timobmrs/nix
1
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions
Nix configuration for Xeovalyte
372 commits 1 branch 0 tags 6.9 MiB
  • Nix 99.6%
  • Just 0.4%
Find a file
Exact
Timo Boomers 6747fe7c9f added ctr configuration
2026-03-02 15:48:57 +01:00
assets More niri styling 2025-06-23 17:04:59 +02:00
hosts changes 2026-01-29 12:51:10 +01:00
modules changes 2026-01-29 12:51:10 +01:00
overlays multiple changes 2025-12-13 11:03:24 +01:00
pkgs multiple changes 2025-12-13 11:03:24 +01:00
secrets Added caddyfile generation 2025-05-22 08:01:31 +02:00
v-th-ctr-01 added ctr configuration 2026-03-02 15:48:57 +01:00
.gitignore Migrated from default.nix to configuration.nix 2025-05-17 17:13:43 +02:00
.sops.yaml added age keys 2025-05-20 17:23:31 +02:00
flake.lock added deploy-rs 2025-12-27 14:05:30 +01:00
flake.nix added deploy-rs 2025-12-27 14:05:30 +01:00
justfile updated flake file 2025-06-11 13:14:20 +02:00
README.md Added obs and useful links section to README 2025-06-14 11:02:27 +02:00

README.md

Xeovalyte Dotfiles with Nix

New system install guide

1. Install Nixos with ISO

Nixos download

2. Copy hardware configuration to hosts directory

3. Generate ssh-keys

Archserver

  1. ssh-keygen -f ~/.ssh/archserver
  2. ssh-copy-id -i ~/.ssh/archserver 192.168.1.20

Gitea

  1. ssh-keygen -f ~/.ssh/gitea -t ed25519 -C "me+gitea@xeovalyte.dev"
  2. Upload to Gitea
  3. Verify ssh key (follow instructions on Gitea)

4. Add SSH keys

  1. ssh-add ~/.ssh/gitea
  2. ssh-add ~/.ssh/archserver

Homelab

List over services

Service Description Link
Caddy Reverse proxy -
Kanidm Openid provider auth.tbmrs.nl
Forgejo Git provider git.tbmrs.nl
Immich Photo and videos photos.tbmrs.nl
Homepage Dashboard home.tbmrs.nl
Uptime Kuma Uptime monitor uptime.tbmrs.nl
Pingvin share Sharing of files share.tbmrs.nl
Vaultwarden Password manager vault.local.tbmrs.nl
Paperless NGX Documents management paperless.local.tbmrs.nl
Beszel Resource usage monitor.local.tbmrs.nl
Dufs File manager files.tbmrs.nl
Syncthing File syncing syncthing.local.tbmrs.nl
Home Assistant Home automation home-assistant.local.tbmrs.nl
Karakeep Bookmarking karakeep.local.tbmrs.nl
Vikunja Tasks management vikunja.local.tbmrs.nl
Stalwart Mailserver mail.tbmrs.nl
Linkding Bookmark managment links.local.tbmrs.nl
Jellyfin Movies, series and music streaming stream.local.tbmrs.nl

Todo

  • Install koreader selfhosted sync

Openid commands

Configure new openid client

From: Kanidm Docs

Replace <service> with the name of the service.

  1. Create a new Kanidm group, and add your regular account to it:
$ kanidm group create <service>_users
$ kanidm group add-members <service>_users your_username
  1. Create a new OAuth2 application configuration in Kanidm, configure the redirect URL, and scope access to the group:
$ kanidm system oauth2 create <service> <servicename> <service_login_url>
$ kanidm system oauth2 add-redirect-url <service> <redirect_url>
$ kanidm system oauth2 update-scope-map <service> <service>_users email openid profile groups
  1. (Optional) Disable PKCE
$ kanidm system oauth2 warning-insecure-client-disable-pkce <service>
  1. Get the OAuth2 client secret from Kanidm
$ kanidm system oauth2 show-basic-secret <service>

Useful links

Womier keyboard permissions denied or not finding: https://github.com/the-via/releases/issues/257