sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

chore: update flake, disable unifi by default

Browse source
This commit is contained in:
oddlama 2024-12-17 01:35:42 +01:00
parent 5d78bf6578
commit 1302f23133
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
11 changed files with 215 additions and 212 deletions
Download patch file Download diff file Expand all files Collapse all files

14
config/graphical/fonts.nix
View file

@ -27,13 +27,13 @@
</fontconfig>
'';
packages = with pkgs; [
(pkgs.nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
noto-fonts-extra
packages = [
pkgs.nerd-fonts.symbols-only
pkgs.noto-fonts
pkgs.noto-fonts-cjk-sans
pkgs.noto-fonts-cjk-serif
pkgs.noto-fonts-emoji
pkgs.noto-fonts-extra
];
};

1
config/users.nix
View file

@ -41,5 +41,6 @@
actual = uidGid 970;
flatpak = uidGid 969;
plugdev.gid = 967;
unifi = uidGid 968;
};
}

168
flake.lock generated
View file

@ -36,11 +36,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1732704340,
"narHash": "sha256-zcX8QIaaJJ5Us53vaWMPH2LNkZBCSwTH7pI+FgXCg+0=",
"lastModified": 1734208773,
"narHash": "sha256-K2ugS2XJSyF3lYCrT5SCJtSAqndn/c5OwPkC5Nl18BU=",
"owner": "oddlama",
"repo": "agenix-rekey",
"rev": "662522cf89fde332157e527b4322d614598631d9",
"rev": "1472730015a2b3da0de09d9f1538bab3a816f618",
"type": "github"
},
"original": {
@ -368,11 +368,11 @@
]
},
"locked": {
"lastModified": 1732742778,
"narHash": "sha256-i+Uw8VOHzQe9YdNwKRbzvaPWLE07tYVqUDzSFTXhRgk=",
"lastModified": 1734343412,
"narHash": "sha256-b7G8oFp0Nj01BYUJ6ENC9Qf/HsYAIZvN9k/p0Kg/PFU=",
"owner": "nix-community",
"repo": "disko",
"rev": "341482e2f4d888e3f60cae1c12c3df896e7230d8",
"rev": "a08bfe06b39e94eec98dd089a2c1b18af01fef19",
"type": "github"
},
"original": {
@ -669,11 +669,11 @@
"nixpkgs-lib": "nixpkgs-lib_3"
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
@ -708,11 +708,11 @@
]
},
"locked": {
"lastModified": 1730504689,
"narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "506278e768c2a08bec68eb62932193e341f55c90",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
@ -762,11 +762,11 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@ -901,11 +901,11 @@
]
},
"locked": {
"lastModified": 1732021966,
"narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
"lastModified": 1734279981,
"narHash": "sha256-NdaCraHPp8iYMWzdXAt5Nv6sA3MUzlCiGiR586TCwo0=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
"rev": "aa9f40c906904ebd83da78e7f328cd8aeaeae785",
"type": "github"
},
"original": {
@ -1092,16 +1092,16 @@
"gnome-shell": {
"flake": false,
"locked": {
"lastModified": 1713702291,
"narHash": "sha256-zYP1ehjtcV8fo+c+JFfkAqktZ384Y+y779fzmR9lQAU=",
"lastModified": 1732369855,
"narHash": "sha256-JhUWbcYPjHO3Xs3x9/Z9RuqXbcp5yhPluGjwsdE2GMg=",
"owner": "GNOME",
"repo": "gnome-shell",
"rev": "0d0aadf013f78a7f7f1dc984d0d812971864b934",
"rev": "dadd58f630eeea41d645ee225a63f719390829dc",
"type": "github"
},
"original": {
"owner": "GNOME",
"ref": "46.1",
"ref": "47.2",
"repo": "gnome-shell",
"type": "github"
}
@ -1113,11 +1113,11 @@
]
},
"locked": {
"lastModified": 1732793095,
"narHash": "sha256-6TrknJ8CpvSSF4gviQSeD+wyj3siRcMvdBKhOXkEMKU=",
"lastModified": 1734344598,
"narHash": "sha256-wNX3hsScqDdqKWOO87wETUEi7a/QlPVgpC/Lh5rFOuA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "2f7739d01080feb4549524e8f6927669b61c6ee3",
"rev": "83ecd50915a09dca928971139d3a102377a8d242",
"type": "github"
},
"original": {
@ -1134,11 +1134,11 @@
]
},
"locked": {
"lastModified": 1732482255,
"narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
"lastModified": 1734093295,
"narHash": "sha256-hSwgGpcZtdDsk1dnzA0xj5cNaHgN9A99hRF/mxMtwS4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
"rev": "66c5d8b62818ec4c1edb3e941f55ef78df8141a8",
"type": "github"
},
"original": {
@ -1174,11 +1174,11 @@
},
"impermanence": {
"locked": {
"lastModified": 1731242966,
"narHash": "sha256-B3C3JLbGw0FtLSWCjBxU961gLNv+BOOBC6WvstKLYMw=",
"lastModified": 1734200366,
"narHash": "sha256-0NursoP4BUdnc+wy+Mq3icHkXu/RgP1Sjo0MJxV2+Dw=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "3ed3f0eaae9fcc0a8331e77e9319c8a4abd8a71a",
"rev": "c6323585fa0035d780e3d8906eb1b24b65d19a48",
"type": "github"
},
"original": {
@ -1237,11 +1237,11 @@
"spectrum": "spectrum"
},
"locked": {
"lastModified": 1732633513,
"narHash": "sha256-6LmtOmeDpv9iHS8l0GNcppP11dKIJFMZLdFyxQ+qQBM=",
"lastModified": 1734041466,
"narHash": "sha256-51bhaMe8BZuNAStUHvo07nDO72wmw8PAqkSYH4U31Yo=",
"owner": "astro",
"repo": "microvm.nix",
"rev": "093ef734d3c37669860043a87dbf1c09fc6f5b38",
"rev": "3910e65c3d92c82ea41ab295c66df4c0b4f9e7b3",
"type": "github"
},
"original": {
@ -1344,11 +1344,11 @@
]
},
"locked": {
"lastModified": 1732603785,
"narHash": "sha256-AEjWTJwOmSnVYsSJCojKgoguGfFfwel6z/6ud6UFMU8=",
"lastModified": 1733570843,
"narHash": "sha256-sQJAxY1TYWD1UyibN/FnN97paTFuwBw3Vp3DNCyKsMk=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "6ab87b7c84d4ee873e937108c4ff80c015a40c7a",
"rev": "a35b08d09efda83625bef267eb24347b446c80b8",
"type": "github"
},
"original": {
@ -1364,11 +1364,11 @@
]
},
"locked": {
"lastModified": 1732519917,
"narHash": "sha256-AGXhwHdJV0q/WNgqwrR2zriubLr785b02FphaBtyt1Q=",
"lastModified": 1734234111,
"narHash": "sha256-icEMqBt4HtGH52PU5FHidgBrNJvOfXH6VQKNtnD1aw8=",
"owner": "Mic92",
"repo": "nix-index-database",
"rev": "f4a5ca5771ba9ca31ad24a62c8d511a405303436",
"rev": "311d6cf3ad3f56cb051ffab1f480b2909b3f754d",
"type": "github"
},
"original": {
@ -1387,11 +1387,11 @@
"pre-commit-hooks": "pre-commit-hooks_4"
},
"locked": {
"lastModified": 1732192922,
"narHash": "sha256-xQO/3I99TFdiXTN5VoS28NpbNlCQWQUvxmPQHlfkzmU=",
"lastModified": 1734266385,
"narHash": "sha256-k9P9Sa6jw/Xre8UDp7Ukk75h4Tcq8ZrK+nz6A2MC1IM=",
"owner": "oddlama",
"repo": "nix-topology",
"rev": "2b107e98bbde932a363874e0ef5b1739a932bbc5",
"rev": "ba6f61e594a85eabebf1c8f373923b59b3b07448",
"type": "github"
},
"original": {
@ -1402,11 +1402,11 @@
},
"nixlib": {
"locked": {
"lastModified": 1732410305,
"narHash": "sha256-/hxIKRTBsdrnudJWDGaBN8wIjHovqVAVxXdi8ByVtck=",
"lastModified": 1734224914,
"narHash": "sha256-hKWALzQ/RxxXdKWsLKXULru6XTag9Cc5exgVyS4a/AE=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "87b6978992e2eb605732fba842cad0a7e14b2047",
"rev": "538697b664a64fade8ce628d01f35d1f1fd82d77",
"type": "github"
},
"original": {
@ -1426,11 +1426,11 @@
"pre-commit-hooks": "pre-commit-hooks_5"
},
"locked": {
"lastModified": 1732216602,
"narHash": "sha256-svG11P+vsHYKoDj1nWSGHoep4f+rzbRM/fdWPSVE/Uk=",
"lastModified": 1734380133,
"narHash": "sha256-gvbWJGjTpGJwyvK72Rf+z0aMVgKzpu+UWxbh7naZtvY=",
"owner": "oddlama",
"repo": "nixos-extra-modules",
"rev": "6841242d5f7c32fc8a214014f1c97ae935ef8b8e",
"rev": "558954ebb2959ea47bfa593f6a74ce54a21bfafd",
"type": "github"
},
"original": {
@ -1447,11 +1447,11 @@
]
},
"locked": {
"lastModified": 1732496924,
"narHash": "sha256-/MNhZLR0eh9z/d3l+ammq+F5XxHln0RHgO4Bhtjr0IM=",
"lastModified": 1734311693,
"narHash": "sha256-ODRrnbaUsOe3e4kp+uHl+iJxey5zE3kqiBqJWQxrlnY=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "098e8b6ff72c86944a8d54b64ddd7b7e6635830a",
"rev": "a5278f7c326205681f1f42a90fa46a75a13627eb",
"type": "github"
},
"original": {
@ -1462,11 +1462,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1732483221,
"narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=",
"lastModified": 1734352517,
"narHash": "sha256-mfv+J/vO4nqmIOlq8Y1rRW8hVsGH3M+I2ESMjhuebDs=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405",
"rev": "b12e314726a4226298fe82776b4baeaa7bcf3dcd",
"type": "github"
},
"original": {
@ -1498,11 +1498,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"lastModified": 1734119587,
"narHash": "sha256-AKU6qqskl0yf2+JdRdD0cfxX4b9x3KKV5RqA6wijmPM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"rev": "3566ab7246670a43abd2ffa913cc62dad9cdf7d5",
"type": "github"
},
"original": {
@ -1538,14 +1538,14 @@
},
"nixpkgs-lib_3": {
"locked": {
"lastModified": 1730504152,
"narHash": "sha256-lXvH/vOfb4aGYyvFmZK/HlsNsr/0CVWlwYvo2rxJk3s=",
"lastModified": 1733096140,
"narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/cc2f28000298e1269cea6612cd06ec9979dd5d7f.tar.gz"
"url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz"
}
},
"nixpkgs-lib_4": {
@ -1711,11 +1711,11 @@
"treefmt-nix": "treefmt-nix_4"
},
"locked": {
"lastModified": 1732726573,
"narHash": "sha256-gvCPgtcXGf/GZaJBHYrXuM5r2pFRG3VDr7uOb7B1748=",
"lastModified": 1734368549,
"narHash": "sha256-D8LYUU+IWbpmyjOAKEnKVOhd7Qfe7q+DvUNZTYoitKY=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "fc9178d124eba824f1862513314d351784e1a84c",
"rev": "6c30476a4d5f761149945a65e74179f4492b1ea6",
"type": "github"
},
"original": {
@ -1734,11 +1734,11 @@
]
},
"locked": {
"lastModified": 1731936508,
"narHash": "sha256-z0BSSf78LkxIrrFXZYmCoRRAxAmxMUKpK7CyxQRvkZI=",
"lastModified": 1733773348,
"narHash": "sha256-Y47y+LesOCkJaLvj+dI/Oa6FAKj/T9sKVKDXLNsViPw=",
"owner": "NuschtOS",
"repo": "search",
"rev": "fe07070f811b717a4626d01fab714a87d422a9e1",
"rev": "3051be7f403bff1d1d380e4612f0c70675b44fc9",
"type": "github"
},
"original": {
@ -1928,11 +1928,11 @@
"nixpkgs-stable": "nixpkgs-stable_5"
},
"locked": {
"lastModified": 1732021966,
"narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
"lastModified": 1734379367,
"narHash": "sha256-Keu8z5VgT5gnCF4pmB+g7XZFftHpfl4qOn7nqBcywdE=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
"rev": "0bb4be58f21ff38fc3cdbd6c778eb67db97f0b99",
"type": "github"
},
"original": {
@ -2189,11 +2189,11 @@
"spectrum": {
"flake": false,
"locked": {
"lastModified": 1729945407,
"narHash": "sha256-iGNMamNOAnVTETnIVqDWd6fl74J8fLEi1ejdZiNjEtY=",
"lastModified": 1733308308,
"narHash": "sha256-+RcbMAjSxV1wW5UpS9abIG1lFZC8bITPiFIKNnE7RLs=",
"ref": "refs/heads/main",
"rev": "f1d94ee7029af18637dbd5fdf4749621533693fa",
"revCount": 764,
"rev": "80c9e9830d460c944c8f730065f18bb733bc7ee2",
"revCount": 792,
"type": "git",
"url": "https://spectrum-os.org/git/spectrum"
},
@ -2223,11 +2223,11 @@
"tinted-tmux": "tinted-tmux"
},
"locked": {
"lastModified": 1732608183,
"narHash": "sha256-T5k5ill+PNIEW6KuS4CpUacMtZNJe2J2q5eBOF4xWuU=",
"lastModified": 1734110168,
"narHash": "sha256-Q0eeLYn45ErXlqGQyXmLLHGe1mqnUiK0Y9wZRa1SNFI=",
"owner": "danth",
"repo": "stylix",
"rev": "7689e621f87bce7b6ab1925dfd70ad1f4c80f334",
"rev": "a9e3779949925ef22f5a215c5f49cf520dea30b1",
"type": "github"
},
"original": {
@ -2499,11 +2499,11 @@
]
},
"locked": {
"lastModified": 1732643199,
"narHash": "sha256-uI7TXEb231o8dkwB5AUCecx3AQtosRmL6hKgnckvjps=",
"lastModified": 1733761991,
"narHash": "sha256-s4DalCDepD22jtKL5Nw6f4LP5UwoMcPzPZgHWjAfqbQ=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "84637a7ab04179bdc42aa8fd0af1909fba76ad0c",
"rev": "0ce9d149d99bc383d1f2d85f31f6ebd146e46085",
"type": "github"
},
"original": {
@ -2519,11 +2519,11 @@
]
},
"locked": {
"lastModified": 1732643199,
"narHash": "sha256-uI7TXEb231o8dkwB5AUCecx3AQtosRmL6hKgnckvjps=",
"lastModified": 1733761991,
"narHash": "sha256-s4DalCDepD22jtKL5Nw6f4LP5UwoMcPzPZgHWjAfqbQ=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "84637a7ab04179bdc42aa8fd0af1909fba76ad0c",
"rev": "0ce9d149d99bc383d1f2d85f31f6ebd146e46085",
"type": "github"
},
"original": {

7
hosts/kroma/default.nix
View file

@ -28,6 +28,7 @@
./fs.nix
./net.nix
./unifi.nix
];
nixpkgs.hostPlatform = "x86_64-linux";
@ -121,10 +122,4 @@
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
users.deterministicIds.unifi = {
uid = 968;
gid = 968;
};
services.unifi.enable = true;
}

15
hosts/kroma/unifi.nix Normal file
View file

@ -0,0 +1,15 @@
{ lib, ... }:
{
environment.persistence."/persist".directories = [
{
directory = "/var/lib/unifi";
mode = "0700";
user = "unifi";
group = "unifi";
}
];
services.unifi.enable = true;
# Don't autostart.
systemd.services.unifi.wantedBy = lib.mkForce [ ];
}

180
hosts/ward/net.nix
View file

@ -4,6 +4,12 @@
lib,
...
}:
let
vlans.personal = 10;
vlans.devices = 20;
vlans.iot = 30;
vlans.guest = 40;
in
{
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.hostId = config.repo.secrets.local.networking.hostId;
@ -42,86 +48,106 @@
# Create a MACVTAP for ourselves too, so that we can communicate with
# our guests on the same interface.
systemd.network.netdevs."10-lan-self" = {
netdevConfig = {
Name = "lan-self";
Kind = "macvlan";
};
extraConfig = ''
[MACVLAN]
Mode=bridge
'';
};
systemd.network.netdevs =
{
"10-lan-self" = {
netdevConfig = {
Name = "lan-self";
Kind = "macvlan";
};
extraConfig = ''
[MACVLAN]
Mode=bridge
'';
};
}
// lib.flip lib.mapAttrs' vlans (
vlanName: vlanId:
lib.nameValuePair "40-vlan-${vlanName}" {
netdevConfig = {
Kind = "vlan";
Name = "vlan-${vlanName}";
};
vlanConfig.Id = vlanId;
}
);
systemd.network.networks = {
"10-lan" = {
matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.lan.mac;
# This interface should only be used from attached macvtaps.
# So don't acquire a link local address and only wait for
# this interface to gain a carrier.
networkConfig.LinkLocalAddressing = "no";
linkConfig.RequiredForOnline = "carrier";
extraConfig = ''
[Network]
MACVLAN=lan-self
'';
};
"10-wan" = {
#DHCP = "yes";
#dhcpV4Config.UseDNS = false;
#dhcpV6Config.UseDNS = false;
#ipv6AcceptRAConfig.UseDNS = false;
address = [ globals.net.home-wan.hosts.ward.cidrv4 ];
gateway = [ globals.net.home-wan.hosts.fritzbox.ipv4 ];
matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.wan.mac;
networkConfig.IPv6PrivacyExtensions = "yes";
dhcpV6Config.PrefixDelegationHint = "::/64";
# FIXME: This should not be needed, but for some reason part of networkd
# isn't seeing the RAs and not triggering DHCPv6. Even though some other
# part of networkd is properly seeing them and logging accordingly.
dhcpV6Config.WithoutRA = "solicit";
linkConfig.RequiredForOnline = "routable";
};
"20-lan-self" = {
address = [
globals.net.home-lan.hosts.ward.cidrv4
globals.net.home-lan.hosts.ward.cidrv6
];
matchConfig.Name = "lan-self";
networkConfig = {
IPv4Forwarding = "yes";
IPv6PrivacyExtensions = "yes";
IPv6SendRA = true;
IPv6AcceptRA = false;
DHCPPrefixDelegation = true;
MulticastDNS = true;
systemd.network.networks =
{
"10-lan" = {
matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.lan.mac;
# This interface should only be used from attached macvtaps.
# So don't acquire a link local address and only wait for
# this interface to gain a carrier.
networkConfig.LinkLocalAddressing = "no";
linkConfig.RequiredForOnline = "carrier";
extraConfig = ''
[Network]
MACVLAN=lan-self
'';
};
dhcpPrefixDelegationConfig.UplinkInterface = "wan";
dhcpPrefixDelegationConfig.Token = "::ff";
# Announce a static prefix
ipv6Prefixes = [
{ Prefix = globals.net.home-lan.cidrv6; }
];
# Delegate prefix
dhcpPrefixDelegationConfig = {
SubnetId = "22";
"10-wan" = {
#DHCP = "yes";
#dhcpV4Config.UseDNS = false;
#dhcpV6Config.UseDNS = false;
#ipv6AcceptRAConfig.UseDNS = false;
address = [ globals.net.home-wan.hosts.ward.cidrv4 ];
gateway = [ globals.net.home-wan.hosts.fritzbox.ipv4 ];
matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.wan.mac;
networkConfig.IPv6PrivacyExtensions = "yes";
dhcpV6Config.PrefixDelegationHint = "::/64";
# FIXME: This should not be needed, but for some reason part of networkd
# isn't seeing the RAs and not triggering DHCPv6. Even though some other
# part of networkd is properly seeing them and logging accordingly.
dhcpV6Config.WithoutRA = "solicit";
linkConfig.RequiredForOnline = "routable";
};
# Provide a DNS resolver
# ipv6SendRAConfig = {
# Managed = true;
# EmitDNS = true;
# FIXME: this is not the true ipv6 of adguardhome DNS = globals.net.home-lan.hosts.ward-adguardhome.ipv6;
# FIXME: todo assign static additional to reservation in kea
# };
linkConfig.RequiredForOnline = "routable";
};
# Remaining macvtap interfaces should not be touched.
"90-macvtap-ignore" = {
matchConfig.Kind = "macvtap";
linkConfig.ActivationPolicy = "manual";
linkConfig.Unmanaged = "yes";
};
};
"20-lan-self" = {
address = [
globals.net.home-lan.hosts.ward.cidrv4
globals.net.home-lan.hosts.ward.cidrv6
];
matchConfig.Name = "lan-self";
networkConfig = {
IPv4Forwarding = "yes";
IPv6PrivacyExtensions = "yes";
IPv6SendRA = true;
IPv6AcceptRA = false;
DHCPPrefixDelegation = true;
MulticastDNS = true;
};
dhcpPrefixDelegationConfig.UplinkInterface = "wan";
dhcpPrefixDelegationConfig.Token = "::ff";
# Announce a static prefix
ipv6Prefixes = [
{ Prefix = globals.net.home-lan.cidrv6; }
];
# Delegate prefix
dhcpPrefixDelegationConfig = {
SubnetId = "22";
};
# Provide a DNS resolver
# ipv6SendRAConfig = {
# Managed = true;
# EmitDNS = true;
# FIXME: this is not the true ipv6 of adguardhome DNS = globals.net.home-lan.hosts.ward-adguardhome.ipv6;
# FIXME: todo assign static additional to reservation in kea
# };
linkConfig.RequiredForOnline = "routable";
};
# Remaining macvtap interfaces should not be touched.
"90-macvtap-ignore" = {
matchConfig.Kind = "macvtap";
linkConfig.ActivationPolicy = "manual";
linkConfig.Unmanaged = "yes";
};
}
// lib.flip lib.mapAttrs' vlans (
vlanName: _:
lib.nameValuePair "40-vlan-${vlanName}" {
matchConfig.Name = "vlan-${vlanName}";
}
);
networking.nftables.firewall = {
snippets.nnf-icmp.ipv6Types = [

BIN
pkgs/TransferOrb.png
View file

Binary file not shown.
Side by side

Before

Width:  |  Height:  |  Size: 13 KiB

35
pkgs/awakened-poe-trade.nix
View file

@ -1,35 +0,0 @@
{
pkgs,
fetchurl,
}:
let
name = "awakened-poe-trade";
version = "3.24.10002";
description = "Path of Exile trading app for price checking";
desktopEntry = pkgs.writeText "awakened-poe.desktop" ''
[Desktop Entry]
Type=Application
Version=${version}
Name=Awakened PoE Trade
GenericName=${description}
Icon=/share/applications/awakened-poe-trade.png
Exec=${name}
Terminal=false
Categories=Game
'';
file = "Awakened-PoE-Trade-${version}.AppImage";
in
pkgs.appimageTools.wrapType2 {
name = "awakened-poe-trade";
src = fetchurl {
url = "https://github.com/SnosMe/awakened-poe-trade/releases/download/v${version}/${file}";
hash = "sha256-ieRBYrtpB8GgnDDy+fDuwamix5syRH3NG5jE5UoGg5A=";
};
extraInstallCommands = ''
mkdir -p $out/share/applications
cp ${./TransferOrb.png} $out/share/applications/awakened-poe-trade.png
cp ${desktopEntry} $out/share/applications/${name}.desktop
substituteInPlace $out/share/applications/awakened-poe-trade.desktop --replace /share/ $out/share/
'';
}

1
pkgs/default.nix
View file

@ -3,7 +3,6 @@ _inputs: [
(_final: prev: {
deploy = prev.callPackage ./deploy.nix { };
git-fuzzy = prev.callPackage ./git-fuzzy { };
awakened-poe-trade = prev.callPackage ./awakened-poe-trade.nix { };
segoe-ui-ttf = prev.callPackage ./segoe-ui-ttf.nix { };
zsh-histdb-skim = prev.callPackage ./zsh-skim-histdb.nix { };
actual-server = prev.callPackage ./actual-server.nix { };

5
users/config/impermanence.nix
View file

@ -25,6 +25,9 @@ in
]
++ optionals nixosConfig.services.pipewire.enable [
".local/state/wireplumber"
]
++ optionals nixosConfig.programs.steam.enable [
".local/share/Steam"
];
home.persistence."/persist".directories =
@ -32,7 +35,7 @@ in
".local/share/nix" # Repl history
]
++ optionals nixosConfig.programs.steam.enable [
".local/share/Steam"
".local/share/Steam/userdata"
".steam"
];
}

1
users/myuser/graphical/games/poe.nix
View file

@ -9,7 +9,6 @@
];
home.packages = [
pkgs.awakened-poe-trade
pkgs.path-of-building
];
}