--- /dev/null
+{ config, pkgs, lib, ... }:
+let
+ cfg = config.services.archivebox;
+in
+{
+ options.services.archivebox = {
+ enable = lib.mkEnableOption "Archivebox server";
+ port = lib.mkOption {
+ type = lib.types.port;
+ };
+ dataDir = lib.mkOption {
+ type = lib.types.path;
+ default = "/var/lib/archivebox";
+ };
+ user = lib.mkOption {
+ type = lib.types.str;
+ default = "archivebox";
+ };
+ group = lib.mkOption {
+ type = lib.types.str;
+ default = "archivebox";
+ };
+ };
+ config = {
+ systemd.tmpfiles.rules = lib.mkIf cfg.enable [
+ "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group}"
+ "Z '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group}"
+ ];
+ systemd.services.archivebox = lib.mkIf cfg.enable {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+ description = "Archives webpages in multiple formats.";
+ serviceConfig = {
+ # DynamicUser = true;
+ User = cfg.user;
+ Group = cfg.group;
+ ExecStart = ''${pkgs.archivebox}/bin/archivebox server --init ${toString cfg.port}'';
+ Restart = "always";
+ Type = "simple";
+ RestartSec = 1;
+ StateDirectory = "archivebox";
+ WorkingDirectory = "${cfg.dataDir}";
+ };
+ };
+ users.users = lib.mkIf (cfg.user == "archivebox") { # "${cfg.user.default}") {
+ "${cfg.user}" = {
+ description = "Archivebox daemon user";
+ isSystemUser = true;
+ group = cfg.group;
+ home = cfg.dataDir;
+ };
+ };
+ users.groups = lib.mkIf (cfg.group == "archivebox") { "${cfg.group}" = { }; }; # What a monstrosity of a line. I make me sick.
+ };
+}
--- /dev/null
+{ config, pkgs, lib, ... }:
+with lib;
+let
+ cfg = config.services.yggmail;
+in {
+ options.services.yggmail = {
+ enable = mkEnableOption "yggmail mailserver";
+
+ peer = mkOption {
+ #default = "";
+ type = types.str;
+ default = "tcp://127.0.0.1:6893";
+ example = "tcp://127.0.0.1:6893";
+ description = ''
+ Connect to a specific Yggdrasil static peer
+ '';
+ };
+
+ listenAddress = mkOption {
+ default = "localhost";
+ example = "127.0.0.1";
+ type = types.str;
+ description = ''
+ Interface address to listen on
+ '';
+ };
+
+ imapPort = mkOption {
+ default = "localhost:1143";
+ example = "localhost:1143";
+ type = types.port;
+ description = ''
+ Listen port for IMAP
+ '';
+ };
+
+ smtpPort = mkOption {
+ default = "localhost:1025";
+ example = "localhost:1025";
+ type = types.port;
+ description = ''
+ Listen port for SMTP
+ '';
+ };
+ };
+ config = mkIf cfg.enable {
+ systemd.services.yggmail = {
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+ description = "Start the yggmail daemon.";
+ serviceConfig = {
+ DynamicUser = true;
+ #AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
+ #CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
+ ExecStart = ''${pkgs.nur.yggmail}/bin/yggmail -imap=${cfg.listenAddress}:${toString cfg.imapPort} -smtp=${cfg.listenAddress}:${toString cfg.smtpPort} -peer=${cfg.peer}'';
+ Restart = "always";
+ StateDirectory = "yggmail";
+ WorkingDirectory = "/var/lib/yggmail";
+ };
+ };
+ };
+}
+
--- /dev/null
+{ pkgs, lib, ... }:
+let
+ unstable = import <nixos-unstable> {};
+in
+{
+
+ imports = [
+ ./oh-my-zsh.nix
+ ./plasma-tiling.nix
+ ];
+
+ users.users.nixos = {
+ password = "soxin";
+ shell = pkgs.zsh;
+ extraGroups = [
+ "wheel"
+ ];
+ isNormalUser = true;
+ };
+
+ # networking.networkmanager.enable = true;
+ # networking.networkmanager.wifi.macAddress = "random";
+ # networking.networkmanager.wifi.backend = "iwd";
+ # networking.wireless.iwd.enable = true;
+
+ environment.systemPackages = with pkgs; [
+ # General Purpose Tools
+ firefox # A containerized operating system designed to run closed-source and walled-garden applications.
+ fzf # fast fuzzy finder
+ srm # secure rm
+ chipsec # CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components.CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components.
+ wormhole-william # Send files between computers
+ charm # SSH-authenticated """cloud""" storage.
+ vlc # Should open pics and video. If I need a seperate picture viewer please let me know.
+ rmlint # filesystem cleanup. Finds dupes, broken symlinks, empty files/dirs, and more.
+ xplr # TUI file browser designed for integration with other CLI utilities.
+ updog # Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use HTTP basic auth.
+ busybox # YOU KNOW IT!
+
+ # Images
+ partimage # open source disk backup software
+ etcher # burn images to sd/usb
+ fuseiso # FUSE module to mount ISO filesystem images
+ diskrsync # rsync for block devices and disk images
+ secretscanner # Tool to find secrets and passwords in container images and file systems
+ skopeo # A command line utility for various operations on container images and image repositories
+ unetbootin # A tool to create bootable live USB drives from ISO images
+ genimage # genimage is a tool to generate multiple filesystem and flash/disk images from a given root filesystem tree
+
+ # Partitioning
+ parted # Create, destroy, resize, check, and copy partitions
+ gparted # ^ but graphical
+ gnufdisk # A command-line disk partitioning tool
+ gptfdisk # gdisk and cgdisk
+ e2fsprogs # Tools for creating and checking ext2/ext3/ext4 filesystems
+ zerofree # Zero free blocks from ext2, ext3 and ext4 file-systems
+ cryptsetup # LUKS aka encryption.
+
+ # UEFI
+ efitools # Tools for manipulating UEFI secure boot platforms
+ uefitool # UEFI firmware image viewer and editor
+ uefi-firmware-parser # Parse BIOS/Intel ME/UEFI firmware related structures: Volumes, FileSystems, Files, etc
+ beefi # script to create bootable EFISTUB kernel images
+
+ # Data Recovery
+ ddrescue # data recovery tool
+ ddrescueview # tool to graphically examine ddrescue mapfiles
+ testdisk # Data recovery utilities
+ testdisk-qt # ^ but graphical.
+ safecopy # Data recovery tool which tries to extract as much data as possible from a problematic (i.e. damaged sectors) source
+ sleuthkit # Open source digital forensics
+ foremost # Foremost is a console program to recover files based on their headers, footers, and internal data structures.
+ # volatility # advanced memory forensics framework, can read from crashdumps, vm dumps, hibernation files, and more. Needs py3 instead of py2. Override this and reinclude.
+ ext4magic # Recover / undelete files from ext3 or ext4 partitions
+ extundelete # Utility that can recover deleted files from an ext3 or ext4 partition
+ # photorec # file recovery utility using data carving techniques. It searches for known file headers and because there is (usually) no data fragmentation, it can recover the whole file. It can also handle some cases of low data fragmentation.
+
+ # btrfs
+ btrfs-progs
+ bedup # btrfs deduplication
+ btrbk # backup btrfs subvolumes
+ btrfs-heatmap # Visualize the layout of a mounted btrfs
+ unstable.btrfs-snap # creates and maintains history of snapshots of btrfs filesystems
+ buttersink # synchronise btrfs snapshots
+ compsize # find compression type/ratio on a file or set of files
+ dduper # Fast block-level out-of-band BTRFS deduplication tool.
+
+ # tunnelling
+ iodine # IPv4 over DNS tunnel
+ httptunnel # bidirectional virtual data path tunnelled in HTTP requests. The requests can be sent via an HTTP proxy if so desired.
+ http2tcp # expose TCP app like ssh to the web.
+ hans # TCP over ICMP tunnel
+ clash # Powerful rule-based tunnel. wtf is a premium release?
+ chisel # A fast TCP/UDP tunnel over HTTP
+ ];
+}