From 963e056b93d6a3a7a787d5562005925b17df9420 Mon Sep 17 00:00:00 2001 From: Jimbo Date: Tue, 6 Aug 2024 05:27:33 -0400 Subject: [PATCH] Add smtp to pretty much every service on the server --- .gitignore | 1 + PC/configuration.nix | 44 ++++-- PC/hardware-configuration.nix | 4 +- PC/jimbo.nix | 47 ++++--- Server/configuration.nix | 222 +++++++++++++++++++++++++----- Server/hardware-configuration.nix | 37 +++-- Server/jimbo.nix | 15 +- 7 files changed, 277 insertions(+), 93 deletions(-) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..697775e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +Server/secrets.nix diff --git a/PC/configuration.nix b/PC/configuration.nix index 1c22efe..29d10fd 100644 --- a/PC/configuration.nix +++ b/PC/configuration.nix @@ -67,10 +67,11 @@ in # Set all boot options boot = { # Set a kernel version and load/blacklist drivers - kernelPackages = pkgs.linuxPackages_xanmod_latest; + kernelPackages = pkgs.unstable.linuxPackages_zen; blacklistedKernelModules = [ "pcspkr" ]; kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:13c2,10de:0fbb" ]; initrd.kernelModules = [ "vfio" "vfio_pci" "vfio_iommu_type1" ]; + kernel.sysctl."vm.max_map_count" = 2147483642; # Manage supported filesystems supportedFilesystems = { @@ -101,7 +102,12 @@ in hardware.enableRedistributableFirmware = true; # Enable the Nouveau drivers - services.xserver.videoDrivers = [ "nouveau" ]; + services.xserver.videoDrivers = [ "nvidia" ]; + hardware.nvidia = { + modesetting.enable = true; + nvidiaSettings = false; + package = config.boot.kernelPackages.nvidiaPackages.beta; + }; # Enable a permissioning system security = { @@ -124,18 +130,21 @@ in # Timezone time.timeZone = "America/New_York"; - # Define a user account + # Define user accounts users.users.jimbo = { description = "Jimbo Awesome"; isNormalUser = true; hashedPassword = "$6$gYpE.pG/zPXgin06$2kydjDfd0K62Dhf9P0PFvJhRNz6xIC/bHYaf/XYqyKcLyZNzPQpy8uy9tCRcSYlj1wwBhzVtTRyItwajOHCEj0"; openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKC8Uqxb09V3msBgDv6lD/nETMYr/X0OgtpDo8ldcMK jimbo@JimDebianServer" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDLe/HioxCOkszFQdm1vb3ZwuzLzsOThqHNvEI4IXeXZ JimPhone" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuCYrIZlD6LNpFh3XTYbXaPQWYysr1oZAX4DL3gF28l jimbo@DV-JHAMPTON" ]; extraGroups = [ - "wheel" "audio" "video" "input" "disk" "dialout" - "networkmanager" "kvm" "libvirtd" "qemu-libvirtd" + "wheel" "audio" "video" "input" "disk" + "dialout" "networkmanager" "rtkit" + "kvm" "libvirtd" "qemu-libvirtd" ]; uid = 1000; shell = pkgs.zsh; @@ -163,8 +172,6 @@ in # Enable OpenGL hardware.opengl = { enable = true; - package = pkgs.unstable.mesa.drivers; - package32 = pkgs.unstable.pkgsi686Linux.mesa.drivers; driSupport = true; driSupport32Bit = true; extraPackages = with pkgs; [ @@ -204,14 +211,18 @@ in ]; allowPing = false; }; - extraHosts = '' - 192.168.1.18 pc - 192.168.1.17 server - 192.168.2.2 vm - ''; + + # Set hostnames + hosts = { + "192.168.2.10" = [ "pc" ]; + "192.168.2.11" = [ "server" ]; + "172.16.0.2" = [ "vm" ]; + }; + + # Set nameserver nameservers = [ - "1.1.1.1" "9.9.9.9" + "1.1.1.1" ]; }; @@ -242,7 +253,7 @@ in pdpRules = pkgs.writeTextFile { name = "10-pdp.rules"; text = '' - SUBSYSTEM=="usb", ATTR{idVendor}=="2833", MODE="0666", GROUP="plugdev" + SUBSYSTEM=="usb", ATTR{idVendor}=="2833", MODE="0666" ''; destination = "/etc/udev/rules.d/10-pdp.rules"; }; @@ -390,6 +401,9 @@ in # Enable AppArmor security.apparmor.enable = true; + # Enable a keying agent + services.gnome.gnome-keyring.enable = true; + # Enable Polkit for authentication security.polkit.enable = true; @@ -402,7 +416,7 @@ in # Attempt to automount USB drives services.udisks2.enable = true; - # Used for Seneca VPN + # Enable school VPN services.globalprotect.enable = true; # Define the initial install version and allow auto-upgrades diff --git a/PC/hardware-configuration.nix b/PC/hardware-configuration.nix index 8ccb8c6..72c6d7e 100644 --- a/PC/hardware-configuration.nix +++ b/PC/hardware-configuration.nix @@ -54,8 +54,8 @@ }; "/home/jimbo/JimboNFS" = { device = "server:/export/JimboNFS"; - fsType = "nfs"; - options = [ "nofail" ]; + fsType = "nfs4"; + options = [ "x-systemd.automount" "_netdev" "noauto" ]; }; }; diff --git a/PC/jimbo.nix b/PC/jimbo.nix index 65cf4e6..adaefcf 100644 --- a/PC/jimbo.nix +++ b/PC/jimbo.nix @@ -95,7 +95,7 @@ let export __GLX_VENDOR_LIBRARY_NAME=nvidia export WLR_NO_HARDWARE_CURSORS=1 else - export WLR_RENDERER=vulkan + : fi # Sway/Wayland @@ -1153,9 +1153,7 @@ let P:/home/jimbo/JimboNFS/Projects V:/home/jimbo/JimboNFS/Videos/Random m:/home/jimbo/JimboNFS/Music - L:/home/jimbo/JimboNFS/MineServers s:/home/jimbo/JimboNFS/School - N:/home/jimbo/JimboNFS/JimboOS/NixOS ''; # Sunshine apps config @@ -1186,6 +1184,12 @@ let drivers=pulse ''; + # Ncmpcpp configuration + ncmpcppConf = '' + browser_sort_mode = "name" + user_interface = "alternative" + ''; + # FireFox/LibreWolf colors foxJimCol = '' :root { @@ -1549,12 +1553,14 @@ in # Install user programs home.packages = (with pkgs; [ # Useful programs - rofi-bluetooth bemoji imv qbittorrent libreoffice-fresh - easyeffects pavucontrol vesktop ffmpegthumbnailer + rofi-bluetooth bemoji imv qbittorrent + libreoffice-fresh easyeffects pavucontrol + vesktop element-desktop ffmpegthumbnailer + thunderbird # Terminal programs dua vimv p7zip fastfetch gotop pciutils - usbutils tcptrack mpc-cli ncmpcpp + usbutils tcptrack mpc-cli ncmpcpp protonvpn-cli_2 # Scripts as global programs serverDash beScripts makoToggle swayLock @@ -1635,7 +1641,7 @@ in ''; in { enable = true; - package = pkgs.unstable.sway; # swayfx + package = pkgs.sway; # swayfx wrapperFeatures.gtk = true; checkConfig = false; config = { @@ -1664,6 +1670,8 @@ in # Foreground apps { command = "librewolf -P Variety --name=Variety"; } { command = "vesktop --ozone-platform-hint=auto"; } + { command = "element-desktop"; } + { command = "thunderbird"; } { command = "serverdash"; } ]; @@ -1824,9 +1832,11 @@ in "${primeMod}+Shift+b" = ''exec rofi-bluetooth''; "${primeMod}+Shift+Return" = ''exec ${terminal} ranger''; - # Swaytools prop, colorpicker + # Swaytools prop, colorpicker, obs-cmd "${primeMod}+Ctrl+x" = ''exec ${swayTools} --prop''; "${primeMod}+Ctrl+c" = ''exec ${pkgs.hyprpicker}/bin/hyprpicker -an && ${sendNotif} "Color copied to clipboard"''; + "${primeMod}+Ctrl+Prior" = ''exec ${pkgs.obs-cmd}/bin/obs-cmd scene switch "Main"''; + "${primeMod}+Ctrl+Next" = ''exec ${pkgs.obs-cmd}/bin/obs-cmd scene switch "Guest"''; ## Media keys @@ -2037,9 +2047,11 @@ in # Communication "${w3a}" = [{ class = "zoom"; }]; "${w8}" = [{ app_id = "vesktop"; }]; + "${w9}" = [{ class = "Element"; }]; + "${w7a}" = [{ app_id = "thunderbird"; }]; # Else - "${w2}" = [{ class = "steam"; } { class = "heroic"; } { app_id = "lutris"; }]; + "${w2}" = [{ class = "SDL Application"; } { class = "heroic"; }]; "${w2a}" = [{ app_id = "looking-glass-client"; }]; "${w4}" = [{ app_id = "serverdash"; }]; "${w4a}" = [{ app_id = "com.obsproject.Studio"; }]; @@ -2554,14 +2566,12 @@ in "file:///home/jimbo/JimboNFS/Music" "file:///home/jimbo/JimboNFS/Photos" "file:///home/jimbo/JimboNFS/Videos" - "file:///home/jimbo/JimboNFS/MineServers" "file:///home/jimbo/JimboNFS/Projects" # Links and mounts "file:///home/jimbo/VMs" # More important stuff - "file:///home/jimbo/JimboNFS/JimboOS" "file:///home/jimbo/JimboNFS/School" ]; @@ -2871,10 +2881,9 @@ in programs.obs-studio = { enable = true; plugins = with pkgs.obs-studio-plugins; [ - obs-pipewire-audio-capture - looking-glass-obs - obs-webkitgtk - advanced-scene-switcher + obs-pipewire-audio-capture obs-webkitgtk + obs-multi-rtmp obs-vkcapture obs-tuna + advanced-scene-switcher looking-glass-obs ]; }; @@ -2949,7 +2958,7 @@ in ".alsoftrc".text = alsoftConf; # Ncmpcpp config - ".config/ncmpcpp/config".text = "browser_sort_mode = \"name\""; + ".config/ncmpcpp/config".text = ncmpcppConf; # LibreWolf profiles and theming ".librewolf/profiles.ini".text = foxProfiles; @@ -2991,6 +3000,8 @@ in syntaxHighlighting.enable = true; initExtra = '' ${pkgs.any-nix-shell}/bin/any-nix-shell zsh --info-right | source /dev/stdin; pfetch + setopt HIST_IGNORE_SPACE + setopt RM_STAR_WAIT ''; oh-my-zsh = { enable = true; @@ -3024,7 +3035,7 @@ in # Download from sources ytdl = "yt-dlp --embed-thumbnail --embed-metadata --output \"%(title)s.%(ext)s\""; - ytmp4 = "ytdl --recode-video mp4"; + ytmp4 = "ytdl --recode-video webm"; ytm3u = "yt-dlp -gS proto:m3u8"; opusdl = "ytdl --recode-video opus"; ytopus = "opusdl --format 251"; @@ -3032,7 +3043,7 @@ in # Flakes buildiso = - "nix run github:nix-community/nixos-generators -- -f install-iso -c /etc/nixos/configuration.nix"; + "${pkgs.nixos-generators}/bin/nixos-generate -f install-iso -c /home/jimbo/Downloads/NixISO/configuration.nix"; }; }; diff --git a/Server/configuration.nix b/Server/configuration.nix index 1f3fff2..034c2c0 100644 --- a/Server/configuration.nix +++ b/Server/configuration.nix @@ -9,10 +9,13 @@ let bloxeldomain = ''bloxelcom.net''; # IPs - localspan = ''192.168.1''; - pc = ''${localspan}.18''; - server = ''${localspan}.17''; + localspan = ''192.168.2''; + pc = ''${localspan}.10''; + server = ''${localspan}.11''; vm = ''${localspan}.70''; + + # Secrets and passwords + secrets = import ./secrets.nix; in { @@ -67,22 +70,36 @@ in # Disable Nano programs.nano.enable = false; - # Define a user account. + # Define user account. users.users.jimbo = { isNormalUser = true; - hashedPassword = - "$6$gYpE.pG/zPXgin06$2kydjDfd0K62Dhf9P0PFvJhRNz6xIC/bHYaf/XYqyKcLyZNzPQpy8uy9tCRcSYlj1wwBhzVtTRyItwajOHCEj0"; + hashedPassword = secrets.jimboAccPassword; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDLe/HioxCOkszFQdm1vb3ZwuzLzsOThqHNvEI4IXeXZ JimPhone" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuCYrIZlD6LNpFh3XTYbXaPQWYysr1oZAX4DL3gF28l jimbo@DV-JHAMPTON" ]; - extraGroups = [ "wheel" "docker" ]; + extraGroups = [ "wheel" "docker" "musicFolder" "nfsShare" ]; uid = 1000; shell = pkgs.zsh; }; - # Add Nginx to extra groups - users.users.nginx.extraGroups = [ "turnserver" "virtualMail" ]; + # Add service users to extra groups + users.users = { + nginx = { + extraGroups = [ "turnserver" "virtualMail" ]; + isSystemUser = true; + }; + nextcloud = { + extraGroups = [ "nfsShare" "musicFolder" ]; + isSystemUser = true; + }; + }; + + # Define custom groups + users.groups = { + nfsShare = {}; + musicFolder = {}; + }; # Installed programs to the system profile. environment.systemPackages = with pkgs; [ @@ -110,9 +127,12 @@ in 80 443 # Minecraft - 25565 19132 + 25565 19132 - # Gitea + # Pufferpanel sftp + 5657 + + # Gitea SSH 2299 # Coturn @@ -156,9 +176,9 @@ in '' iptables -N RTMPCHAIN iptables -A INPUT -p tcp -m tcp --match multiport --dports 1935,1945 -j RTMPCHAIN - iptables -A RTMPCHAIN -s ${pc} -j ACCEPT - iptables -A RTMPCHAIN -s 71.87.124.226 -j ACCEPT - iptables -A RTMPCHAIN -s 24.66.98.13 -j ACCEPT + iptables -A RTMPCHAIN -s ${pc} -m comment --comment "Local PC" -j ACCEPT + iptables -A RTMPCHAIN -s 71.87.124.226 -m comment --comment "Luna IP" -j ACCEPT + iptables -A RTMPCHAIN -s 24.66.98.13 -m comment --comment "Freecorn IP" -j ACCEPT iptables -A RTMPCHAIN -j DROP '' + @@ -225,10 +245,21 @@ in recommendedGzipSettings = true; recommendedProxySettings = true; virtualHosts = { + # Homepage redirect + "${jimdomain}" = { + enableACME = true; + addSSL = true; + locations."/" = { + extraConfig = " + return 301 https://social.${bloxeldomain}/@jimbo; + "; + }; + }; + # Nextcloud Proxy "cloud.${jimdomain}" = { enableACME = true; - forceSSL = true; + addSSL = true; locations."/" = { proxyWebsockets = true; extraConfig = " @@ -283,6 +314,16 @@ in }; }; + # Gitea Proxy + "mc.${jimdomain}" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:5010"; + proxyWebsockets = true; + }; + }; + # Matrix Proxy "matrix.${bloxeldomain}" = { enableACME = true; @@ -293,8 +334,8 @@ in # Element Proxy "chat.${bloxeldomain}" = { - addSSL = true; enableACME = true; + addSSL = true; root = "${pkgs.element-web}"; }; @@ -347,8 +388,8 @@ in # Staging Bloxel Proxy "staging.${bloxeldomain}" = { - addSSL = true; enableACME = true; + addSSL = true; root = "/var/www/bloxelcomweb/landing-page/"; locations."/BloxelcomCable/hls" = { extraConfig = '' @@ -396,6 +437,11 @@ in hls_fragment 3; hls_playlist_length 40; } + application forward { + record off; + live on; + allow play all; + } } } ''; @@ -416,6 +462,16 @@ in trusted_proxies = [ "127.0.0.1" ]; trusted_domains = [ "cloud.${jimdomain}" ]; overwriteprotocol = "https"; + + # Mailserver settings + mail_smtphost = "mx.${bloxeldomain}"; + mail_domain = "${bloxeldomain}"; + mail_from_address = "noreply"; + mail_smtpauth = "true"; + mail_smtpname = "noreply@${bloxeldomain}"; + mail_smtppassword = secrets.noreplyPassword; + mail_smtpmode = "smtp"; + mail_smtpport = 587; }; }; @@ -428,6 +484,16 @@ in ROCKET_ADDRESS = "127.0.0.1"; ROCKET_PORT = 8222; ROCKET_LOG = "critical"; + + # Smtp email + SMTP_HOST = "mx.${bloxeldomain}"; + SMTP_FROM = "noreply@${bloxeldomain}"; + SMTP_FROM_NAME = "Vaultwarden"; + SMTP_USERNAME = "noreply@${bloxeldomain}"; + SMTP_PASSWORD = secrets.noreplyPassword; + SMTP_SECURITY = "starttls"; + SMTP_PORT = 587; + SMTP_TIMEOUT = 15; }; }; @@ -448,10 +514,75 @@ in SSH_PORT = 2299; START_SSH_SERVER = true; }; + mailer = { + ENABLED = true; + SMTP_ADDR = "mx.${bloxeldomain}"; + FROM = "noreply@${bloxeldomain}"; + PASSWD = secrets.noreplyPassword; + PROTOCOL = "smtp+starttls"; + SMTP_PORT = 587; + }; service.DISABLE_REGISTRATION = true; }; }; + # Pufferpannel for Minecraft + pufferpanel = { + enable = true; + environment = { + PUFFER_WEB_HOST = ":5010"; + PUFFER_PANEL_REGISTRATIONENABLED = "false"; + PUFFER_PANEL_EMAIL_PROVIDER = "smtp"; + PUFFER_PANEL_EMAIL_HOST = "mx.${bloxeldomain}:587"; + PUFFER_PANEL_EMAIL_FROM = "noreply@${bloxeldomain}"; + PUFFER_PANEL_EMAIL_USERNAME = "noreply@${bloxeldomain}"; + PUFFER_PANEL_EMAIL_PASSWORD = secrets.noreplyPassword; + }; + extraPackages = with pkgs; [ bash curl gawk gnutar gzip ]; + package = pkgs.buildFHSEnv { + name = "pufferpanel-fhs"; + meta.mainProgram = "pufferpanel-fhs"; + runScript = lib.getExe pkgs.pufferpanel; + targetPkgs = pkgs': with pkgs'; [ icu openssl zlib ]; + }; + }; + + # MariaDB + mysql = { + enable = true; + package = pkgs.mariadb; + dataDir = "/var/lib/mysql"; + initialDatabases = [ + { name = "nextcloud"; } + { name = "matrix"; } + { name = "git"; } + { name = "minecraft"; } + ]; + ensureUsers = [ + { + name = "nextcloud"; + ensurePermissions = { + "nextcloud.*" = "ALL PRIVILEGES"; + }; + }{ + name = "matrix-synapse"; + ensurePermissions = { + "matrix.*" = "ALL PRIVILEGES"; + }; + }{ + name = "gitea"; + ensurePermissions = { + "git.*" = "ALL PRIVILEGES"; + }; + }{ + name = "minecraft"; + ensurePermissions = { + "minecraft.*" = "ALL PRIVILEGES"; + }; + } + ]; + }; + # Owncast owncast = { enable = true; @@ -477,7 +608,6 @@ in # Synapse for Matrix clients matrix-synapse = with config.services.coturn; { enable = true; - extraConfigFiles = [ "/etc/matrix-synapse/conf.d/email-conf.yaml" ]; settings = { server_name = "${bloxeldomain}"; public_baseurl = "https://matrix.${bloxeldomain}"; @@ -494,6 +624,26 @@ in x_forwarded = true; }]; + # Enable smtp for password resets + email = { + notif_from = "Bloxelcom's Matrix Homeserver "; + smtp_host = "mx.${bloxeldomain}"; + smtp_user = "noreply@${bloxeldomain}"; + smtp_pass = secrets.noreplyPassword; + enable_tls = true; + smtp_port = 587; + require_transport_security = true; + }; + + # Disable registration without email + registrations_require_3pid = [ "email" ]; + + # Allow only this range of emails + allowed_local_3pids = [{ + medium = "email"; + pattern = "^[^@]+@bloxelcom\\.net$"; + }]; + # Set the type of database database.name = "sqlite3"; @@ -522,17 +672,17 @@ in streamingProcesses = 4; configureNginx = true; smtp = { + createLocally = false; host = "mx.${bloxeldomain}"; port = 587; authenticate = true; - user = "noreply@${bloxeldomain}"; - passwordFile = "/var/lib/mastodon/secrets/smtp-password"; fromAddress = "noreply@${bloxeldomain}"; - createLocally = false; + user = "noreply@${bloxeldomain}"; + passwordFile = pkgs.writeText "smtp_pass.txt" secrets.noreplyPassword; }; }; - # Try Lemmy + # Lemmy forums lemmy = { enable = true; nginx.enable = true; @@ -543,19 +693,13 @@ in smtp_server = "mx.${bloxeldomain}:587"; smtp_login = "noreply@${bloxeldomain}"; smtp_from_address = "noreply@${bloxeldomain}"; + smtp_password = secrets.noreplyPassword; tls_type = "starttls"; }; }; - smtpPasswordFile = "/var/lib/mastodon/secrets/smtp-password"; }; - # Snowflake proxy for Tor - snowflake-proxy.enable = true; - - # Fix a nonbuilding issue - logrotate.checkConfig = false; - - # Try roundcube + # Roundcube mail server roundcube = { enable = true; hostName = "mail.${bloxeldomain}"; @@ -565,6 +709,12 @@ in $config['smtp_pass'] = "%p"; ''; }; + + # Snowflake proxy for Tor + snowflake-proxy.enable = true; + + # Fix a nonbuilding issue + logrotate.checkConfig = false; }; # Make Nginx not shit itself @@ -626,21 +776,25 @@ in # Generate passwords with nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' loginAccounts = { "noreply@${bloxeldomain}" = { - hashedPasswordFile = "${pkgs.writeText "noreply" "$2b$05$7VibcFKXy5Ff9sUMh3KWBeSXkInXNeaADa71Md/swt5RCk5s7UnM2"}"; + hashedPasswordFile = pkgs.writeText "noreply" secrets.noreplySmtpHash; sendOnly = true; }; "jimbo@${bloxeldomain}" = { - hashedPasswordFile = "${pkgs.writeText "jimbo" "$2b$05$Chm7AjSicifTVpUWjOx1q.9YGaokIjxijAfqKTmI6o3OR2QU0B4U."}"; + hashedPasswordFile = pkgs.writeText "jimbo" secrets.jimboSmtpHash; aliases = [ "canada@${bloxeldomain}" "contact@${bloxeldomain}" ]; }; "lunamoonlight@${bloxeldomain}" = { - hashedPasswordFile = "${pkgs.writeText "luna" "$2a$12$ytZ1k4S.XvQAvzc3pHNDV.m7A/bo8PKznA2qH27g5QHMYDloFHdnK"}"; + hashedPasswordFile = pkgs.writeText "luna" secrets.lunaSmtpHash; aliases = [ "us@${bloxeldomain}" "contact@${bloxeldomain}" ]; }; "freecorn1854@${bloxeldomain}" = { - hashedPasswordFile = "${pkgs.writeText "freecorn1854" "$2b$05$7EF0TV39XzTYPIdWOoMnlegX8qLkcHxUytkvAt5sRDQE1oquAFTqm"}"; + hashedPasswordFile = pkgs.writeText "freecorn" secrets.freecornSmtpHash; aliases = [ "canada@${bloxeldomain}" "contact@${bloxeldomain}" ]; }; + "tinyattack09@${bloxeldomain}" = { + hashedPasswordFile = pkgs.writeText "tiny" secrets.tinySmtpHash; + aliases = [ "smallthing@${bloxeldomain}" ]; + }; }; }; diff --git a/Server/hardware-configuration.nix b/Server/hardware-configuration.nix index 33dc9f2..aa217c2 100644 --- a/Server/hardware-configuration.nix +++ b/Server/hardware-configuration.nix @@ -19,7 +19,6 @@ "/home/jimbo/JimboNFS" = { device = "/dev/disk/by-uuid/713fcd92-534c-4153-8e04-e0c6fe5f6a51"; fsType = "ext4"; - neededForBoot = true; }; "/export/JimboNFS" = { device = "/home/jimbo/JimboNFS"; @@ -27,41 +26,53 @@ options = [ "bind" ]; }; "/mnt/nextcloud/data/JimboNFS" = { - device = "/home/jimbo/JimboNFS"; - fsType = "none"; - options = [ "bind" ]; - }; - "/var/lib/docker/volumes/azuracast_station_data/_data/bloxradio/media/Music" = { - device = "/home/jimbo/JimboNFS/Music"; + device = "/export/JimboNFS"; fsType = "none"; options = [ "bind" ]; }; - # Atrocity + # Atrocity of var bindmounts "/var/lib/bitwarden_rs" = { - device = "/home/jimbo/JimboNFS/System/var/lib/bitwarden_rs"; + device = "/export/JimboNFS/System/var/lib/bitwarden_rs"; fsType = "none"; options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; }; "/var/lib/gitea" = { - device = "/home/jimbo/JimboNFS/System/var/lib/gitea"; + device = "/export/JimboNFS/System/var/lib/gitea"; fsType = "none"; options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; }; "/var/lib/matrix-synapse" = { - device = "/home/jimbo/JimboNFS/System/var/lib/matrix-synapse"; + device = "/export/JimboNFS/System/var/lib/matrix-synapse"; fsType = "none"; options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; }; "/var/lib/nextcloud" = { - device = "/home/jimbo/JimboNFS/System/var/lib/nextcloud"; + device = "/export/JimboNFS/System/var/lib/nextcloud"; fsType = "none"; options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; }; "/var/lib/owncast" = { - device = "/home/jimbo/JimboNFS/System/var/lib/owncast"; + device = "/export/JimboNFS/System/var/lib/owncast"; fsType = "none"; options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; + }; + "/var/lib/docker/volumes/azuracast_station_data/_data/bloxradio/media/Music" = { + device = "/export/JimboNFS/Music"; + fsType = "none"; + options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; + }; + "/var/lib/pufferpanel/servers" = { + device = "/export/JimboNFS/MineServers"; + fsType = "none"; + options = [ "bind" ]; + depends = [ "/export/JimboNFS" ]; }; }; swapDevices = [ diff --git a/Server/jimbo.nix b/Server/jimbo.nix index 2bfea58..ba7d345 100644 --- a/Server/jimbo.nix +++ b/Server/jimbo.nix @@ -355,11 +355,11 @@ let a:/home/jimbo/JimboNFS K:/home/jimbo/JimboNFS/Downloads p:/home/jimbo/JimboNFS/Photos + P:/home/jimbo/JimboNFS/Projects V:/home/jimbo/JimboNFS/Videos/Random m:/home/jimbo/JimboNFS/Music L:/home/jimbo/JimboNFS/MineServers s:/home/jimbo/JimboNFS/School - N:/home/jimbo/JimboNFS/JimboOS/NixOS ''; in @@ -514,6 +514,8 @@ in syntaxHighlighting.enable = true; initExtra = '' ${pkgs.any-nix-shell}/bin/any-nix-shell zsh --info-right | source /dev/stdin; pfetch + setopt HIST_IGNORE_SPACE + setopt RM_STAR_WAIT ''; oh-my-zsh = { enable = true; @@ -524,7 +526,7 @@ in mineServers = ''/home/jimbo/JimboNFS/MineServers''; in { # NixOS aliases - nixcfg = "nvim /etc/nixos/{configuration,jimbo,hardware-configuration}.nix"; + nixcfg = "nvim /etc/nixos/{configuration,jimbo,secrets,hardware-configuration}.nix"; nixswitch = "${auth} nixos-rebuild switch"; nixdate = "${auth} nixos-rebuild switch --upgrade-all"; nixclean = "${auth} nix-store --gc; nix-collect-garbage -d"; @@ -540,15 +542,6 @@ in # Start basic programs controlpanel = "tmux new-session -d -s control; tmux attach -t control"; - - # Minecraft stuff - mcstart21 = "${pkgs.temurin-jre-bin-21}/bin/java -Xmx4G -jar"; - mcstart8 = "${pkgs.temurin-jre-bin-8}/bin/java -Xmx4G -jar"; - velocitystart = "cd ${mineServers}/Velocity && mcstart21 velocity*"; - johnstart = "cd ${mineServers}/Johnside-SMP && mcstart21 paper* --nogui"; - bloxelstart = "cd ${mineServers}/Bloxelcom && mcstart21 paper* --nogui"; - dewstart = "cd ${mineServers}/DewDestroyer && mcstart21 paper* --nogui"; - betastart = "cd ${mineServers}/BetaServer && mcstart8 Posiden*"; }; };