Andromeda/conf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

robot, also continuwuity, also zram

Browse Source
This commit is contained in:
andromeda
2026-01-26 21:40:03 +01:00
parent 2386fea0eb
commit 8c0db96ca4
8 changed files with 220 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
flake.lock generated
View File

@@ -23,6 +23,27 @@
"type": "github" "type": "github"
} }
}, },
"androidPkgs": {
"inputs": {
"devshell": "devshell",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1750710155,
"narHash": "sha256-2lBEwXgclOrSsrhubSfifU91+sXqikC8qbiZ6yFeaEY=",
"owner": "tadfisher",
"repo": "android-nixpkgs",
"rev": "0846fab1f060f646e1017053077ad38dedc5207b",
"type": "github"
},
"original": {
"owner": "tadfisher",
"ref": "stable",
"repo": "android-nixpkgs",
"type": "github"
}
},
"base16": { "base16": {
"inputs": { "inputs": {
"fromYaml": "fromYaml" "fromYaml": "fromYaml"
@@ -129,6 +150,28 @@
"type": "github" "type": "github"
} }
}, },
"devshell": {
"inputs": {
"nixpkgs": [
"robotnix",
"androidPkgs",
"nixpkgs"
]
},
"locked": {
"lastModified": 1741473158,
"narHash": "sha256-kWNaq6wQUbUMlPgw8Y+9/9wP0F8SHkjy24/mN3UAppg=",
"owner": "numtide",
"repo": "devshell",
"rev": "7c9e793ebe66bcba8292989a68c0419b737a22a0",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "devshell",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -198,6 +241,21 @@
"url": "https://git.lix.systems/lix-project/flake-compat.git" "url": "https://git.lix.systems/lix-project/flake-compat.git"
} }
}, },
"flake-compat_3": {
"locked": {
"lastModified": 1746162366,
"narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
@@ -261,6 +319,24 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"fromYaml": { "fromYaml": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -608,6 +684,38 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": {
"locked": {
"lastModified": 1750506804,
"narHash": "sha256-VLFNc4egNjovYVxDGyBYTrvVCgDYgENp5bVi9fPTDYc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4206c4cb56751df534751b058295ea61357bbbaa",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1767313136,
"narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nmd": { "nmd": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -737,6 +845,27 @@
"type": "github" "type": "github"
} }
}, },
"robotnix": {
"inputs": {
"androidPkgs": "androidPkgs",
"flake-compat": "flake-compat_3",
"nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1768481330,
"narHash": "sha256-hYKnwFBPI0IyH8YbW3kqci8AS6ZtV7QSEa0E5Wt401M=",
"owner": "nix-community",
"repo": "robotnix",
"rev": "4ee0f9c86c3ae076bcbc41cbeebff054fe3d11a8",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "robotnix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
@@ -750,6 +879,7 @@
"noshell": "noshell", "noshell": "noshell",
"nur": "nur", "nur": "nur",
"nvf": "nvf", "nvf": "nvf",
"robotnix": "robotnix",
"stylix": "stylix" "stylix": "stylix"
} }
}, },
@@ -782,7 +912,7 @@
"nixpkgs" "nixpkgs"
], ],
"nur": "nur_2", "nur": "nur_2",
"systems": "systems_3", "systems": "systems_4",
"tinted-foot": "tinted-foot", "tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty", "tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes", "tinted-schemes": "tinted-schemes",
@@ -848,6 +978,21 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": { "tinted-foot": {
"flake": false, "flake": false,
"locked": { "locked": {
@@ -928,6 +1073,27 @@
"repo": "base16-zed", "repo": "base16-zed",
"type": "github" "type": "github"
} }
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"robotnix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1766000401,
"narHash": "sha256-+cqN4PJz9y0JQXfAK5J1drd0U05D5fcAGhzhfVrDlsI=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "42d96e75aa56a3f70cab7e7dc4a32868db28e8fd",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

3
flake.nix
View File

@@ -38,6 +38,7 @@
url = "github:notashelf/nvf"; url = "github:notashelf/nvf";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
robotnix.url = "github:nix-community/robotnix";
stylix = { stylix = {
url = "github:nix-community/stylix"; url = "github:nix-community/stylix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@@ -55,6 +56,7 @@
noshell, noshell,
nur, nur,
nvf, nvf,
robotnix,
stylix, stylix,
... ...
}: let }: let
@@ -117,6 +119,7 @@
builtins.mapAttrs builtins.mapAttrs
(hostname: value: configurationWithHomeManager value) (hostname: value: configurationWithHomeManager value)
machines; machines;
robotnixConfigurations.payton = robotnix.lib.robotnixSystem ./robotnix/payton.nix;
nixOnDroidConfigurations.default = nix-on-droid.lib.nixOnDroidConfiguration { nixOnDroidConfigurations.default = nix-on-droid.lib.nixOnDroidConfiguration {
pkgs = import nixpkgs {system = "aarch64-linux";}; pkgs = import nixpkgs {system = "aarch64-linux";};
modules = [ modules = [

9
machines.nix
View File

@@ -11,6 +11,7 @@
# hardware configuration # hardware configuration
# includes `system.stateVersion` # includes `system.stateVersion`
./modules/nixos/machines/lenovo.nix ./modules/nixos/machines/lenovo.nix
./modules/nixos/zram.nix
# boot process # boot process
# systemd-boot # systemd-boot
@@ -75,20 +76,16 @@
# matrix homeserver # matrix homeserver
# matrix.domain # matrix.domain
# ./modules/nixos/matrix-conduit.nix ./modules/nixos/matrix-continuwuity.nix
# matrix homeserver
./modules/nixos/matrix-synapse.nix
# BROKEN # BROKEN
# forgejo # forgejo
# git.domain # git.domain
# ./modules/nixos/forgejo.nix # ./modules/nixos/forgejo.nix
# BROKEN
# zulip chat client # zulip chat client
# chat.domain # chat.domain
./modules/nixos/zulip.nix # ./modules/nixos/zulip.nix
]; ];
}; };
} }

82
modules/nixos/matrix-conduit.nix
View File

@@ -1,82 +0,0 @@
{
config,
pkgs,
...
}: let
well_known_server = pkgs.writeText "well-known-matrix-server" ''
{
"m.server": "matrix.${config.services.matrix-conduit.settings.global.server_name}"
}
'';
well_known_client = pkgs.writeText "well-known-matrix-client" ''
{
"m.homeserver": {
"base_url": "https://matrix.${config.services.matrix-conduit.settings.global.server_name}"
}
'';
in {
services.matrix-conduit = {
enable = true;
settings.global = {
server_name = "${config.networking.domain}";
};
};
services.nginx = {
enable = true;
virtualHosts = {
"matrix.${config.services.matrix-conduit.settings.global.server_name}" = {
forceSSL = true;
enableACME = true;
listen = [
{
addr = "0.0.0.0";
port = 443;
ssl = true;
}
{
addr = "0.0.0.0";
port = 8448;
ssl = true;
}
];
locations."/_matrix/" = {
proxyPass = "http://backend_conduit$request_uri";
proxyWebsockets = true;
extraConfig = ''
proxy_set_header Host $host;
proxy_buffering off;
'';
};
extraConfig = ''
merge_slashes off;
'';
};
"${config.services.matrix-conduit.settings.global.server_name}" = {
forceSSL = true;
enableACME = true;
locations."/.well-known/matrix/server/" = {
alias = "${well_known_server}";
extraConfig = ''
default_type application/json;
'';
};
locations."/.well-known/matrix/client/" = {
alias = "${well_known_client}";
extraConfig = ''
default_type application/json;
add_header Access-Control-Allow-Origin "";
'';
};
};
};
upstreams = {
backend-conduit = {
servers = {
"localhost:${builtins.toString config.services.matrix-conduit.settings.global.port}" = {};
};
};
};
};
networking.firewall.allowedTCPPorts = [8448];
networking.firewall.allowedUDPPorts = [8448];
}

26
modules/nixos/matrix-continuwuity.nix Normal file
View File

@@ -0,0 +1,26 @@
{config, ...}: {
services = {
matrix-continuwuity = {
enable = true;
settings = {
global = {
server_name = "${config.networking.domain}";
address = ["127.0.0.1"];
port = [6167];
well_known = {
server = "matrix.${config.networking.domain}";
client = "https://matrix.${config.networking.domain}";
};
};
};
};
nginx = {
upstreams.matrix.servers."127.0.0.1:6167" = {};
virtualHosts = {
"matrix.${config.networking.domain}".locations."/".proxyPass = "http://matrix";
"${config.networking.domain}".locations."/.well-known/matrix".proxyPass = "http://matrix";
};
};
};
}

65
modules/nixos/matrix-synapse.nix
View File

@@ -1,65 +0,0 @@
{
pkgs,
lib,
config,
...
}: let
fqdn = "${config.networking.hostName}.${config.networking.domain}";
baseUrl = "https://${fqdn}";
clientConfig."m.homeserver".base_url = baseUrl;
serverConfig."m.server" = "${fqdn}:443";
mkWellKnown = data: ''
default_type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON data}';
'';
in {
services.postgresql.enable = true;
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts = {
"${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
};
"${fqdn}" = {
enableACME = true;
forceSSL = true;
locations."/".extraConfig = ''
return 404;
'';
locations."/_matrix".proxyPass = "http://[::1]:8008";
locations."/_synapse/client".proxyPass = "http://[::1]:8008";
};
};
};
services.matrix-synapse = {
enable = true;
settings.server_name = config.networking.domain;
settings.public_baseurl = baseUrl;
settings.listeners = [
{
port = 8008;
bind_addresses = ["::1"];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [
"client"
"federation"
];
compress = true;
}
];
}
];
};
}

8
modules/nixos/zram.nix Normal file
View File

@@ -0,0 +1,8 @@
{
zramSwap = {
enable = true;
priority = 100;
algorithm = "zstd";
memoryPercent = 75;
};
}

13
robotnix/payton.nix Normal file
View File

@@ -0,0 +1,13 @@
{...}: {
flavor = "lineageos";
# motorola moto x4 (payton)
device = "payton";
# latest supported version:
# check https://download.lineageos.org/devices/payton/builds
flavorVersion = "22.2";
apps.fdroid.enable = true;
microg.enable = true;
}