diff --git a/flake.nix b/flake.nix index 863a4c0..1fa787e 100644 --- a/flake.nix +++ b/flake.nix @@ -58,6 +58,7 @@ self.nixosModules.gnome self.nixosModules.wine-gaming self.nixosModules.steam + self.nixosModules.printing self.nixosModules.podman self.nixosModules.vinzenz-desktop-settings self.nixosModules.intel-graphics @@ -75,6 +76,7 @@ self.nixosModules.gnome self.nixosModules.wine-gaming self.nixosModules.steam + self.nixosModules.printing self.nixosModules.podman self.nixosModules.vinzenz-desktop-settings self.nixosModules.amd-graphics @@ -231,7 +233,6 @@ self.homeModules.zsh-basics self.homeModules.nano self.homeModules.gnome-extensions - self.homeModules.zsh-powerlevel10k ]; home-manager.users = home-manager-users; diff --git a/homeConfigurations/vinzenz/default.nix b/homeConfigurations/vinzenz/default.nix index d0990a7..a0b3e0e 100644 --- a/homeConfigurations/vinzenz/default.nix +++ b/homeConfigurations/vinzenz/default.nix @@ -5,12 +5,12 @@ ./fuzzel.nix ./git.nix ./gnome.nix - ./ssh.nix - ./vscode.nix - ./zsh.nix #./niri.nix - #./swaylock.nix - #./waybar.nix + ./ssh.nix + ./swaylock.nix + ./vscode.nix + ./waybar.nix + ./zsh.nix ]; config = { diff --git a/homeConfigurations/vinzenz/zsh.nix b/homeConfigurations/vinzenz/zsh.nix index e7dfcd9..1278aca 100644 --- a/homeConfigurations/vinzenz/zsh.nix +++ b/homeConfigurations/vinzenz/zsh.nix @@ -2,8 +2,11 @@ { config.programs.zsh = { initContent = '' + # eval "$(direnv hook zsh)"; export PATH=$PATH:/home/vinzenz/.cargo/bin + source ${pkgs.zsh-powerlevel10k}/share/zsh-powerlevel10k/powerlevel10k.zsh-theme + source ${./.zsh/p10k.zsh} ''; enableCompletion = true; @@ -25,6 +28,19 @@ path = "${config.xdg.dataHome}/zsh/history"; expireDuplicatesFirst = true; }; + + oh-my-zsh = { + enable = true; + theme = "agnoster"; + plugins = [ + "git" + "sudo" + "systemadmin" + "battery" + "dotnet" + "rust" + "tailscale" + ]; + }; }; - config.programs.zsh-powerlevel10k.enable = true; } diff --git a/homeModules/zsh-powerlevel10k.nix b/homeModules/zsh-powerlevel10k.nix deleted file mode 100644 index 83701fc..0000000 --- a/homeModules/zsh-powerlevel10k.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -{ - options.programs.zsh-powerlevel10k = { - enable = lib.mkEnableOption "powerlevel10k zsh theme"; - package = lib.mkPackageOption pkgs "zsh-powerlevel10k" { nullable = true; }; - }; - - config = - let - cfg = config.programs.zsh-powerlevel10k; - p10k = if (cfg.package != null) then cfg.package else pkgs.zsh-powerlevel10k; - in - lib.mkIf cfg.enable { - programs.zsh.initContent = '' - source ${p10k}/share/zsh-powerlevel10k/powerlevel10k.zsh-theme - ''; - }; -} diff --git a/nixosConfigurations/vinzenz-lpt2/default.nix b/nixosConfigurations/vinzenz-lpt2/default.nix index 255dd7a..58eac82 100644 --- a/nixosConfigurations/vinzenz-lpt2/default.nix +++ b/nixosConfigurations/vinzenz-lpt2/default.nix @@ -1,6 +1,7 @@ { imports = [ ./hardware.nix + ./nginx.nix ]; config = { diff --git a/nixosConfigurations/vinzenz-lpt2/nginx.nix b/nixosConfigurations/vinzenz-lpt2/nginx.nix new file mode 100644 index 0000000..d5fd6a4 --- /dev/null +++ b/nixosConfigurations/vinzenz-lpt2/nginx.nix @@ -0,0 +1,66 @@ +{ pkgs, ... }: +let + blog-domain-socket = "/run/nginx/blog.sock"; + anubis-domain-socket = "/run/anubis/anubis-blog.sock"; +in +{ + users.groups = { + anubis.members = [ "nginx" ]; + nginx.members = [ "anubis" ]; + }; + services = { + nginx = { + enable = true; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + #"vinzenz-lpt2" = { + # locations."/" = { + # proxyPass = "http://127.0.0.1:3000/"; + # proxyWebsockets = true; + # }; + # + # serverAliases = [ "172.23.42.96" ]; + #}; + + "vinzenz-lpt2" = { + locations."/" = { + proxyPass = "http://unix:" + anubis-domain-socket; + }; + }; + + "vinzenz-lpt2-in-anubis" = { + root = pkgs.zerforschen-plus-content; + listen = [ + { + addr = "unix:" + blog-domain-socket; + } + ]; + }; + }; + }; + + #networking.firewall = { + # allowedTCPPorts = [ + # 80 + # 8001 + # 3000 + # ]; + # allowedUDPPorts = [ 2342 ]; + #}; + + anubis = { + instances.main = { + enable = true; + settings = { + BIND = anubis-domain-socket; + TARGET = "unix://" + blog-domain-socket; + }; + }; + }; + }; +} diff --git a/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix b/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix new file mode 100644 index 0000000..d2b919d --- /dev/null +++ b/nixosConfigurations/vinzenz-lpt2/zerforschen-plus.nix @@ -0,0 +1,38 @@ +{ + pkgs, + ... +}: +{ + security.acme = { + acceptTerms = true; + defaults.email = "acme@zerforschen.plus"; + }; + + security.pam.services.nginx.setEnvironment = false; + systemd.services.nginx.serviceConfig = { + SupplementaryGroups = [ "shadow" ]; + }; + + services.nginx = { + enable = true; + additionalModules = [ pkgs.nginxModules.pam ]; + + recommendedProxySettings = true; + recommendedTlsSettings = true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + + virtualHosts = { + "zerforschen.plus" = { + #addSSL = true; + #enableACME = true; + root = pkgs.zerforschen-plus-content; + }; + }; + }; + + #networking.firewall.allowedTCPPorts = [ + # 80 + # 443 + #]; +}