diff --git a/config/common.nix b/config/common.nix index 78dfa7f..63de4ac 100644 --- a/config/common.nix +++ b/config/common.nix @@ -148,6 +148,7 @@ tree p7zip inetutils # telnet + wl-clipboard # clipboard for vim # media yt-dlp diff --git a/home/common.nix b/home/common.nix index 27933d6..2d4f87a 100644 --- a/home/common.nix +++ b/home/common.nix @@ -45,7 +45,7 @@ historyLimit = 10000; mouse = true; extraConfig = '' - + set -s set-clipboard on ''; }; diff --git a/home/podman.nix b/home/podman.nix index e29d829..0e3415e 100644 --- a/home/podman.nix +++ b/home/podman.nix @@ -6,6 +6,30 @@ }: { + +systemd.user.services.podman-prune = { + Unit = { + Description = "Prune unused Podman resources for admin user"; + }; + Service = { + Type = "oneshot"; + ExecStart = "${pkgs.podman}/bin/podman system prune -f --all"; + }; +}; + +systemd.user.timers.podman-prune = { + Unit = { + Description = "Weekly Podman prune timer"; + }; + Timer = { + OnCalendar = "weekly"; + Persistent = true; + }; + Install = { + WantedBy = [ "timers.target" ]; + }; +}; + services.podman.networks = { internal_net = { driver = "bridge"; @@ -138,75 +162,6 @@ }; }; }; - - authentik-server = { - image = "ghcr.io/goauthentik/server:2026.2.1"; - autoStart = true; - autoUpdate = "registry"; - network = "internal_net"; - exec = "server"; - environmentFile = [ - "/pool/services/secrets/default" - "/pool/services/secrets/authentik" - ]; - volumes = [ - "/pool/services/podman/authentik/data:/data" - "/pool/services/podman/authentik/certs:/certs" - "/pool/services/podman/authentik/templates:/templates" - ]; - extraPodmanArgs = [ - "--shm-size=256m" - ]; - extraConfig = { - Service = { - TimeoutStartSec = 900; - }; - }; - }; - - authentik-postgresql = { - image = "docker.io/postgres:16-alpine"; - autoStart = true; - autoUpdate = "registry"; - network = "internal_net"; - environmentFile = [ - "/pool/services/secrets/default" - "/pool/services/secrets/authentik" - ]; - volumes = [ - "/pool/services/podman/authentik/db:/var/lib/postgresql/data" - ]; - extraConfig = { - Service = { - TimeoutStartSec = 900; - }; - }; - }; - - authentik-worker = { - image = "ghcr.io/goauthentik/server:2026.2.1"; - autoStart = true; - autoUpdate = "registry"; - network = "internal_net"; - exec = "worker"; - environmentFile = [ - "/pool/services/secrets/default" - "/pool/services/secrets/authentik" - ]; - volumes = [ - "/pool/services/podman/authentik/data:/data" - "/pool/services/podman/authentik/certs:/certs" - "/pool/services/podman/authentik/templates:/templates" - ]; - extraPodmanArgs = [ - "--shm-size=256m" - ]; - extraConfig = { - Service = { - TimeoutStartSec = 900; - }; - }; - }; caddy-local = { image = "ghcr.io/caddybuilds/caddy-cloudflare:latest"; autoStart = true; @@ -232,6 +187,25 @@ }; }; + cleanuparr = { + image = "ghcr.io/cleanuparr/cleanuparr:latest"; + autoStart = true; + autoUpdate = "registry"; + network = "internal_net"; + environmentFile = [ + "/pool/services/secrets/default" + ]; + volumes = [ + "/pool/services/podman/cleanuparr:/config" + "/pool/media/torrents:/downloads" + ]; + extraConfig = { + Service = { + TimeoutStartSec = 900; + }; + }; + }; + bazarr = { image = "lscr.io/linuxserver/bazarr:latest"; autoStart = true; @@ -810,6 +784,64 @@ # }; #}; + nextcloud = { + image = "docker.io/nextcloud"; + autoStart = true; + autoUpdate = "registry"; + network = "internal_net"; + environmentFile = [ + "/pool/services/secrets/default" + "/pool/services/secrets/nextcloud" + ]; + volumes = [ + "/pool/services/podman/nextcloud/app:/var/www/html" + ]; + extraConfig = { + Service = { + TimeoutStartSec = 900; + }; + }; + }; + + nextcloud-db = { + image = "docker.io/mariadb:10.6"; + autoStart = true; + autoUpdate = "registry"; + network = "internal_net"; + exec = "--transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW"; + environmentFile = [ + "/pool/services/secrets/default" + "/pool/services/secrets/nextcloud" + ]; + volumes = [ + "/pool/services/podman/nextcloud/db:/var/lib/mysql" + ]; + extraConfig = { + Service = { + TimeoutStartSec = 900; + }; + }; + }; + + ntfy = { + image = "docker.io/binwiederhier/ntfy"; + autoStart = true; + autoUpdate = "registry"; + network = "internal_net"; + exec = "serve"; + environmentFile = [ + "/pool/services/secrets/default" + "/pool/services/secrets/ntfy" + ]; + volumes = [ + "/pool/services/podman/ntfy:/var/lib/ntfy" + ]; + extraConfig = { + Service = { + TimeoutStartSec = 900; + }; + }; + }; ntp = { image = "docker.io/cturra/ntp"; autoStart = true; diff --git a/hosts/server/settings.nix b/hosts/server/settings.nix index 7457ebd..eaa5662 100644 --- a/hosts/server/settings.nix +++ b/hosts/server/settings.nix @@ -162,45 +162,15 @@ systemd.services.podman-network-vlan50 = { services.smartd = { enable = true; - notifications = { - mail.enable = true; - mail.recipient = "accelarion@protonmail.com"; - }; #devices = [ "DEVICESCAN -a" ]; # autodetect all drives }; - - programs.msmtp = { - enable = true; - accounts.default = { - auth = true; - tls = true; - host = "smtp.protonmail.ch"; - port = 587; - from = "faris@mektem.com"; - user = "faris@mektem.com"; - passwordeval = "cat /pool/services/secrets/mail.txt"; - }; - }; - environment.etc."zfs/zed-notify.sh" = { - mode = "0755"; - text = '' - #!/bin/sh - # ZED calls: ZED_EMAIL_PROG "subject" "recipient" - SUBJECT="$1" - TO="$2" - (echo "Subject: $SUBJECT"; echo "To: $TO"; echo ""; cat) | \ - ${pkgs.msmtp}/bin/msmtp "$TO" - ''; - }; - services.zfs.zed = { - enableMail = true; settings = { - ZED_EMAIL_ADDR = [ "faris@mektem.com" ]; - ZED_EMAIL_PROG = "/etc/zfs/zed-notify.sh"; # Or ssmtp - ZED_EMAIL_OPTS = ""; - ZED_NOTIFY_INTERVAL_SECS = 3600; + ZED_NTFY_URL="https://ntfy.mektem.com"; + ZED_NTFY_TOPIC="zfs"; + ZED_NTFY_ACCESS_TOKEN="tk_gtjia7itxhg1qik7j58wkgey2parr"; + ZED_NOTIFY_INTERVAL_SECS = 1; ZED_NOTIFY_VERBOSE = true; # Set to false to only get alerts on degradation }; }; @@ -290,29 +260,6 @@ systemd.services.podman-network-vlan50 = { # }; }; - headscale = { - image = "docker.io/headscale/headscale:stable"; - autoStart = true; - #utoUpdate = "registry"; - networks = [ "vlan50" ]; - cmd = [ "serve" ]; - environmentFiles = [ - "/pool/services/secrets/default" - ]; - volumes = [ - "/pool/services/podman/headscale/config:/etc/headscale:ro" - "/pool/services/podman/headscale/lib:/var/lib/headscale" - ]; - extraOptions = [ - "--ip=192.168.50.38" - ]; - #extraConfig = { - # Service = { - # TimeoutStartSec = 900; - # }; - ##}; - }; - matrix = { image = "ghcr.io/element-hq/synapse"; autoStart = true; @@ -358,29 +305,6 @@ systemd.services.podman-network-vlan50 = { # }; }; - ntfy = { - image = "docker.io/binwiederhier/ntfy"; - autoStart = true; - #autoUpdate = "registry"; - networks = [ "vlan50" ]; - cmd = [ "serve" ]; - environmentFiles = [ - "/pool/services/secrets/default" - "/pool/services/secrets/ntfy" - ]; - volumes = [ - "/pool/services/podman/ntfy:/var/lib/ntfy" - ]; - extraOptions = [ - "--ip=192.168.50.35" - ]; - # extraConfig = { - # Service = { - # TimeoutStartSec = 900; - # }; - # }; - }; - privatebin = { image = "docker.io/privatebin/nginx-fpm-alpine:latest"; autoStart = true; diff --git "a/sion=\" " "b/sion=\" " new file mode 100644 index 0000000..74570f6 --- /dev/null +++ "b/sion=\" " @@ -0,0 +1,324 @@ + + SSUUMMMMAARRYY OOFF LLEESSSS CCOOMMMMAANNDDSS + + Commands marked with * may be preceded by a number, _N. + Notes in parentheses indicate the behavior if _N is given. + A key preceded by a caret indicates the Ctrl key; thus ^K is ctrl-K. + + h H Display this help. + q :q Q :Q ZZ Exit. + --------------------------------------------------------------------------- + + MMOOVVIINNGG + + e ^E j ^N CR * Forward one line (or _N lines). + y ^Y k ^K ^P * Backward one line (or _N lines). + ESC-j * Forward one file line (or _N file lines). + ESC-k * Backward one file line (or _N file lines). + f ^F ^V SPACE * Forward one window (or _N lines). + b ^B ESC-v * Backward one window (or _N lines). + z * Forward one window (and set window to _N). + w * Backward one window (and set window to _N). + ESC-SPACE * Forward one window, but don't stop at end-of-file. + ESC-b * Backward one window, but don't stop at beginning-of-file. + d ^D * Forward one half-window (and set half-window to _N). + u ^U * Backward one half-window (and set half-window to _N). + ESC-) RightArrow * Right one half screen width (or _N positions). + ESC-( LeftArrow * Left one half screen width (or _N positions). + ESC-} ^RightArrow Right to last column displayed. + ESC-{ ^LeftArrow Left to first column. + F Forward forever; like "tail -f". + ESC-F Like F but stop when search pattern is found. + r ^R ^L Repaint screen. + R Repaint screen, discarding buffered input. + --------------------------------------------------- + Default "window" is the screen height. + Default "half-window" is half of the screen height. + --------------------------------------------------------------------------- + + SSEEAARRCCHHIINNGG + + /_p_a_t_t_e_r_n * Search forward for (_N-th) matching line. + ?_p_a_t_t_e_r_n * Search backward for (_N-th) matching line. + n * Repeat previous search (for _N-th occurrence). + N * Repeat previous search in reverse direction. + ESC-n * Repeat previous search, spanning files. + ESC-N * Repeat previous search, reverse dir. & spanning files. + ^O^N ^On * Search forward for (_N-th) OSC8 hyperlink. + ^O^P ^Op * Search backward for (_N-th) OSC8 hyperlink. + ^O^L ^Ol Jump to the currently selected OSC8 hyperlink. + ESC-u Undo (toggle) search highlighting. + ESC-U Clear search highlighting. + &_p_a_t_t_e_r_n * Display only matching lines. + --------------------------------------------------- + Search is case-sensitive unless changed with -i or -I. + A search pattern may begin with one or more of: + ^N or ! Search for NON-matching lines. + ^E or * Search multiple files (pass thru END OF FILE). + ^F or @ Start search at FIRST file (for /) or last file (for ?). + ^K Highlight matches, but don't move (KEEP position). + ^R Don't use REGULAR EXPRESSIONS. + ^S _n Search for match in _n-th parenthesized subpattern. + ^W WRAP search if no match found. + ^L Enter next character literally into pattern. + --------------------------------------------------------------------------- + + JJUUMMPPIINNGG + + g < ESC-< * Go to first line in file (or line _N). + G > ESC-> * Go to last line in file (or line _N). + p % * Go to beginning of file (or _N percent into file). + t * Go to the (_N-th) next tag. + T * Go to the (_N-th) previous tag. + { ( [ * Find close bracket } ) ]. + } ) ] * Find open bracket { ( [. + ESC-^F _<_c_1_> _<_c_2_> * Find close bracket _<_c_2_>. + ESC-^B _<_c_1_> _<_c_2_> * Find open bracket _<_c_1_>. + --------------------------------------------------- + Each "find close bracket" command goes forward to the close bracket + matching the (_N-th) open bracket in the top line. + Each "find open bracket" command goes backward to the open bracket + matching the (_N-th) close bracket in the bottom line. + + m_<_l_e_t_t_e_r_> Mark the current top line with . + M_<_l_e_t_t_e_r_> Mark the current bottom line with . + '_<_l_e_t_t_e_r_> Go to a previously marked position. + '' Go to the previous position. + ^X^X Same as '. + ESC-m_<_l_e_t_t_e_r_> Clear a mark. + --------------------------------------------------- + A mark is any upper-case or lower-case letter. + Certain marks are predefined: + ^ means beginning of the file + $ means end of the file + --------------------------------------------------------------------------- + + CCHHAANNGGIINNGG FFIILLEESS + + :e [_f_i_l_e] Examine a new file. + ^X^V Same as :e. + :n * Examine the (_N-th) next file from the command line. + :p * Examine the (_N-th) previous file from the command line. + :x * Examine the first (or _N-th) file from the command line. + ^O^O Open the currently selected OSC8 hyperlink. + :d Delete the current file from the command line list. + = ^G :f Print current file name. + --------------------------------------------------------------------------- + + MMIISSCCEELLLLAANNEEOOUUSS CCOOMMMMAANNDDSS + + -_<_f_l_a_g_> Toggle a command line option [see OPTIONS below]. + --_<_n_a_m_e_> Toggle a command line option, by name. + __<_f_l_a_g_> Display the setting of a command line option. + ___<_n_a_m_e_> Display the setting of an option, by name. + +_c_m_d Execute the less cmd each time a new file is examined. + + !_c_o_m_m_a_n_d Execute the shell command with $SHELL. + #_c_o_m_m_a_n_d Execute the shell command, expanded like a prompt. + |XX_c_o_m_m_a_n_d Pipe file between current pos & mark XX to shell command. + s _f_i_l_e Save input to a file. + v Edit the current file with $VISUAL or $EDITOR. + V Print version number of "less". + --------------------------------------------------------------------------- + + OOPPTTIIOONNSS + + Most options may be changed either on the command line, + or from within less by using the - or -- command. + Options may be given in one of two forms: either a single + character preceded by a -, or a name preceded by --. + + -? ........ --help + Display help (from command line). + -a ........ --search-skip-screen + Search skips current screen. + -A ........ --SEARCH-SKIP-SCREEN + Search starts just after target line. + -b [_N] .... --buffers=[_N] + Number of buffers. + -B ........ --auto-buffers + Don't automatically allocate buffers for pipes. + -c ........ --clear-screen + Repaint by clearing rather than scrolling. + -d ........ --dumb + Dumb terminal. + -D xx_c_o_l_o_r . --color=xx_c_o_l_o_r + Set screen colors. + -e -E .... --quit-at-eof --QUIT-AT-EOF + Quit at end of file. + -f ........ --force + Force open non-regular files. + -F ........ --quit-if-one-screen + Quit if entire file fits on first screen. + -g ........ --hilite-search + Highlight only last match for searches. + -G ........ --HILITE-SEARCH + Don't highlight any matches for searches. + -h [_N] .... --max-back-scroll=[_N] + Backward scroll limit. + -i ........ --ignore-case + Ignore case in searches that do not contain uppercase. + -I ........ --IGNORE-CASE + Ignore case in all searches. + -j [_N] .... --jump-target=[_N] + Screen position of target lines. + -J ........ --status-column + Display a status column at left edge of screen. + -k _f_i_l_e ... --lesskey-file=_f_i_l_e + Use a compiled lesskey file. + -K ........ --quit-on-intr + Exit less in response to ctrl-C. + -L ........ --no-lessopen + Ignore the LESSOPEN environment variable. + -m -M .... --long-prompt --LONG-PROMPT + Set prompt style. + -n ......... --line-numbers + Suppress line numbers in prompts and messages. + -N ......... --LINE-NUMBERS + Display line number at start of each line. + -o [_f_i_l_e] .. --log-file=[_f_i_l_e] + Copy to log file (standard input only). + -O [_f_i_l_e] .. --LOG-FILE=[_f_i_l_e] + Copy to log file (unconditionally overwrite). + -p _p_a_t_t_e_r_n . --pattern=[_p_a_t_t_e_r_n] + Start at pattern (from command line). + -P [_p_r_o_m_p_t] --prompt=[_p_r_o_m_p_t] + Define new prompt. + -q -Q .... --quiet --QUIET --silent --SILENT + Quiet the terminal bell. + -r -R .... --raw-control-chars --RAW-CONTROL-CHARS + Output "raw" control characters. + -s ........ --squeeze-blank-lines + Squeeze multiple blank lines. + -S ........ --chop-long-lines + Chop (truncate) long lines rather than wrapping. + -t _t_a_g .... --tag=[_t_a_g] + Find a tag. + -T [_t_a_g_s_f_i_l_e] --tag-file=[_t_a_g_s_f_i_l_e] + Use an alternate tags file. + -u -U .... --underline-special --UNDERLINE-SPECIAL + Change handling of backspaces, tabs and carriage returns. + -V ........ --version + Display the version number of "less". + -w ........ --hilite-unread + Highlight first new line after forward-screen. + -W ........ --HILITE-UNREAD + Highlight first new line after any forward movement. + -x [_N[,...]] --tabs=[_N[,...]] + Set tab stops. + -X ........ --no-init + Don't use termcap init/deinit strings. + -y [_N] .... --max-forw-scroll=[_N] + Forward scroll limit. + -z [_N] .... --window=[_N] + Set size of window. + -" [_c[_c]] . --quotes=[_c[_c]] + Set shell quote characters. + -~ ........ --tilde + Don't display tildes after end of file. + -# [_N] .... --shift=[_N] + Set horizontal scroll amount (0 = one half screen width). + + --exit-follow-on-close + Exit F command on a pipe when writer closes pipe. + --file-size + Automatically determine the size of the input file. + --follow-name + The F command changes files if the input file is renamed. + --form-feed + Stop scrolling when a form feed character is reached. + --header=[_L[,_C[,_N]]] + Use _L lines (starting at line _N) and _C columns as headers. + --incsearch + Search file as each pattern character is typed in. + --intr=[_C] + Use _C instead of ^X to interrupt a read. + --lesskey-context=_t_e_x_t + Use lesskey source file contents. + --lesskey-src=_f_i_l_e + Use a lesskey source file. + --line-num-width=[_N] + Set the width of the -N line number field to _N characters. + --match-shift=[_N] + Show at least _N characters to the left of a search match. + --modelines=[_N] + Read _N lines from the input file and look for vim modelines. + --mouse + Enable mouse input. + --no-edit-warn + Don't warn when using v command on a file opened via LESSOPEN. + --no-keypad + Don't send termcap keypad init/deinit strings. + --no-histdups + Remove duplicates from command history. + --no-number-headers + Don't give line numbers to header lines. + --no-paste + Ignore pasted input. + --no-search-header-lines + Searches do not include header lines. + --no-search-header-columns + Searches do not include header columns. + --no-search-headers + Searches do not include header lines or columns. + --no-vbell + Disable the terminal's visual bell. + --redraw-on-quit + Redraw final screen when quitting. + --rscroll=[_C] + Set the character used to mark truncated lines. + --save-marks + Retain marks across invocations of less. + --search-options=[EFKNRW-] + Set default options for every search. + --show-preproc-errors + Display a message if preprocessor exits with an error status. + --proc-backspace + Process backspaces for bold/underline. + --PROC-BACKSPACE + Treat backspaces as control characters. + --proc-return + Delete carriage returns before newline. + --PROC-RETURN + Treat carriage returns as control characters. + --proc-tab + Expand tabs to spaces. + --PROC-TAB + Treat tabs as control characters. + --status-col-width=[_N] + Set the width of the -J status column to _N characters. + --status-line + Highlight or color the entire line containing a mark. + --use-backslash + Subsequent options use backslash as escape char. + --use-color + Enables colored text. + --wheel-lines=[_N] + Each click of the mouse wheel moves _N lines. + --wordwrap + Wrap lines at spaces. + + + --------------------------------------------------------------------------- + + LLIINNEE EEDDIITTIINNGG + + These keys can be used to edit text being entered + on the "command line" at the bottom of the screen. + + RightArrow ..................... ESC-l ... Move cursor right one character. + LeftArrow ...................... ESC-h ... Move cursor left one character. + ctrl-RightArrow ESC-RightArrow ESC-w ... Move cursor right one word. + ctrl-LeftArrow ESC-LeftArrow ESC-b ... Move cursor left one word. + HOME ........................... ESC-0 ... Move cursor to start of line. + END ............................ ESC-$ ... Move cursor to end of line. + BACKSPACE ................................ Delete char to left of cursor. + DELETE ......................... ESC-x ... Delete char under cursor. + ctrl-BACKSPACE ESC-BACKSPACE ........... Delete word to left of cursor. + ctrl-DELETE .... ESC-DELETE .... ESC-X ... Delete word under cursor. + ctrl-U ......... ESC (MS-DOS only) ....... Delete entire line. + UpArrow ........................ ESC-k ... Retrieve previous command line. + DownArrow ...................... ESC-j ... Retrieve next command line. + TAB ...................................... Complete filename & cycle. + SHIFT-TAB ...................... ESC-TAB Complete filename & reverse cycle. + ctrl-L ................................... Complete filename, list all.