From d0d60be2e0366d5395494a1f8f33eaaf2c08cd74 Mon Sep 17 00:00:00 2001 From: tulg Date: Mon, 27 Apr 2026 19:19:20 +0300 Subject: [PATCH] global restructuring and shit --- hosts/kittykat/configuration.nix | 17 ++------- hosts/kittykat/traefik.nix | 36 ------------------- hosts/virgil/configuration.nix | 26 ++------------ hosts/virgil/hardware-configuration.nix | 14 +++++++- modules/nixos/gaming.nix | 5 +++ .../servers/per-host/kittykat/vaultwarden.nix | 27 ++++++++++++++ modules/servers/per-host/kittykat/xray.nix | 26 ++++++++++++++ 7 files changed, 76 insertions(+), 75 deletions(-) create mode 100644 modules/servers/per-host/kittykat/vaultwarden.nix create mode 100644 modules/servers/per-host/kittykat/xray.nix diff --git a/hosts/kittykat/configuration.nix b/hosts/kittykat/configuration.nix index 157f20f..07c171d 100644 --- a/hosts/kittykat/configuration.nix +++ b/hosts/kittykat/configuration.nix @@ -11,6 +11,9 @@ ../../modules/nixos/users/tulg.nix ./traefik.nix #../../modules/home-manager/cli/default.nix + ../../modules/servers/per-host/kittykat/vaultwarden.nix + + ../../modules/servers/per-host/kittykat/xray.nix ]; networking.hostName = "kittykat"; @@ -19,21 +22,7 @@ fastfetch kitty ]; - services.xray-3x-ui = { - enable = true; - port = 2053; - openFirewall = false; - }; - networking.firewall.allowedTCPPorts = [45544 22]; - services.vaultwarden = { - enable = true; - config = { - DOMAIN = "https://vault.kittykat.poggerer.xyz"; - SIGNUPS_ALLOWED = false; - ROCKET_PORT = 8222; - }; - }; programs.bash.interactiveShellInit = '' PS1="\[\e[38;5;177m\]\u\[\e[0m\]@\[\e[38;5;220m\]\h\[\e[0m\] \[\e[38;5;33m\]\w\[\e[0m\] \$ " ''; diff --git a/hosts/kittykat/traefik.nix b/hosts/kittykat/traefik.nix index 9d3bcdf..a9d375e 100644 --- a/hosts/kittykat/traefik.nix +++ b/hosts/kittykat/traefik.nix @@ -40,41 +40,5 @@ api.dashboard = true; }; - - dynamicConfigOptions = { - http = { - routers = { - xray = { - rule = "Host(`v2.kittykat.poggerer.xyz`)"; - entryPoints = ["websecure"]; - service = "xray"; - tls = { - certResolver = "letsencrypt"; - }; - }; - vaultwarden = { - rule = "Host(`vault.kittykat.poggerer.xyz`)"; - entryPoints = ["websecure"]; - service = "vaultwarden"; - tls.certResolver = "letsencrypt"; - }; - }; - - services = { - xray = { - loadBalancer = { - servers = [ - {url = "http://127.0.0.1:2053";} - ]; - }; - }; - vaultwarden = { - loadBalancer.servers = [ - {url = "http://127.0.0.1:8222";} - ]; - }; - }; - }; - }; }; } diff --git a/hosts/virgil/configuration.nix b/hosts/virgil/configuration.nix index 80235b2..4e5f599 100644 --- a/hosts/virgil/configuration.nix +++ b/hosts/virgil/configuration.nix @@ -14,39 +14,17 @@ ../../modules/nixos/fonts.nix ../../modules/nixos/services.nix ../../modules/nixos/users/tulg.nix + ../../modules/nixos/gaming.nix ]; programs.hyprland = { enable = true; xwayland.enable = true; }; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; - services.avahi.allowInterfaces = ["eno1"]; - hardware.graphics = { - enable = true; - enable32Bit = true; - }; + environment.systemPackages = with pkgs; [ protonup-ng ]; - hardware.nvidia = { - modesetting.enable = true; - open = false; - powerManagement.enable = false; - prime = { - offload.enable = true; - offload.enableOffloadCmd = true; - - nvidiaBusId = "PCI:1:0:0"; - amdgpuBusId = "PCI:19:0:0"; - }; - }; - services.xserver.videoDrivers = ["nvidia" "amdgpu"]; - boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "virgil"; diff --git a/hosts/virgil/hardware-configuration.nix b/hosts/virgil/hardware-configuration.nix index 2511d96..13b326b 100644 --- a/hosts/virgil/hardware-configuration.nix +++ b/hosts/virgil/hardware-configuration.nix @@ -20,9 +20,21 @@ "usb_storage" "sd_mod" ]; + hardware.nvidia = { + modesetting.enable = true; + open = false; + powerManagement.enable = false; + prime = { + offload.enable = true; + offload.enableOffloadCmd = true; + nvidiaBusId = "PCI:1:0:0"; + amdgpuBusId = "PCI:19:0:0"; + }; + }; + services.xserver.videoDrivers = ["nvidia" "amdgpu"]; boot.initrd.kernelModules = []; - + services.avahi.allowInterfaces = ["eno1"]; boot.kernelModules = [ "kvm-amd" "nct6775" diff --git a/modules/nixos/gaming.nix b/modules/nixos/gaming.nix index 7e424a1..1184e54 100644 --- a/modules/nixos/gaming.nix +++ b/modules/nixos/gaming.nix @@ -1,4 +1,9 @@ { + config, + lib, + pkgs, + ... +}: { programs.steam = { enable = true; remotePlay.openFirewall = true; diff --git a/modules/servers/per-host/kittykat/vaultwarden.nix b/modules/servers/per-host/kittykat/vaultwarden.nix new file mode 100644 index 0000000..7a43609 --- /dev/null +++ b/modules/servers/per-host/kittykat/vaultwarden.nix @@ -0,0 +1,27 @@ +{...}: { + services.vaultwarden = { + enable = true; + + config = { + DOMAIN = "https://vault.kittykat.poggerer.xyz"; + SIGNUPS_ALLOWED = false; + ROCKET_PORT = 8222; + }; + }; + services.traefik.dynamicConfigOptions.http = { + routers.vaultwarden = { + rule = "Host(`vault.kittykat.poggerer.xyz`)"; + entryPoints = ["websecure"]; + service = "vaultwarden"; + tls.certResolver = "letsencrypt"; + }; + + services.vaultwarden = { + loadBalancer = { + servers = [ + {url = "http://127.0.0.1:8222";} + ]; + }; + }; + }; +} diff --git a/modules/servers/per-host/kittykat/xray.nix b/modules/servers/per-host/kittykat/xray.nix new file mode 100644 index 0000000..7e6e887 --- /dev/null +++ b/modules/servers/per-host/kittykat/xray.nix @@ -0,0 +1,26 @@ +{...}: { + services.xray-3x-ui = { + enable = true; + port = 2053; + openFirewall = false; + }; + networking.firewall.allowedTCPPorts = [45544 22]; + services.traefik.dynamicConfigOptions.http = { + routers.xray = { + rule = "Host(`v2.kittykat.poggerer.xyz`)"; + entryPoints = ["websecure"]; + service = "xray"; + tls = { + certResolver = "letsencrypt"; + }; + }; + + services.xray = { + loadBalancer = { + servers = [ + {url = "http://127.0.0.1:2053";} + ]; + }; + }; + }; +}