about summary refs log tree commit diff
path: root/configurations
diff options
context:
space:
mode:
Diffstat (limited to 'configurations')
-rw-r--r--configurations/default.nix87
-rw-r--r--configurations/eonwe/default.nix84
-rw-r--r--configurations/manwe/default.nix88
-rw-r--r--configurations/manwe/mailserver.nix96
-rw-r--r--configurations/manwe/webserver.nix25
-rw-r--r--configurations/melian/default.nix134
-rw-r--r--configurations/test-headful/default.nix19
-rw-r--r--configurations/test-headless/default.nix13
-rw-r--r--configurations/varda/default.nix62
-rw-r--r--configurations/yavanna/default.nix46
10 files changed, 0 insertions, 654 deletions
diff --git a/configurations/default.nix b/configurations/default.nix
deleted file mode 100644
index a488cf1..0000000
--- a/configurations/default.nix
+++ /dev/null
@@ -1,87 +0,0 @@
-{
-  inputs,
-  lib,
-}:
-with lib; let
-  mkConfiguration = name: {
-    modules ? [],
-    configuration ? ./${name},
-    this ? my.configurations.${name},
-  }:
-    nameValuePair name (nixosSystem {
-      inherit (this) system;
-      modules =
-        attrValues inputs.self.nixosModules
-        ++ modules
-        ++ optional (configuration != null) (import configuration);
-      specialArgs = {inherit inputs lib this;};
-    });
-in
-  mapAttrs' mkConfiguration {
-    # A dummy configuration to test the "headless" profile.
-    test-headless = {
-      modules = with inputs; [
-        "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
-        nixpkgs.nixosModules.notDetected
-      ];
-      this = {
-        hostname = "test-headless";
-        system = "x86_64-linux";
-        isHeadless = true;
-        isHeadful = false;
-      };
-    };
-
-    # A dummy configuration to test the "headful" profile.
-    test-headful = {
-      modules = with inputs; [
-        "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
-        nixpkgs.nixosModules.notDetected
-      ];
-      this = {
-        hostname = "test-headful";
-        system = "x86_64-linux";
-        isHeadless = false;
-        isHeadful = true;
-      };
-    };
-
-    # A beefy desktop PC: 7950x/rx6750xt/128GB.
-    eonwe.modules = with inputs; [
-      nixos-hardware.nixosModules.common-cpu-amd
-      nixos-hardware.nixosModules.common-gpu-amd
-      nixos-hardware.nixosModules.common-pc-ssd
-      nixpkgs.nixosModules.notDetected
-    ];
-
-    # ThinkPad T480.
-    melian.modules = with inputs; [
-      nixos-hardware.nixosModules.common-pc-laptop-ssd
-      nixos-hardware.nixosModules.lenovo-thinkpad-t480
-      nixpkgs.nixosModules.notDetected
-    ];
-
-    # VPS: Germany
-    manwe.modules = with inputs; [
-      "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
-      nixos-hardware.nixosModules.common-cpu-amd
-      nixos-hardware.nixosModules.common-pc-ssd
-      nixpkgs.nixosModules.notDetected
-    ];
-
-    # VPS: Germany
-    varda.modules = with inputs; [
-      "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
-      nixos-hardware.nixosModules.common-cpu-amd
-      nixos-hardware.nixosModules.common-pc-ssd
-      nixpkgs.nixosModules.notDetected
-    ];
-
-    # VPS: France
-    yavanna.modules = with inputs; [
-      "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
-      nixos-hardware.nixosModules.common-cpu-intel
-      nixos-hardware.nixosModules.common-pc-hdd
-      nixpkgs.nixosModules.notDetected
-    ];
-  }
diff --git a/configurations/eonwe/default.nix b/configurations/eonwe/default.nix
deleted file mode 100644
index c9af8e5..0000000
--- a/configurations/eonwe/default.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  nixfiles.modules = {
-    wireguard.client.enable = true;
-
-    syncthing.enable = true;
-
-    openssh.server.enable = true;
-
-    games = {
-      lutris.enable = true;
-      steam.enable = true;
-    };
-    android.enable = true;
-    bluetooth.enable = true;
-    libvirtd.enable = true;
-    qutebrowser.enable = true;
-  };
-
-  hm.programs = {
-    firefox.profiles.default.settings."media.ffmpeg.vaapi.enabled" = true;
-
-    mpv.config = {
-      hwdec = "vdpau";
-      vo = "vdpau";
-      profile = "gpu-hq";
-    };
-  };
-
-  networking = {
-    interfaces = {
-      eth0.useDHCP = true;
-      wlan0.useDHCP = true;
-    };
-
-    networkmanager = {
-      enable = true;
-      wifi.backend = "iwd";
-    };
-
-    wireless = {
-      enable = false;
-      iwd.enable = true;
-      userControlled.enable = true;
-      allowAuxiliaryImperativeNetworks = true;
-    };
-  };
-
-  boot = {
-    initrd.availableKernelModules = ["ahci" "nvme" "sd_mod" "usb_storage" "usbhid" "xhci_pci"];
-
-    loader = {
-      efi.canTouchEfiVariables = true;
-
-      systemd-boot = {
-        enable = true;
-        configurationLimit = 10;
-      };
-    };
-  };
-
-  fileSystems = {
-    "/boot" = {
-      device = "/dev/disk/by-uuid/FF1E-9CFD";
-      fsType = "vfat";
-    };
-
-    "/" = {
-      device = "/dev/disk/by-uuid/20276c1b-7e46-430b-b741-2f4aeb76bc51";
-      fsType = "xfs";
-      options = ["noatime"];
-    };
-  };
-
-  zramSwap = {
-    enable = true;
-    memoryPercent = 25;
-  };
-}
diff --git a/configurations/manwe/default.nix b/configurations/manwe/default.nix
deleted file mode 100644
index b8dd324..0000000
--- a/configurations/manwe/default.nix
+++ /dev/null
@@ -1,88 +0,0 @@
-{
-  config,
-  lib,
-  this,
-  ...
-}:
-with lib; {
-  imports = [
-    ./mailserver.nix
-    ./webserver.nix
-  ];
-
-  nixfiles.modules = {
-    nsd = {
-      enable = true;
-      fqdn = "ns1.${config.networking.domain}";
-    };
-    unbound.enable = true;
-
-    wireguard.server.enable = true;
-
-    acme.enable = true;
-
-    monitoring.enable = true;
-
-    postgresql.enable = true;
-
-    git.server = {
-      enable = true;
-      domain = "git.${my.domain.azahi}";
-    };
-
-    gotify.enable = true;
-    matrix.dendrite = {
-      enable = true;
-      domain = my.domain.azahi;
-    };
-    radicale.enable = true;
-    rss-bridge.enable = true;
-    shadowsocks.enable = true;
-    soju = {
-      enable = true;
-      domain = my.domain.azahi;
-    };
-    vaultwarden.enable = true;
-  };
-
-  boot = {
-    loader.grub = {
-      enable = true;
-      device = "/dev/sda";
-    };
-
-    initrd.availableKernelModules = [
-      "ata_piix"
-      "sd_mod"
-      "sr_mod"
-      "uhci_hcd"
-      "virtio_pci"
-      "virtio_scsi"
-    ];
-  };
-
-  fileSystems = {
-    "/boot" = {
-      device = "/dev/sda1";
-      fsType = "xfs";
-      options = ["noatime"];
-    };
-
-    "/" = {
-      device = "/dev/sda2";
-      fsType = "xfs";
-      options = ["noatime"];
-    };
-  };
-
-  swapDevices = [
-    {
-      device = "/dev/sda3";
-    }
-  ];
-
-  zramSwap = {
-    enable = true;
-    memoryPercent = 25;
-  };
-}
diff --git a/configurations/manwe/mailserver.nix b/configurations/manwe/mailserver.nix
deleted file mode 100644
index 966c21c..0000000
--- a/configurations/manwe/mailserver.nix
+++ /dev/null
@@ -1,96 +0,0 @@
-{
-  config,
-  inputs,
-  lib,
-  ...
-}:
-with lib; {
-  imports = [inputs.simple-nixos-mailserver.nixosModule];
-
-  secrets = {
-    dkim-key-azahi-cc = {
-      file = "${inputs.self}/secrets/dkim-key-azahi-cc";
-      path = "/var/dkim/${my.domain.azahi}.${config.mailserver.dkimSelector}.key";
-      owner = "opendkim";
-      group = "opendkim";
-    };
-    dkim-key-rohan-net = {
-      file = "${inputs.self}/secrets/dkim-key-rohan-net";
-      path = "/var/dkim/${my.domain.rohan}.${config.mailserver.dkimSelector}.key";
-      owner = "opendkim";
-      group = "opendkim";
-    };
-    dkim-key-gondor-net = {
-      file = "${inputs.self}/secrets/dkim-key-gondor-net";
-      path = "/var/dkim/${my.domain.gondor}.${config.mailserver.dkimSelector}.key";
-      owner = "opendkim";
-      group = "opendkim";
-    };
-    dkim-key-shire-me = {
-      file = "${inputs.self}/secrets/dkim-key-shire-me";
-      path = "/var/dkim/${my.domain.shire}.${config.mailserver.dkimSelector}.key";
-      owner = "opendkim";
-      group = "opendkim";
-    };
-  };
-
-  nixfiles.modules.acme.enable = true;
-
-  mailserver = let
-    cert = config.certs.${my.domain.shire};
-  in {
-    enable = true;
-
-    fqdn = config.networking.domain;
-    domains = with my.domain; [azahi gondor rohan shire];
-
-    localDnsResolver = false;
-
-    certificateScheme = 1;
-    certificateFile = "${cert.directory}/fullchain.pem";
-    keyFile = "${cert.directory}/key.pem";
-
-    lmtpSaveToDetailMailbox = "no";
-
-    loginAccounts = with my.domain; {
-      "azahi@${shire}" = {
-        hashedPassword = "@HASHED_PASSWORD@";
-        aliases = [
-          "@${azahi}"
-          "@${rohan}"
-          "@${gondor}"
-          "abuse@${shire}"
-          "admin@${shire}"
-          "ceo@${shire}"
-          "postmaster@${shire}"
-        ];
-      };
-      "samwise@${shire}" = {
-        hashedPassword = "@HASHED_PASSWORD@";
-        aliases = ["chad@${shire}"];
-        quota = "1G";
-      };
-      "pippin@${shire}" = {
-        hashedPassword = "@HASHED_PASSWORD@";
-        quota = "1G";
-      };
-      "meriadoc@${shire}" = {
-        hashedPassword = "@HASHED_PASSWORD@";
-        quota = "1G";
-      };
-    };
-  };
-
-  services.fail2ban.jails = {
-    dovecot = ''
-      enabled = true
-      mode = aggressive
-    '';
-    postfix = ''
-      enabled = true
-      mode = aggressive
-    '';
-  };
-
-  system.extraDependencies = [inputs.simple-nixos-mailserver];
-}
diff --git a/configurations/manwe/webserver.nix b/configurations/manwe/webserver.nix
deleted file mode 100644
index e1ee425..0000000
--- a/configurations/manwe/webserver.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-  inputs,
-  lib,
-  ...
-}:
-with lib; {
-  nixfiles.modules.nginx.virtualHosts = with my.domain;
-    {
-      ${shire}.locations."/".return = "301 https://www.youtube.com/watch?v=dQw4w9WgXcQ";
-      "git.${shire}".locations."/".return = "301 https://git.${azahi}";
-      "bitwarden.${shire}".locations."/".return = "301 https://vaultwarden.${shire}";
-      ${azahi} = {
-        serverAliases = ["frodo.${gondor}" "frodo.${rohan}"];
-        locations."/".root = inputs.azahi-cc;
-      };
-    }
-    // (let
-      frodo = "301 https://frodo.";
-    in {
-      ${gondor}.locations."/".return = concatStrings [frodo gondor];
-      ${rohan}.locations."/".return = concatStrings [frodo rohan];
-    });
-
-  system.extraDependencies = [inputs.azahi-cc];
-}
diff --git a/configurations/melian/default.nix b/configurations/melian/default.nix
deleted file mode 100644
index f296546..0000000
--- a/configurations/melian/default.nix
+++ /dev/null
@@ -1,134 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib; {
-  nixfiles.modules = {
-    wireguard.client.enable = true;
-
-    syncthing.enable = true;
-
-    bluetooth.enable = true;
-
-    throttled.enable = true;
-  };
-
-  networking = {
-    interfaces = {
-      eth0.useDHCP = true;
-      wlan0.useDHCP = true;
-    };
-
-    networkmanager = {
-      enable = true;
-      wifi.backend = "iwd";
-    };
-
-    wireless = {
-      enable = false;
-      iwd.enable = true;
-      userControlled.enable = true;
-      allowAuxiliaryImperativeNetworks = true;
-    };
-  };
-
-  hardware.trackpoint = {
-    enable = true;
-    speed = 500;
-    sensitivity = 250;
-  };
-
-  powerManagement = let
-    modprobe = "${pkgs.kmod}/bin/modprobe";
-  in {
-    enable = true;
-
-    # This fixes an issue with not being able to suspend or wake up from suspend
-    # due to a kernel bug[1].
-    #
-    # [1]: https://bbs.archlinux.org/viewtopic.php?id=270964
-    # [1]: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/522998
-    # [1]: https://bugs.launchpad.net/ubuntu/+source/pm-utils/+bug/562484/comments/3
-    # [1]: https://gist.github.com/ioggstream/8f380d398aef989ac455b93b92d42048
-    powerDownCommands = "${modprobe} -r xhci_pci";
-    powerUpCommands = "${modprobe} xhci_pci";
-  };
-
-  services = {
-    thinkfan = {
-      enable = true;
-
-      settings = {
-        sensors = [
-          {
-            hwmon = "/sys/class/hwmon";
-            name = "coretemp";
-            indices = [1];
-          }
-        ];
-        fans = [{tpacpi = "/proc/acpi/ibm/fan";}];
-        levels = [
-          ["level auto" 0 50]
-          ["level disengaged" 50 32767]
-        ];
-      };
-    };
-
-    fwupd.enable = true;
-  };
-
-  boot = {
-    # Speeding up Wi-Fi a bit.
-    extraModprobeConfig = ''
-      options iwlwifi 11n_disable=1
-    '';
-
-    initrd = {
-      availableKernelModules = ["ahci" "nvme" "sd_mod" "usb_storage" "usbhid" "xhci_pci"];
-
-      luks.devices."root" = {
-        device = "/dev/disk/by-uuid/c1b46f24-eec0-47d2-a142-75ddfd7bb218";
-        allowDiscards = true;
-        bypassWorkqueues = true;
-      };
-    };
-
-    loader = {
-      efi.canTouchEfiVariables = true;
-
-      systemd-boot = {
-        enable = true;
-        configurationLimit = 10;
-      };
-    };
-  };
-
-  fileSystems = {
-    "/boot" = {
-      device = "/dev/disk/by-uuid/1083-C8A0";
-      fsType = "vfat";
-    };
-
-    "/" = {
-      device = "/dev/disk/by-uuid/bb8b09dc-cc67-47e5-8280-532b17a9e62a";
-      fsType = "xfs";
-      options = ["noatime"];
-    };
-  };
-
-  # NOTE This will make hibernation extremely hard if on an encrypted partition.
-  # This also could not work on ZFS or Btrfs.
-  swapDevices = [
-    {
-      device = "/swapfile";
-      size = 8 * 1024;
-    }
-  ];
-
-  zramSwap = {
-    enable = true;
-    memoryPercent = 25;
-  };
-}
diff --git a/configurations/test-headful/default.nix b/configurations/test-headful/default.nix
deleted file mode 100644
index 25db8c7..0000000
--- a/configurations/test-headful/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{lib, ...}:
-with lib; {
-  nixfiles.modules = {
-    dwm.enable = true;
-    kde.enable = false;
-    xmonad.enable = false;
-  };
-
-  boot.loader.systemd-boot.enable = true;
-  fileSystems."/".device = "/dev/null";
-
-  documentation = {
-    enable = mkForce false;
-    man = {
-      enable = mkForce false;
-      man-db.enable = mkForce false;
-    };
-  };
-}
diff --git a/configurations/test-headless/default.nix b/configurations/test-headless/default.nix
deleted file mode 100644
index 919a436..0000000
--- a/configurations/test-headless/default.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{lib, ...}:
-with lib; {
-  nixfiles.modules = {
-    endlessh-go.enable = mkForce false;
-    node-exporter.enable = mkForce false;
-    promtail.enable = mkForce false;
-  };
-
-  boot.loader.systemd-boot.enable = true;
-  fileSystems."/".device = "/dev/null";
-
-  documentation.enable = mkForce false;
-}
diff --git a/configurations/varda/default.nix b/configurations/varda/default.nix
deleted file mode 100644
index 5e0914e..0000000
--- a/configurations/varda/default.nix
+++ /dev/null
@@ -1,62 +0,0 @@
-{
-  lib,
-  this,
-  ...
-}:
-with lib; {
-  nixfiles.modules = {
-    wireguard.client.enable = true;
-
-    acme.enable = true;
-
-    games.minecraft.server = {
-      enable = false; # Disabled because no one is playing now.
-      memory = "6G";
-    };
-  };
-
-  boot = {
-    loader = {
-      efi.canTouchEfiVariables = true;
-
-      systemd-boot = {
-        enable = true;
-        configurationLimit = 10;
-      };
-    };
-
-    initrd.availableKernelModules = [
-      "ata_piix"
-      "sd_mod"
-      "sr_mod"
-      "uhci_hcd"
-      "virtio_pci"
-      "virtio_scsi"
-    ];
-  };
-
-  fileSystems = {
-    "/boot" = {
-      device = "/dev/disk/by-uuid/03FD-B6C0";
-      fsType = "vfat";
-    };
-
-    "/" = {
-      device = "/dev/disk/by-uuid/b07e8273-915a-424c-8c55-cdc2bd482f49";
-      fsType = "xfs";
-      options = ["noatime"];
-    };
-  };
-
-  swapDevices = [
-    {
-      device = "/swapfile";
-      size = 4 * 1024;
-    }
-  ];
-
-  zramSwap = {
-    enable = true;
-    memoryPercent = 25;
-  };
-}
diff --git a/configurations/yavanna/default.nix b/configurations/yavanna/default.nix
deleted file mode 100644
index e3172a6..0000000
--- a/configurations/yavanna/default.nix
+++ /dev/null
@@ -1,46 +0,0 @@
-{
-  lib,
-  this,
-  ...
-}:
-with lib; {
-  nixfiles.modules = {
-    wireguard.client.enable = true;
-
-    syncthing.enable = true;
-
-    acme.enable = true;
-
-    rtorrent.enable = true;
-  };
-
-  boot = {
-    loader.grub = {
-      enable = true;
-      device = "/dev/sda";
-    };
-
-    initrd = {
-      availableKernelModules = ["uhci_hcd" "ahci"];
-      kernelModules = ["nvme"];
-    };
-  };
-
-  fileSystems."/" = {
-    device = "/dev/sda1";
-    fsType = "ext4";
-    options = ["noatime"];
-  };
-
-  swapDevices = [
-    {
-      device = "/swapfile";
-      size = 4 * 1024;
-    }
-  ];
-
-  zramSwap = {
-    enable = true;
-    memoryPercent = 25;
-  };
-}

Consider giving Nix/NixOS a try! <3