From: cw Date: Sun, 30 Apr 2023 22:26:10 +0000 (-0500) Subject: more 0x00 stuff moved over X-Git-Url: https://git.kernelpanic.cafe/?p=MarigoldOS%2F.git;a=commitdiff_plain;h=60585824ee484171224848ea21fa2ae59eedac24 more 0x00 stuff moved over --- diff --git a/hosts/0x00.nix b/hosts/0x00.nix new file mode 100644 index 0000000..6fde482 --- /dev/null +++ b/hosts/0x00.nix @@ -0,0 +1,50 @@ +{ pkgs, lib, config, ... }: +{ + imports = [ + + # Modules + ../modules/nodeinfo.nix + ../modules/charm.nix + ../modules/alfis.nix + + # Profiles + ../profiles/alias.nix + ../profiles/alfis.nix + ../profiles/charm.nix + ../profiles/gemini.nix + ../profiles/gitea.nix + ../profiles/hedgedoc.nix + ../profiles/invidious.nix + ../profiles/libreddit.nix + ../profiles/mail.nix + ../profiles/nitter.nix + ../profiles/nodeinfo.nix + ../profiles/oh-my-zsh.nix + ../profiles/plik.nix + ../profiles/searx.nix + ../profiles/twtxt.nix + ../profiles/warez.nix + ../profiles/whitebophir.nix + ../profiles/firewall.nix + + # Requires manual config + ../networking/yggdrasil.nix # Contains ygg firewall rules and public peers. + + # Specialty profiles (hardware). You probably won't need these. + ../profiles/vpsfree.nix + ]; + nixpkgs.overlays = [ (import ../overlays/unstable.nix) ]; + networking.hostName = "0x00"; + networking.domain = "ygg"; + + # networking.tcpcrypt.enable = true; + # users.users.tcpcryptd.group = "tcpcryptd"; + # users.groups.tcpcryptd = {}; + + networking.firewall.allowedTCPPorts = lib.mkForce [ 22 ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + system.stateVersion = "21.11"; +} diff --git a/hosts/bootdisk.nix b/hosts/bootdisk.nix new file mode 100644 index 0000000..393e277 --- /dev/null +++ b/hosts/bootdisk.nix @@ -0,0 +1,38 @@ +{ pkgs, lib, config, ... }: +{ + imports = [ + # ../networking/gitns.nix + ../networking/yggdrasil.nix + ../modules/alfis.nix + ../profiles/oh-my-zsh.nix + ../profiles/alias.nix + ../profiles/plik.nix + ../profiles/warez.nix + ../profiles/gemini.nix + # ../profiles/home-manager.nix + ../profiles/recovery.nix + ]; + networking.hostName = "nixos"; + networking.domain = "local"; + + services.nginx.virtualHosts."warez.${config.networking.fqdn}" = lib.mkForce { + enableACME = false; + forceSSL = false; + }; + + services.nginx.virtualHosts."plik.${config.networking.fqdn}" = lib.mkForce { + enableACME = false; + forceSSL = false; + }; + + # networking.tcpcrypt.enable = true; + # users.users.tcpcryptd.group = "tcpcryptd"; + # users.groups.tcpcryptd = {}; + + networking.firewall.allowedTCPPorts = [ 80 ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + system.stateVersion = "21.11"; +} diff --git a/modules/nncp.nix b/modules/nncp.nix new file mode 100644 index 0000000..6d1f015 --- /dev/null +++ b/modules/nncp.nix @@ -0,0 +1,103 @@ +{ config, pkgs, lib, ... }: +let + cfg = config.services.nncp; + settingsFormat = pkgs.formats.json { }; +in +{ + options.services.nncp = { + daemon = { + enable = lib.mkEnableOption "NNCP Daemon"; + port = lib.mkOption { + type = lib.types.port; + }; + }; + caller = { + enable = lib.mkEnableOption "NNCP Caller"; + }; + configFile = lib.mkOption { + type = lib.types.path; + default = settingsFormat.generate "nncp.hjson" cfg.settings; + }; + dataDir = lib.mkOption { + type = lib.types.path; + default = "/var/lib/nncp"; + }; + user = lib.mkOption { + type = lib.types.str; + default = "nncp"; + }; + group = lib.mkOption { + type = lib.types.str; + default = "nncp"; + }; + settings = lib.mkOption { + }; + }; + config = { + systemd.tmpfiles.rules = lib.mkIf (cfg.daemon.enable || cfg.caller.enable) [ + "d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group}" + "Z '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group}" + "d '/var/spool/nncp' 0770 ${cfg.user} ${cfg.group}" + "Z '/var/spool/nncp' 0770 ${cfg.user} ${cfg.group}" + ]; + systemd.paths."nncp-watcher" = lib.mkIf (cfg.daemon.enable || cfg.caller.enable) { + wantedBy = [ "multi-user.target" ]; + pathConfig = { + PathModified = "/run/keys/nncp"; + Unit = "nncp-reloader.service"; + }; + }; + systemd.services."nncp-reloader" = lib.mkIf (cfg.daemon.enable || cfg.caller.enable) { + after = [ "networking.target" ]; + script = '' + exec ${pkgs.nncp}/bin/nncp-cfgdir -cfg ${cfg.configFile} -dump ${cfg.dataDir} + exec systemd-tmpfiles --create + ''; + serviceConfig = { + Type = "oneshot"; + WorkingDirectory = "${cfg.dataDir}"; + }; + }; + systemd.services.nncp-daemon = lib.mkIf cfg.daemon.enable { + # wantedBy = [ "multi-user.target" ]; + after = [ "nncp-reloader.service" ]; + description = "Node to Node Copy Protocol Daemon"; + serviceConfig = { + # DynamicUser = true; + User = cfg.user; + Group = cfg.group; + ExecStart = ''${pkgs.nncp}/bin/nncp-daemon -autotoss -noprogress -bind "0.0.0.0:${toString cfg.daemon.port}" -cfg ${cfg.dataDir}''; + Restart = "always"; + Type = "simple"; + RestartSec = 1; + StateDirectory = "nncp"; + WorkingDirectory = "${cfg.dataDir}"; + }; + }; + systemd.services.nncp-caller = lib.mkIf cfg.caller.enable { + # wantedBy = [ "multi-user.target" ]; + after = [ "nncp-reloader.service" ]; + description = "Node to Node Copy Protocol Caller"; + serviceConfig = { + # DynamicUser = true; + User = cfg.user; + Group = cfg.group; + ExecStart = ''${pkgs.nncp}/bin/nncp-caller -autotoss -noprogress -cfg ${cfg.dataDir}''; + Restart = "always"; + Type = "simple"; + RestartSec = 1; + StateDirectory = "nncp"; + WorkingDirectory = "${cfg.dataDir}"; + }; + }; + users.users = lib.mkIf (cfg.user == "nncp") { + nncp = { + description = "NNCP daemon user"; + isSystemUser = true; + group = cfg.group; + home = cfg.dataDir; + }; + }; + users.groups = lib.mkIf (cfg.group == "nncp") { nncp = { }; }; + }; +} diff --git a/profiles/alias.nix b/profiles/alias.nix new file mode 100644 index 0000000..021d192 --- /dev/null +++ b/profiles/alias.nix @@ -0,0 +1,93 @@ +{ pkgs, lib, ... }: +{ + environment.shellAliases = { + # Aliases - For when you want to save keystrokes + + ## Better defaults + cp = "cp -i"; # Confirm before overwriting something + ln = "ln -i"; # Confirm before overwriting something + mv = "mv -i"; # Confirm before overwriting something + df = "df -h"; # Human-readable sizes + free = "free -m"; # Show sizes in MB + ls = "ls -h --color=auto"; # Human readable, Color + sudo = lib.mkDefault "sudo "; # ending in space allows next word to be aliased. + diff = "diff --color=auto"; + grep = "grep --color=auto"; + ip = "ip --color=auto"; + dir = "dir --color=auto"; + + md = "mkdir"; + # shit = "sudo !!"; + + lswifi = "nmcli device wifi list --rescan yes"; + + pip3s = "pip3 search"; + pip3i = "pip3 install"; + pms = "nix search"; # Package manager search. Was originally pacman search, but works equally we ll for this . + pmi = " nix-env -iA"; # Package manager install. Installs imperitively to user + pmiu = "nix-env -f channel:nixos-unstable -iA"; # Same as above but unstable channel + pmis = "nix-env -i"; # the s stands for... slow, sketchy, something + + sshfs = "sshfs -o auto_unmount -o reconnect"; + sshfsc = "sshfs -o auto_unmount -o reconnect -o auto_cache"; + + ## Shortcuts to Common Args + ### NixOS stuff + rebuild = "sudo nixos-rebuild test"; + rebuild-lock = "sudo nixos-rebuild switch"; + nsp = "nix-shell -p"; + # nix-index-update = "${pkgs.nix-index}/bin/nix-index"; + nt = "nix-top"; + + ## Full File search + ffs = "grep --line-buffered --color=never -r '' * | ${pkgs.fzf}/bin/fzf"; + + ### ls + la = "ls -Ah --color=auto"; # Show hidden files + ll = "ls -lh --color=auto"; # Show file size, modified date + lla = "ls -lAh --color=auto"; # Show everything + + ## Lighternet + # gopher = "${pkgs.ncgopher}/bin/ncgopher"; + # gemini = "${pkgs.amfora}/bin/amfora"; + + ### Taskwarrior + # twa = "${pkgs.taskwarrior}/bin/task add"; + # twm = "${pkgs.taskwarrior}/bin/task modify"; + + ### IPFS + #ipfs = "sudo -u ipfs ipfs"; + + nixed = "nano /etc/nixos/configuration.nix"; + cdnix = "cd /etc/nixos/"; + + aliased = "nano $HOME/.alias && source $HOME/.alias"; # Same but alias and functions + zshed = "nano $HOME/.zshrc && source $HOME/.zshrc"; # Edit zshrc then source it + + ## Moving Around + "cd.." = "cd .."; + "cd..." = "cd ../.."; + "cd...."= "cd ../../.."; + "cd....." = "cd ../../../.."; + "cd......" = "cd ../../../../.."; + + lsgrep = "ls -a | grep -i"; + hgrep = "history | grep -i"; + psgrep = "ps aux | grep -i"; + + wget = "${pkgs.wget}/bin/wget -c"; + chown = "chown --preserve-root"; + chmod = "chmod --preserve-root"; + chgrp = "chgrp --preserve-root"; + + # app shortcuts + # what = "${pkgs.goldendict}/bin/goldendict";# Instant lookup in dictionary or wikipedia + ydl = "${pkgs.yt-dlp}/bin/yt-dlp"; + # ydlp = "${pkgs.yt-dlp}/bin/yt-dlp --proxy socks5://127.0.0.1:9090"; + # ydlp2 = "${pkgs.yt-dlp}/bin/yt-dlp --proxy socks5://127.0.0.1:9091"; + ydlm = "${pkgs.yt-dlp}/bin/yt-dlp -o '%(artist)s-%(title)s.%(ext)s' --add-metadata -x --audio-quality 0"; + ydlmp = "${pkgs.yt-dlp}/bin/yt-dlp -o '%(artist)s-%(album)s/%(playlist_index)s-%(artist)s-%(title)s.%(ext)s' --add-metadata -x --audio-quality 0"; + youtube-dl = "${pkgs.yt-dlp}/bin/yt-dlp"; + + }; +}