diff --git a/litten.brenise.dev/applications/Logseq.desktop b/litten.brenise.dev/applications/Logseq.desktop new file mode 100644 index 0000000..ee6690a --- /dev/null +++ b/litten.brenise.dev/applications/Logseq.desktop @@ -0,0 +1,10 @@ +# ~/.local/share/applications/Logseq.desktop +[Desktop Entry] +Name=Logseq +Comment=Platform for knowledge management and collaboration +Exec=/home/blee/apps/logseq/Logseq-linux-x64-0.10.9.AppImage +#Icon=/home/yourusername/apps/logseq/logo.png +Type=Application +Categories=Office;Education; +Terminal=false +MimeType=x-scheme-handler/logseq; diff --git a/litten.brenise.dev/configuration.nix b/litten.brenise.dev/configuration.nix index e349650..537cc46 100644 --- a/litten.brenise.dev/configuration.nix +++ b/litten.brenise.dev/configuration.nix @@ -1,8 +1,8 @@ -{ config, pkgs, lib, ... }: - +{ config, pkgs, lib, ... }: let # Add nixpkgs-unstable channel with the following command: # nix-channel --add https://nixos.org/channels/nixpkgs-unstable nixpkgs-unstable && nix-channel --update + # 09/15/24: Use nixpkgs-unstable for logseq, see https://github.com/NixOS/nixpkgs/pull/340427 unstable = import { config = config.nixpkgs.config; }; host_name = "litten"; host_fqdn = "${host_name}.brenise.dev"; @@ -11,31 +11,21 @@ in imports = [ ./hardware-configuration.nix ]; - nixpkgs = { - config.permittedInsecurePackages = [ - "electron-27.3.11" # logseq - ]; - config.allowUnfreePredicate = pkg: + + nixpkgs.config = { + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "obsidian" # https://github.com/obsidianmd/obsidian-releases + "obsidian" "packer" "vscode" "terraform" "zoom" ]; - overlays = [ - (self: super: { - ansible = super.ansible.overrideAttrs (oldAttrs: { - propagatedBuildInputs = oldAttrs.propagatedBuildInputs ++ [ super.python311Packages.jmespath ]; - }); - }) - ]; }; boot = { loader = { systemd-boot.enable = true; - systemd-boot.configurationLimit = 20; efi.canTouchEfiVariables = true; }; }; @@ -69,7 +59,7 @@ in # TODO https://nixos.wiki/wiki/Encrypted_DNS nameservers = [ "1.1.1.1" "8.8.8.8" ]; extraHosts = '' - 192.168.1.1 shinx.brenise.dev + 192.168.1.1 shinx.${host_fqdn} ''; }; @@ -99,6 +89,7 @@ in isNormalUser = true; extraGroups = [ "wheel" + # "docker" "glance" ]; packages = with pkgs; [ @@ -111,17 +102,15 @@ in kate # kwrite kdenlive libsForQt5.kcalc - - logseq # 0.10.9 # uses insecure electron version 27.3.11 https://github.com/NixOS/nixpkgs/pull/340427 - #unstable.logseq # 0.10.9 BUG: https://github.com/logseq/logseq/issues/10851 - + # unstable.logseq # warning: https://github.com/logseq/logseq/issues/10851#issuecomment-2402925912 moonlight-qt - nmap obs-studio obsidian - qbittorrent + pavucontrol + # qbittorrent rtorrent spek # beat saber mapping + sq synergy tenacity thunderbird @@ -129,7 +118,7 @@ in via vlc vscode - xcaddy # warning: absolute dumpster fire + xcaddy # warning: awfuly hacky yt-dlp zoom-us @@ -140,20 +129,24 @@ in awscli2 #aws-sam-cli # broken, fails to init. use pip install aws-sam-cli - #unstable.aws-sam-cli packer terraform ansible - python3 + python311 # Not working in 3.12 yet: openwebui python311Packages.pip python311Packages.ipython + python311Packages.jmespath # for Ansible playbooks with json_query (grafana, caddy) libreoffice-qt hunspell hunspellDicts.uk_UA hunspellDicts.th_TH + # postman # nope, auth is broken nodejs_20 yarn deno + nix-init + nix-tree + nurl ]; }; @@ -228,37 +221,14 @@ in plasma5.excludePackages = with pkgs.libsForQt5; [ plasma-browser-integration ]; - - etc = lib.mkMerge [ - - # Generate KDE config files - (lib.attrsets.mapAttrs' (name: value: - lib.attrsets.nameValuePair - ( "xdg/${name}" ) - { - source = (pkgs.formats.ini {}).generate name value; - } - ) { - "baloofilerc" = { - "Basic Settings" = { - "Indexing-Enabled" = false; - }; - }; - }) - - { # normal environment.etc block - gitconfig = { - text = '' - [init] - defaultBranch = main - ''; - }; - } - ]; - + etc."gitconfig".text = '' + [init] + defaultBranch = main + ''; + # vscode on Wayland + #sessionVariables.NIXOS_OZONE_WL = "1"; }; - programs = { appimage = { enable = true; @@ -269,6 +239,11 @@ in ]; }; }; + # hyprland = { + # enable = true; + # xwayland.enable = true; + # }; + fish.enable = true; vim.defaultEditor = true; bash = { @@ -295,11 +270,6 @@ in enable = true; extraOpts = { "SpellcheckEnabled" = false; - "DefaultSearchProviderEnabled" = true; - "DefaultSearchProviderName" = "Kagi"; - "DefaultSearchProviderSearchURL" = "https://kagi.com/search?q={searchTerms}"; - "SearchSuggestEnabled" = false; - "DefaultSearchProviderSuggestURL" = ""; }; }; }; @@ -315,10 +285,10 @@ in } ]; }; - # pki.certificateFiles = [ # self-signed CA trust for start9 - # "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" - # # "/etc/ssl/certs/dotted-turbans.pem" - # ]; + pki.certificateFiles = [ + "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" + # "/etc/ssl/certs/dotted-turbans.pem" + ]; }; services = { @@ -330,11 +300,12 @@ in pipewire = { enable = true; pulse.enable = true; + alsa.enable = true; # for tenacity + }; + avahi = { # for resolving start9 hostname + enable = true; + nssmdns4 = true; # Enable NSS support for mDNS }; - # avahi = { # for resolving start9 hostname - # enable = true; - # nssmdns4 = true; # Enable NSS support for mDNS - # }; syncthing = { enable = true; @@ -347,6 +318,7 @@ in prometheus.exporters.node = { enable = true; port = 8030; +# openFirewall = true; enabledCollectors = [ "cpu.info" "interrupts" @@ -376,16 +348,11 @@ in ${tlsConfig} reverse_proxy http://127.0.0.1:8080 - # BUG: assets are all on root path - # handle /changedetection/* { - # uri strip_prefix /changedetection - # reverse_proxy http://127.0.0.1:${toString config.services.changedetection-io.port} - # } - # handle /files/* { # root /mnt/usb/ # file_server browse # } + } ${host_fqdn}:4430 { # node_exporter @@ -403,30 +370,10 @@ in reverse_proxy http://127.0.0.1:8032 } - # BUG: POST messages throw missing referrer error - ${host_fqdn}:4433 { # changedetection-io - ${tlsConfig} - reverse_proxy http://127.0.0.1:${toString config.services.changedetection-io.port} - header Referrer-Policy "strict-origin-when-cross-origin" - } - - ${host_fqdn}:4434 { # home-assistant - ${tlsConfig} - reverse_proxy http://127.0.0.1:8034 - } ''; }; - changedetection-io = { - enable = true; - port = 8033; - behindProxy = true; - # baseURL = "https://${host_fqdn}/changedetection/"; - baseURL = "https://${host_fqdn}:4433/"; - environmentFile = "/var/src/env_vars/changedetection-io"; - }; - displayManager = { sddm.enable = true; #defaultSession = "plasmawayland"; @@ -435,52 +382,37 @@ in enable = true; desktopManager.plasma5.enable = true; }; + }; systemd = { - services = { - caddy = { - serviceConfig = { - EnvironmentFile = "/var/src/secrets/namecheap"; - ExecStart = [ - "" # This empty string clears the existing ExecStart commands - "/opt/bin/caddy run --config /etc/caddy/caddy_config --adapter caddyfile" - ]; - ExecReload = [ - "" # This empty string clears the existing ExecReload commands - "/opt/bin/caddy reload --config /etc/caddy/caddy_config --adapter caddyfile --force" - ]; - }; - }; - glance = { - wantedBy = [ "multi-user.target" ]; - after = [ "network-online.target" ]; - wants = [ "network-online.target" ]; - serviceConfig = { - User = "glance"; - Group = "glance"; - WorkingDirectory = "/var/lib/glance"; - # Environment = "LOG_LEVEL=debug"; # https://github.com/glanceapp/glance/issues/196 - ExecStart = "${pkgs.glance}/bin/glance --config config.yaml"; - }; - }; + services.caddy = { + serviceConfig = { + EnvironmentFile = "/var/src/secrets/namecheap"; + ExecStart = [ + "" # This empty string clears the existing ExecStart commands + "/opt/bin/caddy run --config /etc/caddy/caddy_config --adapter caddyfile" + ]; + ExecReload = [ + "" # This empty string clears the existing ExecReload commands + "/opt/bin/caddy reload --config /etc/caddy/caddy_config --adapter caddyfile --force" + ]; - open-webui = { - wantedBy = [ "multi-user.target" ]; - after = [ "network.target" ]; - serviceConfig = { - Type = "forking"; - User = "blee"; - WorkingDirectory = "/opt/open-webui"; - Environment = "NIX_PATH=nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels"; - ExecStart = "${pkgs.nix}/bin/nix-shell"; - }; }; - }; - + services.glance = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + User = "glance"; + Group = "glance"; + WorkingDirectory = "/var/lib/glance"; + # Environment = "LOG_LEVEL=debug"; # https://github.com/glanceapp/glance/issues/196 + ExecStart = "${pkgs.glance}/bin/glance --config config.yaml"; + }; + }; # TODO: fix errors -# systemd.services.nightly-backups = { +# services.nightly-backups = { # description = "Nightly Backup Service"; # wantedBy = [ "multi-user.target" ]; # after = [ "network.target" ]; @@ -503,7 +435,7 @@ in # }; # }; -# systemd.timers.nightly-backups = { +# timers.nightly-backups = { # wantedBy = [ "timers.target" ]; # partOf = [ "nightly-backups.service" ]; # timerConfig = { @@ -514,21 +446,30 @@ in # }; # }; + services.ollama-webui = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + Type = "forking"; + User = "blee"; + WorkingDirectory = "/opt/open-webui"; + Environment = "NIX_PATH=nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels"; + # ExecStart = "${pkgs.nix}/bin/nix-shell"; + }; + script = "${pkgs.nix}/bin/nix-shell"; + }; + }; -# virtualisation.oci-containers = { -# backend = "podman"; # systemctl status podman-homeassistant -# containers.homeassistant = { -# volumes = [ "home-assistant:/config" ]; -# environment.TZ = "US/Pacific"; -# # Note: The image will not be updated on rebuilds, unless the version label changes -# image = "ghcr.io/home-assistant/home-assistant:stable"; -# ports = [ "8123:8034" ]; -# extraOptions = [ -# "--network=host" -# "--cap-add=NET_ADMIN" -# "--cap-add=NET_RAW" -# ]; +# virtualisation.docker = { +# enable = true; +# rootless = { +# enable = true; +# setSocketVariable = true; +# }; +# autoPrune = { +# enable = true; +# dates = "monthly"; # }; # }; diff --git a/litten.brenise.dev/glance/config.yaml b/litten.brenise.dev/glance/config.yaml index 5e4080a..7d3188c 100644 --- a/litten.brenise.dev/glance/config.yaml +++ b/litten.brenise.dev/glance/config.yaml @@ -11,6 +11,15 @@ pages: - type: calendar - type: rss + title: changedetection + limit: 10 + collapse-after: 3 + cache: 1d + feeds: + - url: https://litten.brenise.dev:4433/rss?token=184f164b983ff9cd3ff4b87526c57b54 + + - type: rss + title: feeds limit: 10 collapse-after: 3 cache: 1d @@ -94,4 +103,4 @@ pages: # - immich-app/immich # - go-gitea/gitea # - dani-garcia/vaultwarden - # - jellyfin/jellyfin \ No newline at end of file + # - jellyfin/jellyfin