbKSs62dCA8H1x64qMigIIvpdLvD2/C67u +o5W4p1oGeOnjr1VRyqpbt052BLWFvGiGbMSa2VOSCHzbTTEEs79ODYqRgnaJRVz3 +Np9DQQdcglrAytta/8vTvBDik8XKpUzWCJVnfQiaLr4/2oSoBQMI9qlspVkm43oL +z1nTWJ8NRdgHXlf6GXKqdQQSXn5EgqVDHZLHh8qgQADAE/LQpWEcBosEJmeao4LH +Dv6fjfepAjxlcdFxjITzL2LCnS30mMl/XT+wfdF8KUBioeLscvyxoXJd4JOT5wJD +jokH50llajNW/1SIeXTt2/VPSzVkgHBMq3YTbsp0XL7vfBQabT6Sb+Bk7jc46bkk +O5rK2+ULVVC9wR7AkPNhzX4+Z9AOGaahHtzMBWypzYcanHYyxazwP3oswi8lJm2V +2TPAodRP8Abvp/DFdne6F8CEDZZHmabSFbDWb5hu6HVsmWEWuFc8a7+AJ6AXwixG +Q4MtnGjR5Cq2/XPsxOlKqpjnOnrmG+6uHqnCIYJO8p2bAgMBAAGjUzBRMB0GA1Ud +DgQWBBR4lUkjIMJjZ/zjE7X3Ckx3ufzVJjAfBgNVHSMEGDAWgBR4lUkjIMJjZ/zj +E7X3Ckx3ufzVJjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBR +t/rQdRDoSObgtLYEgzJZdxYtfgEYNUdXTPCDYpu7qblQsoCmxw98Kw1g5H4Kuy/q +sWxFAB3y/Xue5MdWldryMYrOyJ4gT0tjprxz209AtaaRRHrcIVIUVmCU6lYXVL72 +QLE8Ja7Et6l4Ta+z41o6blhDZQBUrWCCSWWHatXDb6xuswUu4sniIv2I0Bkb9bas +z3sZtBAftBFopZbo+o/KHmzxGUNLEpt5zcoLH0dgJ6vbh2IDl8p361KoDlaFCyq4 +HHTODWGsJFuYtmeCFUBIOB0zn2ABd5PLNn+FPG88LZBWKjy25bI9kEjSSsux5JO5 +mF0oTpjOrtJcPj0rlDjgVzhJtewAUHhGgXTM0e451YmoQk/kDcZ/GawUhBrnW5nQ +QcNzSoIGtPiAcvl0B/11KCtBeXJnSi62yr5z1w+MyyYYGJRlahA+wKqAUJT8/TD1 +bN8Wvv+7G7MFAs9zx3ycyD79o0jLHbnAIKb2CJO8EByTR2MJZlwV+RBi9byZZpmT +p6ss0nZT5wsSNful4iWvs+abA/ywm42u8a98fzVNlqO/q4ippF5ezBm2nLcHil3r +4dtN8Hwk3iEKrzBkV81UK8Gx/KXPq+qKl6g+YANBBLrQvh/FgHPLa3NXr7Xd3IP7 +3L+W0Cr/jrVHUtty4Znfxeat2+DmhEuz/ihk/wmqSw== +-----END CERTIFICATE----- diff --git a/hosts/server/ca.pem b/hosts/server/ca.pem new file mode 100644 index 0000000..c0b8179 --- /dev/null +++ b/hosts/server/ca.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFSzCCAzOgAwIBAgIUHUOaGhxpyfBqp26tObthWeSavXIwDQYJKoZIhvcNAQEL +BQAwNTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoM +CG1hZHJpZ2FsMB4XDTI1MDkxNjE1NTA1MloXDTM1MDkxNDE1NTA1MlowNTELMAkG +A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoMCG1hZHJpZ2Fs +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyxyH1uvcTq+ZuQbu22gW +TsAjY2xHbnW9toLtR+ifn+OJPR850964zhTZ+755b+IF46mw4ToKXhrUhwFmy9uh +dNP5tAHysqrTOh+60hjxO/RC3fyOWWAxy2+a/D5dB15GZ1JqLV/lysLvfb3BJ0ZO +JFddsbNPbijIQlA6ntkpc1rv0UVPnus6MrTksXU8UOGmD/ldlu5u/3u/pYWU0n1C +3JJyW2nFOgx1MpT0fku3Xx5HIG41S4PWJ/50vwkmVoXDE1cmxoO4SmbvLNPpw41C +pnVucL3b4mwBsnYMXUiygwdupxnfNfX6EblG7cGF93/R90MWp5pfQyByjVlZ6E/J +2xZJCWLMguSSfVF+NBuprUFhPzxBDpGdHBMHag8B5rRPdw9QwKGV2K4fskDxk4X4 +HswHXbXB+oYL7yKNttVP2+dua9eGT8xZI6te0ppxK5E7uoFdsQHQN+riRSC50VuT +IQPuNByE0Tkdu1Sa8+jsiL/wCpmLSs1kLq15IOlAAEZSta6ZWw24Ua0kwb1F7LZt +BLgWAucAHkTJasopJl6IPOxGdfl9tpFzQ+I1izQuhRgfXTBJRbcemA8dJw6qVEe4 +ppJFykiopmAi8L33f6l7VbJU/M4l9FcB0kpA5lrZ6EICDxsihc568mWrdg3Kj1pW +56mKar5r0oZgCuxfj3zvdr0CAwEAAaNTMFEwHQYDVR0OBBYEFL6gtvcLz11vGar6 +smDnBp2fbVzZMB8GA1UdIwQYMBaAFL6gtvcLz11vGar6smDnBp2fbVzZMA8GA1Ud +EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAMPb5lOh9/SFcnAM7pOO+8H8 +X7ID/yDAeiU43NV0PHnvcyKQM6s+22ZlAxqe3rZ3Ajx5yb2ED4cV+iA4W7Pt88j4 +MuriFU8sUh209XwRXCtigw5hwtNyLmdYmyFS2azikLMg9fJ/oHYY8GnOg4JSp0tO +nX63FID1bCuN/kU7RSjb3HVSuoQcEizQbE9DE1Fo9JA36qyagKCzvfW1KNhqPkUu +ofTgjVnmTcbRtkUSxp9bzvYZOgnwLSyoCVYAnNSZjmM7DZMGtvJjgoEOlV1OBtFR +4IasRoczElscXr2NEH967HO8P/4XJDr17wJaQpnZ8Plsw/7TXfSNH6EG+eU1fREn +hSCZOogGMNZHi/L7i4UlvZhwm/I6Lt7IkH8zCCMp0Ilr9gexLmGPMus7kolmQxCG +4d1AT5CY1/z+hPQAyepErvy9EynHE+yYhfbV2YV8u+sxqnCZsvGaStCe6xV6o/UK +gKXkVgW/ulD1nvcrMmsGrWTCMYwO0zefxJtZqXB3ICBnTV5cwj0g88EqPQP9yvcr +nyXNQfg4dnCj63tylfE/v23RPpXmNnE0kjjpL8znNDoizrUV58aC/JwwkFCTV6MY +aeof4jzsHa7LPiYrIIr+zNX+MoCPaaRxGifBE0i4uY0yvka7eJHFtB35aPMojnnz +LZ4GGlHmVuUac04JUcKT +-----END CERTIFICATE----- diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix new file mode 100644 index 0000000..5efee2e --- /dev/null +++ b/hosts/server/configuration.nix @@ -0,0 +1,178 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, inputs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + inputs.home-manager.nixosModules.default + ../../modules/nixos/smad.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "nova"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + nix.settings.experimental-features = ["nix-command" "flakes"]; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + networking.networkmanager.dns= "none"; + networking.useDHCP = false; + networking.dhcpcd.enable = false; + networking.nameservers =["192.168.178.43"]; + networking.dhcpcd.extraConfig = '' + nohook resolv.conf +''; + networking.firewall.allowedTCPPorts = [ 80 443 8080]; + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "de_DE.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the XFCE Desktop Environment. + services.xserver.displayManager.lightdm.enable = true; + services.xserver.desktopManager.xfce.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + # Enable CUPS to print documents. + services.printing.enable = true; + + #Enable WG + + + # Enable sound with pipewire. + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Dont forget to set a password with ‘passwd’. +# users.users.smad = { +# isNormalUser = true; +# description = "superuser madrigal"; +# extraGroups = [ "networkmanager" "wheel" "docker"]; +# shell = pkgs.fish; +# packages = with pkgs; [ + # thunderbird +# ]; +# }; + home-manager = { + # also inputs to home-manager modules + extraSpecialArgs = { inherit inputs;}; + users = { + "smad" = import ./home.nix; + }; + }; + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + # security + security.pki.certificateFiles = [ + ./fullchain.pem + ./ca.pem + ]; + + # Install firefox. + programs.firefox.enable = true; + programs.fish.enable = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + kitty + fish + wget + git + ranger + fastfetch + docker-compose + dysk + brave + rustdesk + zoxide + bind + lynx + openssl + wireguard-tools + nettools + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + virtualisation.docker.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "25.05"; # Did you read the comment? + +} diff --git a/hosts/server/fullchain.pem b/hosts/server/fullchain.pem new file mode 100644 index 0000000..447c7ce --- /dev/null +++ b/hosts/server/fullchain.pem @@ -0,0 +1,68 @@ +-----BEGIN CERTIFICATE----- +MIIFzjCCA7agAwIBAgIUaqLdBL4bX5sEJlkOxCsjSFeOQM0wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAkRFMR8wHQYDVQQIDBZOb3J0aCBSaGluZS1XZXN0cGhh +bGlhMREwDwYDVQQHDAhEdWlzYnVyZzEpMCcGA1UECgwgTWVpc3RlcmJldHJpZWIg +VGhvbWFzIFRlcGFzcyBTSEsxFjAUBgNVBAMMDVRob21hcyBUZXBhc3MwIBcNMjUw +OTA5MTUyMTMzWhgPMjA2MzAxMjMxNTIxMzNaMBgxFjAUBgNVBAMMDW1hZHJpZ2Fs +LmhvbWUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8qfL1vPz7xKKQ +lERS8gCOS+F7xXGYiNrNkhEsiyQINGb6SIz6QJKVUy6cXUs1YFQFirPCDwT3xh3J +UAcPSuAIaiHAZYE1TOC9OJUhR3+ckKK+zMq3Qigjo8Y42W2rSZafjsG2Qcr3UYky +9tV4fPkNx9/HwPIoKihz5MhqUs9HowvkHAFq8WLTAmpiVkNChM0qll9CtQJzyiSB +qffgIWzgx6GhbdEFseuV718v7RoXAHNltZO+C7jqkiSrVd7kH3cQBYuorFIxKeFq +qs0yOg73ilmbfvzNIpIkHwcDBnzwdILmr/wEdXtBnuepc/rXabJx7NrthIwMF7In +VjQ1Gc9bETG2ZUDJ6wVW+7jOT1fMNTLYvfTst9Vjb0JSo5LPxpPQv0bcD22g9mp0 +pj4AutQaWAPAJMExs+ClV6HwfVGJFXcKpiGt9ZtGRcVvQvfym/L9iuoFE+VCz2bt +mDjId/SrC0baB6a0OwpAsh5Bxahu6mDKht5sJXO0D5aizDQmA5gaTBtx044ZAkzq +Fj4qqA19UxbeXnWWN81xjYOK5kwFpnjwTM6KdsazUGcA+aM3xYRRAjczlCIbzg6o +TrqOzLJV2ea2TpPkggJQ6XOs0KVqtBwjuwbCnX4+NJca/Sygq3Cqu20XBeawH4bp +KlxhZl/qU4CpOzje1AzCMmLLQINlGQIDAQABo4GgMIGdMFsGA1UdEQRUMFKCDyou +bWFkcmlnYWwuaG9tZYINKi50ZXBhc3MuaG9tZYIKKi5uYXMuaG9tZYINbWFkcmln +YWwuaG9tZYILdGVwYXNzLmhvbWWCCG5hcy5ob21lMB0GA1UdDgQWBBTuFkhjY7Qr +BkQqlHuaOQsLBvsS5DAfBgNVHSMEGDAWgBR4lUkjIMJjZ/zjE7X3Ckx3ufzVJjAN +BgkqhkiG9w0BAQsFAAOCAgEAb5KXejT/moh+nPtpNgwleK47gh/Th3ZY8x1kpFP+ +I8xPLzVIJIdjtU1g5XDwY/i3tPAfu+LBhu+xrLL7EyZrT6atCTNWo09nK++sgYA7 +VwpTKvsaiM4j7LQAK9NeYaBlK2GThnTy0wGPCV1Vm5R4UQ0UeI9btAtg+TLp/5V2 +qG+IvMyyCkt12buRKw7wV29t7If3AJPkOw/LFqNVow0QFU49i9flVJzE7odbH2bj +4jdgJnH8TbYKi30VnRmysIgglVUt69TDINZRf9dTmvritTlDmNZyjBCOL42b8HXQ +vhXwnItPr4AQvc19+1x1FHczvaHCRtpS5rdvCg50/q+NBJW7+BFXeU7jXOS7Dlcl +C+Dq185DU1fx0Pl3t20FNdoe9ek4S7L58H/DXujhfX5men0xlRujfJDUHxtgX1SA +GpAY60HS9BN5k+CzS3IOGEQwIJnaADuCb3HTV+6Dwy8dGe7cKVWa0ur3D0MMHan/ +d2rzdtW88ZJ1K7/8q+rEBbrWBU11IBSJQDIKVgHFW6oWiczHms6FBGnXp9P8gp2K +vOtpgRvqtKJOpVvJE4OFU3tGWG9M3O/c71Rslae6zLO033MEx7Vq3oI1GSVgXHk4 +XVGEoqt9psi7kEqn5CHzVnnOrtXObikA52XD2vXvbBnTggYQ9JfBEkyA12j5dDwS +WZk= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF6zCCA9OgAwIBAgIUTPMzEwxNcX2E8na24Kmeo2eFwR4wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAkRFMR8wHQYDVQQIDBZOb3J0aCBSaGluZS1XZXN0cGhh +bGlhMREwDwYDVQQHDAhEdWlzYnVyZzEpMCcGA1UECgwgTWVpc3RlcmJldHJpZWIg +VGhvbWFzIFRlcGFzcyBTSEsxFjAUBgNVBAMMDVRob21hcyBUZXBhc3MwHhcNMjUw +OTA5MTUwODA5WhcNMzUwOTA3MTUwODA5WjCBhDELMAkGA1UEBhMCREUxHzAdBgNV +BAgMFk5vcnRoIFJoaW5lLVdlc3RwaGFsaWExETAPBgNVBAcMCER1aXNidXJnMSkw +JwYDVQQKDCBNZWlzdGVyYmV0cmllYiBUaG9tYXMgVGVwYXNzIFNISzEWMBQGA1UE +AwwNVGhvbWFzIFRlcGFzczCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +AOPXp1FfICsnsJ4ZVAKx4iurfF2hVnrAhPHZ02qQW8APCrp2JjH00HqpOM9s0kIr +CiVzN2rKoLAEhe8LHlaM1ncQ4ui5UHcbGeyxv3xrhyYAD85joevSNnku01q1MpPr +G2xSC5v5iXEQPr1x8ZaJAu6ajUeqQDQbKSs62dCA8H1x64qMigIIvpdLvD2/C67u +o5W4p1oGeOnjr1VRyqpbt052BLWFvGiGbMSa2VOSCHzbTTEEs79ODYqRgnaJRVz3 +Np9DQQdcglrAytta/8vTvBDik8XKpUzWCJVnfQiaLr4/2oSoBQMI9qlspVkm43oL +z1nTWJ8NRdgHXlf6GXKqdQQSXn5EgqVDHZLHh8qgQADAE/LQpWEcBosEJmeao4LH +Dv6fjfepAjxlcdFxjITzL2LCnS30mMl/XT+wfdF8KUBioeLscvyxoXJd4JOT5wJD +jokH50llajNW/1SIeXTt2/VPSzVkgHBMq3YTbsp0XL7vfBQabT6Sb+Bk7jc46bkk +O5rK2+ULVVC9wR7AkPNhzX4+Z9AOGaahHtzMBWypzYcanHYyxazwP3oswi8lJm2V +2TPAodRP8Abvp/DFdne6F8CEDZZHmabSFbDWb5hu6HVsmWEWuFc8a7+AJ6AXwixG +Q4MtnGjR5Cq2/XPsxOlKqpjnOnrmG+6uHqnCIYJO8p2bAgMBAAGjUzBRMB0GA1Ud +DgQWBBR4lUkjIMJjZ/zjE7X3Ckx3ufzVJjAfBgNVHSMEGDAWgBR4lUkjIMJjZ/zj +E7X3Ckx3ufzVJjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBR +t/rQdRDoSObgtLYEgzJZdxYtfgEYNUdXTPCDYpu7qblQsoCmxw98Kw1g5H4Kuy/q +sWxFAB3y/Xue5MdWldryMYrOyJ4gT0tjprxz209AtaaRRHrcIVIUVmCU6lYXVL72 +QLE8Ja7Et6l4Ta+z41o6blhDZQBUrWCCSWWHatXDb6xuswUu4sniIv2I0Bkb9bas +z3sZtBAftBFopZbo+o/KHmzxGUNLEpt5zcoLH0dgJ6vbh2IDl8p361KoDlaFCyq4 +HHTODWGsJFuYtmeCFUBIOB0zn2ABd5PLNn+FPG88LZBWKjy25bI9kEjSSsux5JO5 +mF0oTpjOrtJcPj0rlDjgVzhJtewAUHhGgXTM0e451YmoQk/kDcZ/GawUhBrnW5nQ +QcNzSoIGtPiAcvl0B/11KCtBeXJnSi62yr5z1w+MyyYYGJRlahA+wKqAUJT8/TD1 +bN8Wvv+7G7MFAs9zx3ycyD79o0jLHbnAIKb2CJO8EByTR2MJZlwV+RBi9byZZpmT +p6ss0nZT5wsSNful4iWvs+abA/ywm42u8a98fzVNlqO/q4ippF5ezBm2nLcHil3r +4dtN8Hwk3iEKrzBkV81UK8Gx/KXPq+qKl6g+YANBBLrQvh/FgHPLa3NXr7Xd3IP7 +3L+W0Cr/jrVHUtty4Znfxeat2+DmhEuz/ihk/wmqSw== +-----END CERTIFICATE----- diff --git a/hosts/server/hardware-configuration.nix b/hosts/server/hardware-configuration.nix new file mode 100644 index 0000000..4eacc23 --- /dev/null +++ b/hosts/server/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/bcdf8feb-de2c-45db-b929-7c91a1f79ce4"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/F794-8574"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/server/home.nix b/hosts/server/home.nix new file mode 100644 index 0000000..f163410 --- /dev/null +++ b/hosts/server/home.nix @@ -0,0 +1,87 @@ +{ config, pkgs, ... }: + +{ +imports =[ +../../modules/home-manager/btop.nix +]; + # Home Manager needs a bit of information about you and the paths it should + # manage. + home.username = "smad"; + home.homeDirectory = "/home/smad"; + + # This value determines the Home Manager release that your configuration is + # compatible with. This helps avoid breakage when a new Home Manager release + # introduces backwards incompatible changes. + # + # You should not change this value, even if you update Home Manager. If you do + # want to update the value, then make sure to first check the Home Manager + # release notes. + home.stateVersion = "25.05"; # Please read the comment before changing. + + # The home.packages option allows you to install Nix packages into your + # environment. + home.packages = [ + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + pkgs.tmux + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + ]; +# programs.btop = { +# enable = true; +# settings = { + #color_theme = "gruvbox_dark_v2"; +# color_theme = "catpucchin_mocha"; +# vim_keys = true; +# }; +# }; + # Home Manager is pretty good at managing dotfiles. The primary way to manage + # plain files is through 'home.file'. + home.file = { + # # Building this configuration will create a copy of 'dotfiles/screenrc' in + # # the Nix store. Activating the configuration will then make '~/.screenrc' a + # # symlink to the Nix store copy. + # ".screenrc".source = dotfiles/screenrc; + + # # You can also set the file content immediately. + # ".gradle/gradle.properties".text = '' + # org.gradle.console=verbose + # org.gradle.daemon.idletimeout=3600000 + # ''; + }; + + # Home Manager can also manage your environment variables through + # 'home.sessionVariables'. These will be explicitly sourced when using a + # shell provided by Home Manager. If you don't want to manage your shell + # through Home Manager then you have to manually source 'hm-session-vars.sh' + # located at either + # + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # /etc/profiles/per-user/discubed/etc/profile.d/hm-session-vars.sh + # + home.sessionVariables = { + # EDITOR = "emacs"; + }; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; +} + diff --git a/hosts/worker/ca.pem b/hosts/worker/ca.pem new file mode 100644 index 0000000..c0b8179 --- /dev/null +++ b/hosts/worker/ca.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFSzCCAzOgAwIBAgIUHUOaGhxpyfBqp26tObthWeSavXIwDQYJKoZIhvcNAQEL +BQAwNTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoM +CG1hZHJpZ2FsMB4XDTI1MDkxNjE1NTA1MloXDTM1MDkxNDE1NTA1MlowNTELMAkG +A1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxETAPBgNVBAoMCG1hZHJpZ2Fs +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyxyH1uvcTq+ZuQbu22gW +TsAjY2xHbnW9toLtR+ifn+OJPR850964zhTZ+755b+IF46mw4ToKXhrUhwFmy9uh +dNP5tAHysqrTOh+60hjxO/RC3fyOWWAxy2+a/D5dB15GZ1JqLV/lysLvfb3BJ0ZO +JFddsbNPbijIQlA6ntkpc1rv0UVPnus6MrTksXU8UOGmD/ldlu5u/3u/pYWU0n1C +3JJyW2nFOgx1MpT0fku3Xx5HIG41S4PWJ/50vwkmVoXDE1cmxoO4SmbvLNPpw41C +pnVucL3b4mwBsnYMXUiygwdupxnfNfX6EblG7cGF93/R90MWp5pfQyByjVlZ6E/J +2xZJCWLMguSSfVF+NBuprUFhPzxBDpGdHBMHag8B5rRPdw9QwKGV2K4fskDxk4X4 +HswHXbXB+oYL7yKNttVP2+dua9eGT8xZI6te0ppxK5E7uoFdsQHQN+riRSC50VuT +IQPuNByE0Tkdu1Sa8+jsiL/wCpmLSs1kLq15IOlAAEZSta6ZWw24Ua0kwb1F7LZt +BLgWAucAHkTJasopJl6IPOxGdfl9tpFzQ+I1izQuhRgfXTBJRbcemA8dJw6qVEe4 +ppJFykiopmAi8L33f6l7VbJU/M4l9FcB0kpA5lrZ6EICDxsihc568mWrdg3Kj1pW +56mKar5r0oZgCuxfj3zvdr0CAwEAAaNTMFEwHQYDVR0OBBYEFL6gtvcLz11vGar6 +smDnBp2fbVzZMB8GA1UdIwQYMBaAFL6gtvcLz11vGar6smDnBp2fbVzZMA8GA1Ud +EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAMPb5lOh9/SFcnAM7pOO+8H8 +X7ID/yDAeiU43NV0PHnvcyKQM6s+22ZlAxqe3rZ3Ajx5yb2ED4cV+iA4W7Pt88j4 +MuriFU8sUh209XwRXCtigw5hwtNyLmdYmyFS2azikLMg9fJ/oHYY8GnOg4JSp0tO +nX63FID1bCuN/kU7RSjb3HVSuoQcEizQbE9DE1Fo9JA36qyagKCzvfW1KNhqPkUu +ofTgjVnmTcbRtkUSxp9bzvYZOgnwLSyoCVYAnNSZjmM7DZMGtvJjgoEOlV1OBtFR +4IasRoczElscXr2NEH967HO8P/4XJDr17wJaQpnZ8Plsw/7TXfSNH6EG+eU1fREn +hSCZOogGMNZHi/L7i4UlvZhwm/I6Lt7IkH8zCCMp0Ilr9gexLmGPMus7kolmQxCG +4d1AT5CY1/z+hPQAyepErvy9EynHE+yYhfbV2YV8u+sxqnCZsvGaStCe6xV6o/UK +gKXkVgW/ulD1nvcrMmsGrWTCMYwO0zefxJtZqXB3ICBnTV5cwj0g88EqPQP9yvcr +nyXNQfg4dnCj63tylfE/v23RPpXmNnE0kjjpL8znNDoizrUV58aC/JwwkFCTV6MY +aeof4jzsHa7LPiYrIIr+zNX+MoCPaaRxGifBE0i4uY0yvka7eJHFtB35aPMojnnz +LZ4GGlHmVuUac04JUcKT +-----END CERTIFICATE----- diff --git a/hosts/worker/configuration.nix b/hosts/worker/configuration.nix new file mode 100644 index 0000000..9f6bca7 --- /dev/null +++ b/hosts/worker/configuration.nix @@ -0,0 +1,174 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, inputs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + inputs.home-manager.nixosModules.default + ../../modules/nixos/baal.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + nix.settings.experimental-features = ["nix-command" "flakes"]; + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + networking.networkmanager.dns= "none"; + networking.useDHCP = false; + networking.dhcpcd.enable = false; + networking.nameservers =["192.168.178.43"]; + networking.dhcpcd.extraConfig = '' + nohook resolv.conf +''; + networking.firewall.allowedTCPPorts = [ 80 443 8080]; + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Select internationalisation properties. + i18n.defaultLocale = "de_DE.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # Enable the XFCE Desktop Environment. + services.xserver.displayManager.lightdm.enable = true; + services.xserver.desktopManager.xfce.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "de"; + variant = ""; + }; + + # Configure console keymap + console.keyMap = "de"; + + # Enable CUPS to print documents. + services.printing.enable = true; + + #Enable WG + + + # Enable sound with pipewire. + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Dont forget to set a password with ‘passwd’. +# users.users.smad = { +# isNormalUser = true; +# description = "superuser madrigal"; +# extraGroups = [ "networkmanager" "wheel" "docker"]; +# shell = pkgs.fish; +# packages = with pkgs; [ + # thunderbird +# ]; +# }; + home-manager = { + # also inputs to home-manager modules + extraSpecialArgs = { inherit inputs;}; + users = { + "smad" = import ./home.nix; + }; + }; + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + # security + security.pki.certificateFiles = [ + ./fullchain.pem + ./ca.pem + ]; + + # Install firefox. + programs.firefox.enable = true; + programs.fish.enable = true; + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + kitty + fish + wget + git + ranger + fastfetch + docker-compose + dysk + zoxide + bind + openssl + wireguard-tools + nettools + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + virtualisation.docker.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "25.05"; # Did you read the comment? + +} diff --git a/hosts/worker/fullchain.pem b/hosts/worker/fullchain.pem new file mode 100644 index 0000000..447c7ce --- /dev/null +++ b/hosts/worker/fullchain.pem @@ -0,0 +1,68 @@ +-----BEGIN CERTIFICATE----- +MIIFzjCCA7agAwIBAgIUaqLdBL4bX5sEJlkOxCsjSFeOQM0wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAkRFMR8wHQYDVQQIDBZOb3J0aCBSaGluZS1XZXN0cGhh +bGlhMREwDwYDVQQHDAhEdWlzYnVyZzEpMCcGA1UECgwgTWVpc3RlcmJldHJpZWIg +VGhvbWFzIFRlcGFzcyBTSEsxFjAUBgNVBAMMDVRob21hcyBUZXBhc3MwIBcNMjUw +OTA5MTUyMTMzWhgPMjA2MzAxMjMxNTIxMzNaMBgxFjAUBgNVBAMMDW1hZHJpZ2Fs +LmhvbWUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8qfL1vPz7xKKQ +lERS8gCOS+F7xXGYiNrNkhEsiyQINGb6SIz6QJKVUy6cXUs1YFQFirPCDwT3xh3J +UAcPSuAIaiHAZYE1TOC9OJUhR3+ckKK+zMq3Qigjo8Y42W2rSZafjsG2Qcr3UYky +9tV4fPkNx9/HwPIoKihz5MhqUs9HowvkHAFq8WLTAmpiVkNChM0qll9CtQJzyiSB +qffgIWzgx6GhbdEFseuV718v7RoXAHNltZO+C7jqkiSrVd7kH3cQBYuorFIxKeFq +qs0yOg73ilmbfvzNIpIkHwcDBnzwdILmr/wEdXtBnuepc/rXabJx7NrthIwMF7In +VjQ1Gc9bETG2ZUDJ6wVW+7jOT1fMNTLYvfTst9Vjb0JSo5LPxpPQv0bcD22g9mp0 +pj4AutQaWAPAJMExs+ClV6HwfVGJFXcKpiGt9ZtGRcVvQvfym/L9iuoFE+VCz2bt +mDjId/SrC0baB6a0OwpAsh5Bxahu6mDKht5sJXO0D5aizDQmA5gaTBtx044ZAkzq +Fj4qqA19UxbeXnWWN81xjYOK5kwFpnjwTM6KdsazUGcA+aM3xYRRAjczlCIbzg6o +TrqOzLJV2ea2TpPkggJQ6XOs0KVqtBwjuwbCnX4+NJca/Sygq3Cqu20XBeawH4bp +KlxhZl/qU4CpOzje1AzCMmLLQINlGQIDAQABo4GgMIGdMFsGA1UdEQRUMFKCDyou +bWFkcmlnYWwuaG9tZYINKi50ZXBhc3MuaG9tZYIKKi5uYXMuaG9tZYINbWFkcmln +YWwuaG9tZYILdGVwYXNzLmhvbWWCCG5hcy5ob21lMB0GA1UdDgQWBBTuFkhjY7Qr +BkQqlHuaOQsLBvsS5DAfBgNVHSMEGDAWgBR4lUkjIMJjZ/zjE7X3Ckx3ufzVJjAN +BgkqhkiG9w0BAQsFAAOCAgEAb5KXejT/moh+nPtpNgwleK47gh/Th3ZY8x1kpFP+ +I8xPLzVIJIdjtU1g5XDwY/i3tPAfu+LBhu+xrLL7EyZrT6atCTNWo09nK++sgYA7 +VwpTKvsaiM4j7LQAK9NeYaBlK2GThnTy0wGPCV1Vm5R4UQ0UeI9btAtg+TLp/5V2 +qG+IvMyyCkt12buRKw7wV29t7If3AJPkOw/LFqNVow0QFU49i9flVJzE7odbH2bj +4jdgJnH8TbYKi30VnRmysIgglVUt69TDINZRf9dTmvritTlDmNZyjBCOL42b8HXQ +vhXwnItPr4AQvc19+1x1FHczvaHCRtpS5rdvCg50/q+NBJW7+BFXeU7jXOS7Dlcl +C+Dq185DU1fx0Pl3t20FNdoe9ek4S7L58H/DXujhfX5men0xlRujfJDUHxtgX1SA +GpAY60HS9BN5k+CzS3IOGEQwIJnaADuCb3HTV+6Dwy8dGe7cKVWa0ur3D0MMHan/ +d2rzdtW88ZJ1K7/8q+rEBbrWBU11IBSJQDIKVgHFW6oWiczHms6FBGnXp9P8gp2K +vOtpgRvqtKJOpVvJE4OFU3tGWG9M3O/c71Rslae6zLO033MEx7Vq3oI1GSVgXHk4 +XVGEoqt9psi7kEqn5CHzVnnOrtXObikA52XD2vXvbBnTggYQ9JfBEkyA12j5dDwS +WZk= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIF6zCCA9OgAwIBAgIUTPMzEwxNcX2E8na24Kmeo2eFwR4wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAkRFMR8wHQYDVQQIDBZOb3J0aCBSaGluZS1XZXN0cGhh +bGlhMREwDwYDVQQHDAhEdWlzYnVyZzEpMCcGA1UECgwgTWVpc3RlcmJldHJpZWIg +VGhvbWFzIFRlcGFzcyBTSEsxFjAUBgNVBAMMDVRob21hcyBUZXBhc3MwHhcNMjUw +OTA5MTUwODA5WhcNMzUwOTA3MTUwODA5WjCBhDELMAkGA1UEBhMCREUxHzAdBgNV +BAgMFk5vcnRoIFJoaW5lLVdlc3RwaGFsaWExETAPBgNVBAcMCER1aXNidXJnMSkw +JwYDVQQKDCBNZWlzdGVyYmV0cmllYiBUaG9tYXMgVGVwYXNzIFNISzEWMBQGA1UE +AwwNVGhvbWFzIFRlcGFzczCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +AOPXp1FfICsnsJ4ZVAKx4iurfF2hVnrAhPHZ02qQW8APCrp2JjH00HqpOM9s0kIr +CiVzN2rKoLAEhe8LHlaM1ncQ4ui5UHcbGeyxv3xrhyYAD85joevSNnku01q1MpPr +G2xSC5v5iXEQPr1x8ZaJAu6ajUeqQDQbKSs62dCA8H1x64qMigIIvpdLvD2/C67u +o5W4p1oGeOnjr1VRyqpbt052BLWFvGiGbMSa2VOSCHzbTTEEs79ODYqRgnaJRVz3 +Np9DQQdcglrAytta/8vTvBDik8XKpUzWCJVnfQiaLr4/2oSoBQMI9qlspVkm43oL +z1nTWJ8NRdgHXlf6GXKqdQQSXn5EgqVDHZLHh8qgQADAE/LQpWEcBosEJmeao4LH +Dv6fjfepAjxlcdFxjITzL2LCnS30mMl/XT+wfdF8KUBioeLscvyxoXJd4JOT5wJD +jokH50llajNW/1SIeXTt2/VPSzVkgHBMq3YTbsp0XL7vfBQabT6Sb+Bk7jc46bkk +O5rK2+ULVVC9wR7AkPNhzX4+Z9AOGaahHtzMBWypzYcanHYyxazwP3oswi8lJm2V +2TPAodRP8Abvp/DFdne6F8CEDZZHmabSFbDWb5hu6HVsmWEWuFc8a7+AJ6AXwixG +Q4MtnGjR5Cq2/XPsxOlKqpjnOnrmG+6uHqnCIYJO8p2bAgMBAAGjUzBRMB0GA1Ud +DgQWBBR4lUkjIMJjZ/zjE7X3Ckx3ufzVJjAfBgNVHSMEGDAWgBR4lUkjIMJjZ/zj +E7X3Ckx3ufzVJjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBR +t/rQdRDoSObgtLYEgzJZdxYtfgEYNUdXTPCDYpu7qblQsoCmxw98Kw1g5H4Kuy/q +sWxFAB3y/Xue5MdWldryMYrOyJ4gT0tjprxz209AtaaRRHrcIVIUVmCU6lYXVL72 +QLE8Ja7Et6l4Ta+z41o6blhDZQBUrWCCSWWHatXDb6xuswUu4sniIv2I0Bkb9bas +z3sZtBAftBFopZbo+o/KHmzxGUNLEpt5zcoLH0dgJ6vbh2IDl8p361KoDlaFCyq4 +HHTODWGsJFuYtmeCFUBIOB0zn2ABd5PLNn+FPG88LZBWKjy25bI9kEjSSsux5JO5 +mF0oTpjOrtJcPj0rlDjgVzhJtewAUHhGgXTM0e451YmoQk/kDcZ/GawUhBrnW5nQ +QcNzSoIGtPiAcvl0B/11KCtBeXJnSi62yr5z1w+MyyYYGJRlahA+wKqAUJT8/TD1 +bN8Wvv+7G7MFAs9zx3ycyD79o0jLHbnAIKb2CJO8EByTR2MJZlwV+RBi9byZZpmT +p6ss0nZT5wsSNful4iWvs+abA/ywm42u8a98fzVNlqO/q4ippF5ezBm2nLcHil3r +4dtN8Hwk3iEKrzBkV81UK8Gx/KXPq+qKl6g+YANBBLrQvh/FgHPLa3NXr7Xd3IP7 +3L+W0Cr/jrVHUtty4Znfxeat2+DmhEuz/ihk/wmqSw== +-----END CERTIFICATE----- diff --git a/hosts/worker/hardware-configuration.nix b/hosts/worker/hardware-configuration.nix new file mode 100644 index 0000000..4eacc23 --- /dev/null +++ b/hosts/worker/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/bcdf8feb-de2c-45db-b929-7c91a1f79ce4"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/F794-8574"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/worker/home.nix b/hosts/worker/home.nix new file mode 100644 index 0000000..f163410 --- /dev/null +++ b/hosts/worker/home.nix @@ -0,0 +1,87 @@ +{ config, pkgs, ... }: + +{ +imports =[ +../../modules/home-manager/btop.nix +]; + # Home Manager needs a bit of information about you and the paths it should + # manage. + home.username = "smad"; + home.homeDirectory = "/home/smad"; + + # This value determines the Home Manager release that your configuration is + # compatible with. This helps avoid breakage when a new Home Manager release + # introduces backwards incompatible changes. + # + # You should not change this value, even if you update Home Manager. If you do + # want to update the value, then make sure to first check the Home Manager + # release notes. + home.stateVersion = "25.05"; # Please read the comment before changing. + + # The home.packages option allows you to install Nix packages into your + # environment. + home.packages = [ + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + pkgs.tmux + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + ]; +# programs.btop = { +# enable = true; +# settings = { + #color_theme = "gruvbox_dark_v2"; +# color_theme = "catpucchin_mocha"; +# vim_keys = true; +# }; +# }; + # Home Manager is pretty good at managing dotfiles. The primary way to manage + # plain files is through 'home.file'. + home.file = { + # # Building this configuration will create a copy of 'dotfiles/screenrc' in + # # the Nix store. Activating the configuration will then make '~/.screenrc' a + # # symlink to the Nix store copy. + # ".screenrc".source = dotfiles/screenrc; + + # # You can also set the file content immediately. + # ".gradle/gradle.properties".text = '' + # org.gradle.console=verbose + # org.gradle.daemon.idletimeout=3600000 + # ''; + }; + + # Home Manager can also manage your environment variables through + # 'home.sessionVariables'. These will be explicitly sourced when using a + # shell provided by Home Manager. If you don't want to manage your shell + # through Home Manager then you have to manually source 'hm-session-vars.sh' + # located at either + # + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # /etc/profiles/per-user/discubed/etc/profile.d/hm-session-vars.sh + # + home.sessionVariables = { + # EDITOR = "emacs"; + }; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; +} + diff --git a/modules/home-manager/btop.nix b/modules/home-manager/btop.nix new file mode 100644 index 0000000..41bf6a0 --- /dev/null +++ b/modules/home-manager/btop.nix @@ -0,0 +1,11 @@ +{ + + programs.btop = { + enable = true; + settings = { + #color_theme = "gruvbox_dark_v2"; + color_theme = "catppuccin_mocha.theme"; + vim_keys = true; + }; + }; +} diff --git a/modules/home-manager/tmux.nix b/modules/home-manager/tmux.nix new file mode 100644 index 0000000..26dbc25 --- /dev/null +++ b/modules/home-manager/tmux.nix @@ -0,0 +1,7 @@ +{ + programs.tmux = { + enable = true; + prefix = "ö"; + }; + +} diff --git a/modules/nixos/amon.nix b/modules/nixos/amon.nix new file mode 100644 index 0000000..c48a5d6 --- /dev/null +++ b/modules/nixos/amon.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "amon"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/asura.nix b/modules/nixos/asura.nix new file mode 100644 index 0000000..b6000b1 --- /dev/null +++ b/modules/nixos/asura.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "asura"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/baal.nix b/modules/nixos/baal.nix new file mode 100644 index 0000000..cbd65fb --- /dev/null +++ b/modules/nixos/baal.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "baal"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/belial.nix b/modules/nixos/belial.nix new file mode 100644 index 0000000..e10f263 --- /dev/null +++ b/modules/nixos/belial.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "belial"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/gaap.nix b/modules/nixos/gaap.nix new file mode 100644 index 0000000..e42cc81 --- /dev/null +++ b/modules/nixos/gaap.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "gaap"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/ifrit.nix b/modules/nixos/ifrit.nix new file mode 100644 index 0000000..7772dba --- /dev/null +++ b/modules/nixos/ifrit.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "ifrit"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/mara.nix b/modules/nixos/mara.nix new file mode 100644 index 0000000..ffe319d --- /dev/null +++ b/modules/nixos/mara.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "mara"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/moloch.nix b/modules/nixos/moloch.nix new file mode 100644 index 0000000..7255d6a --- /dev/null +++ b/modules/nixos/moloch.nix @@ -0,0 +1,30 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + networking.hostName = "moloch"; # Define your hostname. + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/modules/nixos/smad.nix b/modules/nixos/smad.nix new file mode 100644 index 0000000..ff89d87 --- /dev/null +++ b/modules/nixos/smad.nix @@ -0,0 +1,31 @@ +{config, pkgs, inputs, ...}: + +{ + + users.users.smad = { + isNormalUser = true; + description = "superuser madrigal"; + extraGroups = [ "networkmanager" "wheel" "docker"]; + shell = pkgs.fish; + packages = with pkgs; [ + thunderbird + dmenu + ]; + }; + + + # Enable automatic login for the user. + services.displayManager.autoLogin.enable = true; + services.displayManager.autoLogin.user = "smad"; + services.prometheus.exporters.node = { + enable = true; + port = 9100; + enabledCollectors = [ + "logind" + "systemd" + ]; + disabledCollectors = [ "textfile" ]; + openFirewall = true; + firewallFilter = "-i br0 -p tcp -m tcp --dport 9100"; + }; +} diff --git a/themes/catpucchin/btop/catppuccin_frappe.theme b/themes/catpucchin/btop/catppuccin_frappe.theme new file mode 100644 index 0000000..20a91ca --- /dev/null +++ b/themes/catpucchin/btop/catppuccin_frappe.theme @@ -0,0 +1,83 @@ +# Main background, empty for terminal default, need to be empty if you want transparent background +theme[main_bg]="#303446" + +# Main text color +theme[main_fg]="#C6D0F5" + +# Title color for boxes +theme[title]="#C6D0F5" + +# Highlight color for keyboard shortcuts +theme[hi_fg]="#8CAAEE" + +# Background color of selected item in processes box +theme[selected_bg]="#51576D" + +# Foreground color of selected item in processes box +theme[selected_fg]="#8CAAEE" + +# Color of inactive/disabled text +theme[inactive_fg]="#838BA7" + +# Color of text appearing on top of graphs, i.e uptime and current network graph scaling +theme[graph_text]="#F2D5CF" + +# Background color of the percentage meters +theme[meter_bg]="#51576D" + +# Misc colors for processes box including mini cpu graphs, details memory graph and details status text +theme[proc_misc]="#F2D5CF" + +# CPU, Memory, Network, Proc box outline colors +theme[cpu_box]="#ca9ee6" #Mauve +theme[mem_box]="#a6d189" #Green +theme[net_box]="#ea999c" #Maroon +theme[proc_box]="#8caaee" #Blue + +# Box divider line and small boxes line color +theme[div_line]="#737994" + +# Temperature graph color (Green -> Yellow -> Red) +theme[temp_start]="#a6d189" +theme[temp_mid]="#e5c890" +theme[temp_end]="#e78284" + +# CPU graph colors (Teal -> Lavender) +theme[cpu_start]="#81c8be" +theme[cpu_mid]="#85c1dc" +theme[cpu_end]="#babbf1" + +# Mem/Disk free meter (Mauve -> Lavender -> Blue) +theme[free_start]="#ca9ee6" +theme[free_mid]="#babbf1" +theme[free_end]="#8caaee" + +# Mem/Disk cached meter (Sapphire -> Lavender) +theme[cached_start]="#85c1dc" +theme[cached_mid]="#8caaee" +theme[cached_end]="#babbf1" + +# Mem/Disk available meter (Peach -> Red) +theme[available_start]="#ef9f76" +theme[available_mid]="#ea999c" +theme[available_end]="#e78284" + +# Mem/Disk used meter (Green -> Sky) +theme[used_start]="#a6d189" +theme[used_mid]="#81c8be" +theme[used_end]="#99d1db" + +# Download graph colors (Peach -> Red) +theme[download_start]="#ef9f76" +theme[download_mid]="#ea999c" +theme[download_end]="#e78284" + +# Upload graph colors (Green -> Sky) +theme[upload_start]="#a6d189" +theme[upload_mid]="#81c8be" +theme[upload_end]="#99d1db" + +# Process box color gradient for threads, mem and cpu usage (Sapphire -> Mauve) +theme[process_start]="#85c1dc" +theme[process_mid]="#babbf1" +theme[process_end]="#ca9ee6" diff --git a/themes/catpucchin/btop/catppuccin_latte.theme b/themes/catpucchin/btop/catppuccin_latte.theme new file mode 100644 index 0000000..792679c --- /dev/null +++ b/themes/catpucchin/btop/catppuccin_latte.theme @@ -0,0 +1,84 @@ +# Main background, empty for terminal default, need to be empty if you want transparent background +theme[main_bg]="#EFF1F5" + +# Main text color +theme[main_fg]="#4C4F69" + +# Title color for boxes +theme[title]="#4C4F69" + +# Highlight color for keyboard shortcuts +theme[hi_fg]="#1E66F5" + +# Background color of selected item in processes box +theme[selected_bg]="#BCC0CC" + +# Foreground color of selected item in processes box +theme[selected_fg]="#1E66F5" + +# Color of inactive/disabled text +theme[inactive_fg]="#8C8FA1" + +# Color of text appearing on top of graphs, i.e uptime and current network graph scaling +theme[graph_text]="#DC8A78" + +# Background color of the percentage meters +theme[meter_bg]="#BCC0CC" + +# Misc colors for processes box including mini cpu graphs, details memory graph and details status text +theme[proc_misc]="#DC8A78" + +# CPU, Memory, Network, Proc box outline colors +theme[cpu_box]="#8839ef" #Mauve +theme[mem_box]="#40a02b" #Green +theme[net_box]="#e64553" #Maroon +theme[proc_box]="#1e66f5" #Blue + +# Box divider line and small boxes line color +theme[div_line]="#9CA0B0" + +# Temperature graph color (Green -> Yellow -> Red) +theme[temp_start]="#40a02b" +theme[temp_mid]="#df8e1d" +theme[temp_end]="#d20f39" + +# CPU graph colors (Teal -> Lavender) +theme[cpu_start]="#179299" +theme[cpu_mid]="#209fb5" +theme[cpu_end]="#7287fd" + +# Mem/Disk free meter (Mauve -> Lavender -> Blue) +theme[free_start]="#8839ef" +theme[free_mid]="#7287fd" +theme[free_end]="#1e66f5" + +# Mem/Disk cached meter (Sapphire -> Lavender) +theme[cached_start]="#209fb5" +theme[cached_mid]="#1e66f5" +theme[cached_end]="#7287fd" + +# Mem/Disk available meter (Peach -> Red) +theme[available_start]="#fe640b" +theme[available_mid]="#e64553" +theme[available_end]="#d20f39" + + +# Mem/Disk used meter (Green -> Sky) +theme[used_start]="#40a02b" +theme[used_mid]="#179299" +theme[used_end]="#04a5e5" + +# Download graph colors (Peach -> Red) +theme[download_start]="#fe640b" +theme[download_mid]="#e64553" +theme[download_end]="#d20f39" + +# Upload graph colors (Green -> Sky) +theme[upload_start]="#40a02b" +theme[upload_mid]="#179299" +theme[upload_end]="#04a5e5" + +# Process box color gradient for threads, mem and cpu usage (Sapphire -> Lavender-> Mauve) +theme[process_start]="#209fb5" +theme[process_mid]="#7287fd" +theme[process_end]="#8839ef" diff --git a/themes/catpucchin/btop/catppuccin_macchiato.theme b/themes/catpucchin/btop/catppuccin_macchiato.theme new file mode 100644 index 0000000..86819d2 --- /dev/null +++ b/themes/catpucchin/btop/catppuccin_macchiato.theme @@ -0,0 +1,83 @@ +# Main background, empty for terminal default, need to be empty if you want transparent background +theme[main_bg]="#24273A" + +# Main text color +theme[main_fg]="#CAD3F5" + +# Title color for boxes +theme[title]="#CAD3F5" + +# Highlight color for keyboard shortcuts +theme[hi_fg]="#8AADF4" + +# Background color of selected item in processes box +theme[selected_bg]="#494D64" + +# Foreground color of selected item in processes box +theme[selected_fg]="#8AADF4" + +# Color of inactive/disabled text +theme[inactive_fg]="#8087A2" + +# Color of text appearing on top of graphs, i.e uptime and current network graph scaling +theme[graph_text]="#F4DBD6" + +# Background color of the percentage meters +theme[meter_bg]="#494D64" + +# Misc colors for processes box including mini cpu graphs, details memory graph and details status text +theme[proc_misc]="#F4DBD6" + +# CPU, Memory, Network, Proc box outline colors +theme[cpu_box]="#c6a0f6" #Mauve +theme[mem_box]="#a6da95" #Green +theme[net_box]="#ee99a0" #Maroon +theme[proc_box]="#8aadf4" #Blue + +# Box divider line and small boxes line color +theme[div_line]="#6E738D" + +# Temperature graph color (Green -> Yellow -> Red) +theme[temp_start]="#a6da95" +theme[temp_mid]="#eed49f" +theme[temp_end]="#ed8796" + +# CPU graph colors (Teal -> Lavender) +theme[cpu_start]="#8bd5ca" +theme[cpu_mid]="#7dc4e4" +theme[cpu_end]="#b7bdf8" + +# Mem/Disk free meter (Mauve -> Lavender -> Blue) +theme[free_start]="#c6a0f6" +theme[free_mid]="#b7bdf8" +theme[free_end]="#8aadf4" + +# Mem/Disk cached meter (Sapphire -> Lavender) +theme[cached_start]="#7dc4e4" +theme[cached_mid]="#8aadf4" +theme[cached_end]="#b7bdf8" + +# Mem/Disk available meter (Peach -> Red) +theme[available_start]="#f5a97f" +theme[available_mid]="#ee99a0" +theme[available_end]="#ed8796" + +# Mem/Disk used meter (Green -> Sky) +theme[used_start]="#a6da95" +theme[used_mid]="#8bd5ca" +theme[used_end]="#91d7e3" + +# Download graph colors (Peach -> Red) +theme[download_start]="#f5a97f" +theme[download_mid]="#ee99a0" +theme[download_end]="#ed8796" + +# Upload graph colors (Green -> Sky) +theme[upload_start]="#a6da95" +theme[upload_mid]="#8bd5ca" +theme[upload_end]="#91d7e3" + +# Process box color gradient for threads, mem and cpu usage (Sapphire -> Mauve) +theme[process_start]="#7dc4e4" +theme[process_mid]="#b7bdf8" +theme[process_end]="#c6a0f6" diff --git a/themes/catpucchin/btop/catppuccin_mocha.theme b/themes/catpucchin/btop/catppuccin_mocha.theme new file mode 100644 index 0000000..6915504 --- /dev/null +++ b/themes/catpucchin/btop/catppuccin_mocha.theme @@ -0,0 +1,83 @@ +# Main background, empty for terminal default, need to be empty if you want transparent background +theme[main_bg]="#1E1E2E" + +# Main text color +theme[main_fg]="#CDD6F4" + +# Title color for boxes +theme[title]="#CDD6F4" + +# Highlight color for keyboard shortcuts +theme[hi_fg]="#89B4FA" + +# Background color of selected item in processes box +theme[selected_bg]="#45475A" + +# Foreground color of selected item in processes box +theme[selected_fg]="#89B4FA" + +# Color of inactive/disabled text +theme[inactive_fg]="#7F849C" + +# Color of text appearing on top of graphs, i.e uptime and current network graph scaling +theme[graph_text]="#F5E0DC" + +# Background color of the percentage meters +theme[meter_bg]="#45475A" + +# Misc colors for processes box including mini cpu graphs, details memory graph and details status text +theme[proc_misc]="#F5E0DC" + +# CPU, Memory, Network, Proc box outline colors +theme[cpu_box]="#cba6f7" #Mauve +theme[mem_box]="#a6e3a1" #Green +theme[net_box]="#eba0ac" #Maroon +theme[proc_box]="#89b4fa" #Blue + +# Box divider line and small boxes line color +theme[div_line]="#6C7086" + +# Temperature graph color (Green -> Yellow -> Red) +theme[temp_start]="#a6e3a1" +theme[temp_mid]="#f9e2af" +theme[temp_end]="#f38ba8" + +# CPU graph colors (Teal -> Lavender) +theme[cpu_start]="#94e2d5" +theme[cpu_mid]="#74c7ec" +theme[cpu_end]="#b4befe" + +# Mem/Disk free meter (Mauve -> Lavender -> Blue) +theme[free_start]="#cba6f7" +theme[free_mid]="#b4befe" +theme[free_end]="#89b4fa" + +# Mem/Disk cached meter (Sapphire -> Lavender) +theme[cached_start]="#74c7ec" +theme[cached_mid]="#89b4fa" +theme[cached_end]="#b4befe" + +# Mem/Disk available meter (Peach -> Red) +theme[available_start]="#fab387" +theme[available_mid]="#eba0ac" +theme[available_end]="#f38ba8" + +# Mem/Disk used meter (Green -> Sky) +theme[used_start]="#a6e3a1" +theme[used_mid]="#94e2d5" +theme[used_end]="#89dceb" + +# Download graph colors (Peach -> Red) +theme[download_start]="#fab387" +theme[download_mid]="#eba0ac" +theme[download_end]="#f38ba8" + +# Upload graph colors (Green -> Sky) +theme[upload_start]="#a6e3a1" +theme[upload_mid]="#94e2d5" +theme[upload_end]="#89dceb" + +# Process box color gradient for threads, mem and cpu usage (Sapphire -> Mauve) +theme[process_start]="#74C7EC" +theme[process_mid]="#89DCEB" +theme[process_end]="#cba6f7"