diff --git a/flake.lock b/flake.lock index 23c559b..4422d02 100644 --- a/flake.lock +++ b/flake.lock @@ -129,6 +129,27 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "vpnconfinement", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1717285511, + "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -314,6 +335,36 @@ "url": "https://github.com/hyprwm/Hyprland" } }, + "hyprland-plugins": { + "inputs": { + "hyprland": [ + "hyprland" + ], + "nixpkgs": [ + "hyprland-plugins", + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland-plugins", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1723143591, + "narHash": "sha256-dPcWAeRJoG5CyWC32X3XX+Og0v/k1/S1N0T5dQWT32k=", + "owner": "hyprwm", + "repo": "hyprland-plugins", + "rev": "b73d7b901d8cb1172dd25c7b7159f0242c625a77", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-plugins", + "type": "github" + } + }, "hyprland-protocols": { "inputs": { "nixpkgs": [ @@ -521,6 +572,22 @@ "type": "github" } }, + "nixpkgs_4": { + "locked": { + "lastModified": 1717602782, + "narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e8057b67ebf307f01bdcc8fba94d94f75039d1f6", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nixvim": { "inputs": { "devshell": "devshell", @@ -588,11 +655,13 @@ "apple-fonts": "apple-fonts", "home-manager": "home-manager", "hyprland": "hyprland", + "hyprland-plugins": "hyprland-plugins", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_3", "nixvim": "nixvim", "sops-nix": "sops-nix", - "spicetify-nix": "spicetify-nix" + "spicetify-nix": "spicetify-nix", + "vpnconfinement": "vpnconfinement" } }, "sf-arabic": { @@ -751,6 +820,25 @@ "type": "github" } }, + "vpnconfinement": { + "inputs": { + "flake-parts": "flake-parts_2", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1718924235, + "narHash": "sha256-lu78iQzZGBE9bIvlYgbBYiJ85wR5zSBUPjIQkg6cRQc=", + "owner": "Maroka-chan", + "repo": "VPN-Confinement", + "rev": "790f70888c69d55c92442e702647dc619dd7bc61", + "type": "github" + }, + "original": { + "owner": "Maroka-chan", + "repo": "VPN-Confinement", + "type": "github" + } + }, "xdph": { "inputs": { "hyprland-protocols": "hyprland-protocols", diff --git a/flake.nix b/flake.nix index 046cf62..f7e7c16 100644 --- a/flake.nix +++ b/flake.nix @@ -25,8 +25,12 @@ inputs.nixpkgs.follows = "nixpkgs"; }; hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; + hyprland-plugins = { + url = "github:hyprwm/hyprland-plugins"; + inputs.hyprland.follows = "hyprland"; + }; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; - nixarr.url = "github:rasmus-kirk/nixarr"; + vpnconfinement.url = "github:Maroka-chan/VPN-Confinement"; }; outputs = inputs@{ nixpkgs, ... }: { @@ -48,7 +52,7 @@ { _module.args = { inherit inputs; }; } inputs.sops-nix.nixosModules.sops inputs.home-manager.nixosModules.home-manager - inputs.nixarr.nixosModules.default + inputs.vpnconfinement.nixosModules.default ./hosts/server/configuration.nix ]; }; diff --git a/home/system/hyprland/default.nix b/home/system/hyprland/default.nix index e19dc84..6184f3e 100644 --- a/home/system/hyprland/default.nix +++ b/home/system/hyprland/default.nix @@ -29,6 +29,7 @@ enable = true; xwayland.enable = true; package = inputs.hyprland.packages."${pkgs.system}".hyprland; + # plugins = [ inputs.hyprland-plugins.packages.${pkgs.system}.hyprexpo ]; # TODO: Fix, stack overflow settings = { "$mod" = "SUPER"; @@ -111,7 +112,10 @@ "GTK2_RC_FILES,/home/hadi/.local/share/themes/FlatColor/gtk-2.0/gtkrc" ]; - cursor = { no_hardware_cursors = true; }; + cursor = { + no_hardware_cursors = true; + default_monitor = "eDP-2"; + }; general = { resize_on_border = true; @@ -133,7 +137,11 @@ blur = { enabled = false; }; }; - master = { new_status = true; }; + master = { + new_status = true; + allow_small_split = true; + mfact = 0.5; + }; gestures = { workspace_swipe = true; }; diff --git a/home/system/hyprland/hypridle.nix b/home/system/hyprland/hypridle.nix index 8668231..082eb5a 100644 --- a/home/system/hyprland/hypridle.nix +++ b/home/system/hyprland/hypridle.nix @@ -3,19 +3,25 @@ services.hypridle = { enable = true; settings = { - general = { ignore_dbus_inhibit = false; }; - listener = [{ - timeout = 600; - on-timeout = pkgs.hyprlock + "/bin/hyprlock"; - } - # { - # timeout = 660; - # on-timeout = "systemctl suspend"; - # on-resume = pkgs.libnotify - # + "/bin/notify-send 'Welcome back to your desktop!'"; - # } - ]; + general = { + ignore_dbus_inhibit = false; + lock_cmd = "pidof hyprlock || ${pkgs.hyprlock}/bin/hyprlock"; + before_sleep_cmd = "loginctl lock-session"; + after_sleep_cmd = "hyprctl dispatch dpms on"; + }; + + listener = [ + { + timeout = 600; + on-timeout = "pidof hyprlock || ${pkgs.hyprlock}/bin/hyprlock"; + } + + { + timeout = 660; + on-timeout = "systemctl suspend"; + } + ]; }; }; } diff --git a/hosts/server/modules/jackflix/bazarr.nix b/hosts/server/modules/jackflix/bazarr.nix deleted file mode 100644 index 402b43c..0000000 --- a/hosts/server/modules/jackflix/bazarr.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - services.bazarr = { - enable = true; - openFirewall = true; - }; -} diff --git a/hosts/server/modules/jackflix/default.nix b/hosts/server/modules/jackflix/default.nix index 4437d4e..eb2ac96 100644 --- a/hosts/server/modules/jackflix/default.nix +++ b/hosts/server/modules/jackflix/default.nix @@ -1,34 +1,70 @@ -{ config, ... }: { - nixarr = { +let + exposed = false; # Expose jellyfin to the internet + + vpn = { enable = true; - mediaDir = "/data/media"; - stateDir = "/data/media/.state/nixarr"; + wg-config = "/etc/wireguard/wg0.conf"; + }; - vpn = { - enable = true; - wgConf = "/data/.secret/wg.conf"; + root_folder = "/data"; +in { + systemd.tmpfiles.rules = [ + "d /data 0755 nixarr nixarr" + "d /data/media 0755 nixarr nixarr" + "d /data/radarr 0755 nixarr nixarr" + "d /data/sonarr 0755 nixarr nixarr" + ]; + + users = { + groups.nixarr = { }; + users.nixarr = { + isSystemUser = true; + home = root_folder; + hashedPassword = + "$y$j9T$9.hOJCwwmryq3PzEOGtjZ.$hu/76TghEjongcbls7oDoN2GWRqg8AwCknq.CS0zB.8"; }; + }; + services = { jellyfin = { enable = true; - expose.https = { - enable = true; - domainName = "media.anotherhadi.com"; - acmeMail = config.var.git.email; # Required for ACME-bot - }; + user = "jackflix"; + group = "media"; + openFirewall = true; + }; + + jellyseerr = { + enable = true; + port = 5055; + openFirewall = true; + }; + + prowlarr = { + enable = true; + openFirewall = true; + }; + + radarr = { + enable = true; + user = "jackflix"; + group = "media"; + dataDir = "/data/media/radarr"; + openFirewall = true; + }; + + sonarr = { + enable = true; + user = "jackflix"; + group = "media"; + dataDir = "/data/media/sonarr"; + openFirewall = true; }; transmission = { enable = true; - vpn.enable = true; - peerPort = 50000; + user = "jackflix"; + group = "media"; + openFirewall = true; }; - - bazarr.enable = true; - lidarr.enable = true; - prowlarr.enable = true; - radarr.enable = true; - readarr.enable = true; - sonarr.enable = true; }; } diff --git a/hosts/server/modules/jackflix/defaultjackflix.nix b/hosts/server/modules/jackflix/defaultjackflix.nix deleted file mode 100644 index 9f59301..0000000 --- a/hosts/server/modules/jackflix/defaultjackflix.nix +++ /dev/null @@ -1,21 +0,0 @@ -# { -# imports = [ -# ./jellyfin.nix -# # ./jellyseerr.nix -# # ./prowlarr.nix -# # ./radarr.nix -# # ./sonarr.nix -# # ./transmission.nix -# ]; -# -# users.groups = { jackflix = { }; }; -# -# users.users.jackflix = { -# isNormalUser = true; -# home = "/home/jackflix"; -# description = "My own netflix"; -# hashedPassword = -# "$y$j9T$9.hOJCwwmryq3PzEOGtjZ.$hu/76TghEjongcbls7oDoN2GWRqg8AwCknq.CS0zB.8"; -# extraGroups = [ "docker" "jackflix" ]; -# }; -# } diff --git a/hosts/server/modules/jackflix/jellyfin.nix b/hosts/server/modules/jackflix/jellyfin.nix deleted file mode 100644 index 1575522..0000000 --- a/hosts/server/modules/jackflix/jellyfin.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - services.jellyfin = { - enable = true; - user = "jackflix"; - group = "jackflix"; - dataDir = "/home/jackflix/jellyfin/data"; - cacheDir = "/home/jackflix/jellyfin/cache"; - logDir = "/home/jackflix/jellyfin/log"; - configDir = "/home/jackflix/jellyfin/config"; - openFirewall = true; - }; -} diff --git a/hosts/server/modules/jackflix/jellyseerr.nix b/hosts/server/modules/jackflix/jellyseerr.nix deleted file mode 100644 index 7efbc34..0000000 --- a/hosts/server/modules/jackflix/jellyseerr.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - services.jellyseerr = { - enable = true; - openFirewall = true; - }; -} diff --git a/hosts/server/modules/jackflix/prowlarr.nix b/hosts/server/modules/jackflix/prowlarr.nix deleted file mode 100644 index ef9f487..0000000 --- a/hosts/server/modules/jackflix/prowlarr.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - services.prowlarr = { - enable = true; - openFirewall = true; - }; -} diff --git a/hosts/server/modules/jackflix/radarr.nix b/hosts/server/modules/jackflix/radarr.nix deleted file mode 100644 index a4a4e63..0000000 --- a/hosts/server/modules/jackflix/radarr.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - services.radarr = { - enable = true; - user = "jackflix"; - group = "jackflix"; - dataDir = "/home/jackflix/radarr"; - openFirewall = true; - }; -} diff --git a/hosts/server/modules/jackflix/sonarr.nix b/hosts/server/modules/jackflix/sonarr.nix deleted file mode 100644 index 3c27875..0000000 --- a/hosts/server/modules/jackflix/sonarr.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - services.sonarr = { - enable = true; - user = "jackflix"; - group = "jackflix"; - dataDir = "/home/jackflix/sonarr"; - openFirewall = true; - }; -}