Merge branch 'main' of ssh://codeberg.org/dnscio/nix-config

home/darwin-work.nix

@@ -14,12 +14,12 @@
   xdg.enable = true;
 
   imports = [
-    ./modules/git
+    ../modules/git
-    ./modules/fish/work.nix
+    ../modules/fish/work.nix
-    ./modules/atuin
+    ../modules/atuin
-    ./modules/wezterm
+    ../modules/wezterm
-    ./modules/nvim
+    ../modules/nvim
-    ./modules/lazygit
+    ../modules/lazygit
   ];
 
   programs.home-manager.enable = true;

home/darwin.nix

@@ -13,13 +13,13 @@
   xdg.enable = true;
 
   imports = [
-    ./modules/ssh
+    ../modules/ssh
-    ./modules/git
+    ../modules/git
-    ./modules/fish
+    ../modules/fish
-    ./modules/atuin
+    ../modules/atuin
-    ./modules/wezterm
+    ../modules/wezterm
-    ./modules/nvim
+    ../modules/nvim
-    ./modules/lazygit
+    ../modules/lazygit
   ];
 
   programs.home-manager.enable = true;

home/deck.nix

@@ -41,11 +41,11 @@
   xdg.enable = true;
 
   imports = [
-    ./modules/git
+    ../modules/git
-    ./modules/fish
+    ../modules/fish
-    ./modules/atuin
+    ../modules/atuin
-    ./modules/nvim/deck.nix
+    ../modules/nvim/deck.nix
-    ./modules/lazygit
+    ../modules/lazygit
   ];
 
   programs.home-manager.enable = true;

home/server.nix

@@ -11,11 +11,23 @@
     unzip
     ripgrep
     fzf
+    fd
+    sd
+    bat
+    tldr
+    fortune
     iotop
     iftop
     just
     mmv-go
     lazygit
+    fish
+    zoxide
+  ];
+
+  imports = [
+    ../modules/fish/server.nix
+    ../modules/lazygit
   ];
 
   programs.home-manager.enable = true;

hosts/dnsc-air/default.nix

@@ -8,7 +8,7 @@
 }: {
   imports = [
     inputs.home-manager.darwinModules.home-manager
-    ../../home/modules/aerospace
+    ../../modules/aerospace
   ];
 
   # Setting the user
@@ -63,6 +63,9 @@
     
     masApps = {
       Bitwarden = 1352778147;
+      "Kagi for Safari" = 1622835804;
+      "Wipr 2" = 1662217862;
+      "Yesterday For Old Reddit" = 1603279883;
     };
 
     brews = [
@@ -79,11 +82,10 @@
       "fnm"
       "imagemagick"
       "odin"
-      "todo-txt"
     ];
 
     casks = [
-      "zen-browser"
+      "chromium"
       "font-victor-mono"
       "font-victor-mono-nerd-font"
       "mullvadvpn"
@@ -95,6 +97,9 @@
       "eurkey"
       "karabiner-elements"
       "wezterm"
+      "cyberduck"
+      "caffeine"
+      "tailscale"
     ];
   };
 
@@ -121,8 +126,11 @@
         orientation = "right";
         show-recents = false;
         persistent-apps = [
-          "/Applications/Zen.app"
+          "/System/Volumes/Preboot/Cryptexes/App/System/Applications/Safari.app"
           "/Applications/WezTerm.app"
+          "/System/Applications/Mail.app"
+          "/System/Applications/Calendar.app"
+          "/System/Applications/Reminders.app"
           "/System/Applications/System Settings.app/"
         ];
         persistent-others = [
@@ -164,6 +172,7 @@
   home-manager = {
     extraSpecialArgs = { inherit inputs outputs; };
     useGlobalPkgs = true;
+    backupFileExtension = "backup";
     users = {
       dennis = import ../../home/darwin.nix;
     };

hosts/dnsc-server/default.nix

@@ -1,14 +1,16 @@
 {
   inputs,
   outputs,
-  lib,
-  config,
   pkgs,
   ...
 }: {
   imports = [
     ./hardware-configuration.nix
     inputs.home-manager.nixosModules.home-manager
+    ../../modules/ups
+    ../../modules/openssh
+    ../../modules/jellyfin
+    ../../modules/syncthing
   ];
 
   # General
@@ -32,6 +34,17 @@
   };
   nix.settings.auto-optimise-store = true;
 
+  # Launch fish shell
+  programs.bash = {
+    interactiveShellInit = ''
+    if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
+    then
+      shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
+      exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
+    fi
+    '';
+  };
+
   # Networking
   networking.hostName = "dnsc-server";
   networking.hostId = "380f584e";
@@ -61,9 +74,12 @@
     ];
   };
 
+  security.sudo.enable = true;
+
   # Home Manager Setup
   home-manager = {
     extraSpecialArgs = { inherit inputs outputs; };
+    backupFileExtension = "backup";
     users = {
       dennis = import ../../home/server.nix;
     };
@@ -91,35 +107,7 @@
     enableSSHSupport = true;
   };
 
-  # UPS
-  power.ups = {
-    enable = true;
-  
-    ups."eaton-ups" = {
-      driver = "usbhid-ups";
-      port = "auto";
-    };
-  
-    users.upsmon = {
-      passwordFile = "/etc/upsmon.passwd";
-      upsmon = "primary";
-    };
-  
-    upsmon.monitor."eaton-ups".user = "upsmon";
-  };
-
   # Services
-  # SSH
-  services.openssh = {
-    enable = true;
-    settings = {
-      X11Forwarding = false;
-      PermitRootLogin = "no";
-      PasswordAuthentication = false;
-    };
-    openFirewall = true;
-  };
-
   # ZFS
   services.zfs = {
     autoSnapshot.enable = true;
@@ -167,50 +155,9 @@
     openFirewall = true;
   };
 
-  # Jellyfin
-  services.jellyfin = {
-    enable = true;
-    openFirewall = true;
-  };
-
-  nixpkgs.config.packageOverrides = pkgs: {
-    vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
-  };
-
-  hardware.graphics = {
-    enable = true;
-    extraPackages = with pkgs; [
-      intel-media-driver
-      intel-vaapi-driver
-      vaapiVdpau
-      intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
-      vpl-gpu-rt # QSV on 11th gen or newer
-      intel-media-sdk # QSV up to 11th gen
-    ];
-  };
-
   # Tailscale
   services.tailscale.enable = true;
 
-  # Syncthing
-  services.syncthing = {
-    enable = true;
-    group = "users";
-    guiAddress = "0.0.0.0:8384";
-    user = "dennis";
-    dataDir = "/home/dennis/sync";
-    configDir = "/home/dennis/sync/.config/syncthing";
-    overrideDevices = true;
-    overrideFolders = true;
-    settings = {
-      devices = {
-        "dnsc-pixel" = { id = "FD4XYVI-UZCBEXZ-OATLR3Y-7ZZPQOA-MFWP3Q7-OFNZY33-XH4TJAF-KVHW2AI"; };
-        "dnsc-air" = { id = "RYFO5XN-RRZZQI3-4W5DPHO-C7OKL5N-ZUQUBEI-ZKSWUHM-2BMTFRY-MDC7MA3"; };
-      };
-    };
-  };
-  systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
-
   # Environment variables
   environment.variables.EDITOR = "nvim";
 

hosts/dnsc-vps-sm/default.nix

@@ -11,6 +11,9 @@
     ./networking.nix
     inputs.home-manager.nixosModules.home-manager
     inputs.ip-whitelist.nixosModules.default
+    ../../modules/vaultwarden
+    ../../modules/uptime-kuma
+    ../../modules/homepage
   ];
 
   # Secrets
@@ -36,6 +39,19 @@
   };
   nix.settings.auto-optimise-store = true;
 
+  # Launch fish shell
+  programs.bash = {
+    interactiveShellInit = ''
+    if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
+    then
+      shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
+      exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
+    fi
+    '';
+  };
+
+  security.sudo.enable = true;
+
   # Networking
   networking.hostName = "dnsc-vps-sm";
   networking.hostId = "380f585f";
@@ -63,7 +79,6 @@
     ];
   };
   
-
   # My user account
   users.users.dennis = {
     description = "dennis";
@@ -79,6 +94,7 @@
   # Home Manager Setup
   home-manager = {
     extraSpecialArgs = { inherit inputs outputs; };
+    backupFileExtension = "backup";
     users = {
       dennis = import ../../home/server.nix;
     };
@@ -117,20 +133,6 @@
   # Tailscale
   services.tailscale.enable = true;
 
-  # Vaultwarden
-  services.vaultwarden = {
-    enable = true;
-    environmentFile = config.age.secrets."vaultwarden/env".path;
-  };
-
-  # Uptime Kuma
-  services.uptime-kuma = {
-    enable = true;
-    settings = {
-      PORT = "9000";
-    };
-  };
-
   # Caddy
   services.caddy = {
     enable = true;
@@ -155,6 +157,9 @@
     virtualHosts."uptime.dnsc.io".extraConfig = ''
       reverse_proxy localhost:9000
     '';
+    virtualHosts."home.dnsc.io".extraConfig = ''
+      reverse_proxy localhost:9001
+    '';
   };
 
   # Environment variables

hosts/dnsc-work/default.nix

@@ -8,7 +8,7 @@
 }: {
   imports = [
     inputs.home-manager.darwinModules.home-manager
-    ../../home/modules/aerospace/work.nix
+    ../../modules/aerospace/work.nix
   ];
 
   # Setting the user

modules/fish/server.nix

@@ -0,0 +1,88 @@
+{ config, pkgs, ... }:
+
+{ programs.fish = {
+    enable = true;
+
+    functions = {
+      ff = ''
+      set RG_PREFIX "rg --column --line-number --no-heading --color=always --smart-case "
+      set INITIAL_QUERY "$argv"
+      fzf --ansi --disabled --query "$INITIAL_QUERY" \
+        --bind "start:reload:$RG_PREFIX {q}" \
+        --bind "change:reload:sleep 0.1; $RG_PREFIX {q} || true" \
+        --delimiter : \
+        --preview 'bat --color=always {1} --highlight-line {2}' \
+        --preview-window 'up,60%,border-bottom,+{2}+3/3,~3' \
+        --bind 'enter:become(nvim {1} +{2})'
+      '';
+      fish_greeting = "fortune -a";
+      resize_images = ''
+      # Resize all JPG images in the current directory and its subdirectories
+      # Usage: resize_images [percentage]
+      # Example: resize_images 20 - resizes all images to 20% of original size
+      # If no percentage is provided, defaults to 40%
+      
+      set -l percentage $argv[1]
+      if test -z "$percentage"
+        set percentage 40
+      end
+      
+      for img in (find . -type f -name "*.JPG")
+        set original_size (stat -f %z "$img")
+        magick convert "$img" -resize "$percentage%" "$img"
+        set new_size (stat -f %z "$img")
+        echo "Processed $img"
+        echo "Original size: $original_size bytes"
+        echo "New size: $new_size bytes"
+        echo "---"
+      end
+      '';
+      localip = "ifconfig | grep \"inet \" | grep -v 127.0.0.1 | awk '{print $2}' | head -n 1";
+      publicip = "curl -4 ifconfig.me";
+      fzf = ''
+      set -Ux FZF_DEFAULT_OPTS "
+              --color=fg:#908caa,bg:#191724,hl:#ebbcba
+              --color=fg+:#e0def4,bg+:#26233a,hl+:#ebbcba
+              --color=border:#403d52,header:#31748f,gutter:#191724
+              --color=spinner:#f6c177,info:#9ccfd8
+              --color=pointer:#c4a7e7,marker:#eb6f92,prompt:#908caa"
+
+      command fzf
+      '';
+    };
+
+    interactiveShellInit = ''
+      fish_config theme choose "Rosé Pine"
+
+      set hn (prompt_hostname)
+      set fish_cursor_default     block      blink
+      set fish_cursor_insert      line       blink
+      set fish_cursor_replace_one underscore blink
+      set fish_cursor_visual      block
+      set fish_vi_force_cursor 1
+      fish_vi_key_bindings
+
+      fish_add_path /run/wrappers/bin
+      fish_add_path /home/r/.nix-profile/bin
+      fish_add_path /etc/profiles/per-user/r/bin
+      fish_add_path /nix/var/nix/profiles/default/bin
+      fish_add_path /run/current-system/sw/bin
+      fish_add_path $HOME/.config/fish/plugins
+
+      zoxide init fish | source
+    '';
+
+    shellAliases = {
+      sudo = "/run/wrappers/bin/sudo";
+    };
+
+    shellAbbrs = {
+      lg = "lazygit";
+      g = "git";
+      gco = "git checkout";
+      frc = "source ~/.config/fish/**/*.fish";
+    };
+  };
+
+  home.file.".config/fish/themes".source = ./themes;
+}

modules/homepage/default.nix

@@ -0,0 +1,125 @@
+{
+  services.homepage-dashboard = {
+    enable = true;
+    listenPort = 9001; 
+    allowedHosts = "home.dnsc.io";
+    settings = {
+      theme = "dark";
+      background = {
+        image = "https://i.ibb.co/v6FjzW5V/winter.png";
+        opacity = 40;
+        brightness = 50;
+      };
+    };
+    services = [
+      {
+        "VPS" = [
+          {
+            "Vaultwarden" = {
+              href = "https://vault.dnsc.io";
+              icon = "vaultwarden.png";
+            };
+          }
+          {
+            "Uptime Kuma" = {
+              href = "https://uptime.dnsc.io";
+              icon = "uptime-kuma.png";
+            };
+          }
+          {
+            "Slides" = {
+              href = "https://slides.dnsc.io";
+              icon = "slidev.png";
+            };
+          }
+        ];
+      }
+      {
+        "Homelab" = [
+          {
+            "Jellyfin" = {
+              href = "http://100.103.199.4:8096";
+              icon = "jellyfin.png";
+            };
+          }
+          {
+            "Syncthing" = {
+              href = "http://100.103.199.4:8384";
+              icon = "syncthing.png";
+            };
+          }
+        ];
+      }
+    ];
+    bookmarks = [
+      {
+        Tools = [
+          {
+            Fastmail = [
+              {
+                abbr = "FM";
+                href = "https://app.fastmail.com";
+              }
+            ];
+          }
+          {
+            YNAB = [
+              {
+                abbr = "YN";
+                href = "https://app.ynab.com";
+              }
+            ];
+          }
+        ];
+      }
+      {
+        Dev = [
+          {
+            Codeberg = [
+              {
+                abbr = "CB";
+                href = "https://codeberg.org";
+              }
+            ];
+          }
+          {
+            Github = [
+              {
+                abbr = "GH";
+                href = "https://github.com/dennisschoepf";
+              }
+            ];
+          }
+        ];
+      }
+      {
+        Entertainment = [
+          {
+            YouTube = [
+              {
+                abbr = "YT";
+                href = "https://youtube.com";
+              }
+            ];
+          }
+          {
+            Twitch = [
+              {
+                abbr = "TW";
+                href = "https://twitch.tv";
+              }
+            ];
+          }
+          {
+            Overcast = [
+              {
+                abbr = "OC";
+                href = "https://overcast.fm";
+              }
+            ];
+          }
+        ];
+      }
+    ];
+  };
+}

modules/jellyfin/default.nix

@@ -0,0 +1,26 @@
+{
+  pkgs, ...
+}: {
+  services.jellyfin = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  nixpkgs.config.packageOverrides = pkgs: {
+    vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
+  };
+
+  hardware.graphics = {
+    enable = true;
+    extraPackages = with pkgs; [
+      intel-media-driver
+      intel-vaapi-driver
+      vaapiVdpau
+      intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
+      vpl-gpu-rt # QSV on 11th gen or newer
+      intel-media-sdk # QSV up to 11th gen
+    ];
+  };
+
+}
+

modules/nvim/deck.nix

@@ -4,6 +4,6 @@
   xdg.configFile."nvim" = {
     # mkOutOfStoreSymlink needs an absolute path, otherwise it does not work: https://github.com/nix-community/home-manager/issues/676#issuecomment-1595795685
     # TODO: At least make the location of the config folder dynamic so that it works on other machines
-    source = config.lib.file.mkOutOfStoreSymlink /home/deck/dev/nix-config/home/modules/nvim/config;
+    source = config.lib.file.mkOutOfStoreSymlink /home/deck/dev/nix-config/modules/nvim/config;
   };
 }

modules/nvim/default.nix

@@ -4,6 +4,6 @@
   xdg.configFile."nvim" = {
     # mkOutOfStoreSymlink needs an absolute path, otherwise it does not work: https://github.com/nix-community/home-manager/issues/676#issuecomment-1595795685
     # TODO: At least make the location of the config folder dynamic so that it works on other machines
-    source = config.lib.file.mkOutOfStoreSymlink /Users/dennis/dev/nix-config/home/modules/nvim/config;
+    source = config.lib.file.mkOutOfStoreSymlink /Users/dennis/dev/nix-config/modules/nvim/config;
   };
 }

modules/openssh/default.nix

@@ -0,0 +1,12 @@
+{
+  services.openssh = {
+    enable = true;
+    settings = {
+      X11Forwarding = false;
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+    };
+    openFirewall = true;
+  };
+}
+

modules/syncthing/default.nix

@@ -0,0 +1,25 @@
+{
+  services.syncthing = {
+    enable = true;
+    group = "users";
+    guiAddress = "0.0.0.0:8384";
+    user = "dennis";
+    configDir = "/home/dennis/.config/syncthing";
+    overrideDevices = true;
+    overrideFolders = true;
+    settings = {
+      devices = {
+        "dnsc-air" = { id = "RYFO5XN-RRZZQI3-4W5DPHO-C7OKL5N-ZUQUBEI-ZKSWUHM-2BMTFRY-MDC7MA3"; };
+        "dnsc-phone" = { id = "NGHODAF-W646NPR-R5IEL2R-QLULKB6-I4APGMB-5PIM6B6-5HZCLAV-HRTSEQI"; };
+      };
+      folders = {
+        "notes" = {
+          path = "/home/dennis/notes";
+          devices = [ "dnsc-air" "dnsc-phone" ];
+        };
+      };
+    };
+  };
+  systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
+}
+

modules/ups/default.nix

@@ -0,0 +1,18 @@
+{
+  power.ups = {
+    enable = true;
+  
+    ups."eaton-ups" = {
+      driver = "usbhid-ups";
+      port = "auto";
+    };
+  
+    users.upsmon = {
+      passwordFile = "/etc/upsmon.passwd";
+      upsmon = "primary";
+    };
+  
+    upsmon.monitor."eaton-ups".user = "upsmon";
+  };
+}
+

modules/uptime-kuma/default.nix

@@ -0,0 +1,8 @@
+{
+  services.uptime-kuma = {
+    enable = true;
+    settings = {
+      PORT = "9000";
+    };
+  };
+}

modules/vaultwarden/default.nix

@@ -0,0 +1,8 @@
+{
+  config, ...
+}: {
+  services.vaultwarden = {
+    enable = true;
+    environmentFile = config.age.secrets."vaultwarden/env".path;
+  };
+}

modules/wezterm/default.nix

@@ -4,6 +4,6 @@
   xdg.configFile."wezterm" = {
     # mkOutOfStoreSymlink needs an absolute path, otherwise it does not work: https://github.com/nix-community/home-manager/issues/676#issuecomment-1595795685
     # TODO: At least make the location of the config folder dynamic so that it works on other machines
-    source = config.lib.file.mkOutOfStoreSymlink /Users/dennis/dev/nix-config/home/modules/wezterm/config;
+    source = config.lib.file.mkOutOfStoreSymlink /Users/dennis/dev/nix-config/modules/wezterm/config;
   };
 }

todo.txt

@@ -1,16 +0,0 @@
-x 2025-04-12 2025-03-01 Set up luals +config @home due:2025-05-01
-x Set up eslint ls
-x Set up jsonls
-x Set up better (Enter vs. super-tab) keymaps for blink
-x Set up keymaps for LSP
-x Set up snacks picker instead of fzf
-x 2025-05-06 Set up lua dev environment
-x 2025-05-06 Steam deck install Nix https://github.com/DeterminateSystems/nix-installer?tab=readme-ov-file
-x 2025-05-06 2025-05-04 which-key Neovim Config fixen +neovim
-x 2025-05-06 2025-05-04 which-key mappings in keymaps.lua mit descriptions +neovim
-x 2025-05-06 2025-05-04 substitute.nvim konfigurieren +neovim
-x 2025-05-06 2025-05-06 Steam Deck nix build fixen +deck
-x 2025-05-06 2025-04-26 IP Access restricten für dnsc-vps-sm (https://github.com/Oak-Digital/nixos-ip-whitelist-firewall) +homelab
-2025-05-06 Steam deck install Tailscale https://github.com/tailscale-dev/deck-tailscale +deck
-2025-04-25 Backup einrichten für Vaultwarden (https://www.arthurkoziel.com/restic-backups-b2-nixos/, https://github.com/dani-garcia/vaultwarden/wiki/General-%28not-docker%29) +homelab
-