jasmine/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refactor

Browse source
This commit is contained in:
♥ Minnie ♥ 2024-09-20 20:24:55 +08:00
parent 1206380efd
commit 7203fc1ed9
Signed by: jasmine
GPG key ID: 8563E358D4E8040E
51 changed files with 175 additions and 108 deletions
Download patch file Download diff file Expand all files Collapse all files

64
nixos/viridian/configuration.nix
View file

@ -2,13 +2,37 @@
imports = [
# Global configuration for all our systems
../common/global
# Our user configuration and optional user units
../common/users/sajenim
../common/users/spectre
# Programs and services
./programs
./services
./containers
# Containers
./containers/jellyfin
./containers/jellyseerr
./containers/lidarr
./containers/mealie
./containers/microbin
./containers/prowlarr
./containers/qbittorrent
./containers/radarr
./containers/recyclarr
./containers/sonarr
# Services
./services/borgbackup
./services/crowdsec
./services/forgejo
./services/grafana
./services/lighttpd
./services/minecraft
./services/mpd
./services/mysql
./services/paperless-ngx
./services/prometheus
./services/samba
./services/traefik
# Setup our hardware
./hardware-configuration.nix
];
@ -21,26 +45,26 @@
enable = true;
allowPing = true;
allowedTCPPorts = [
53 # adguardhome (DNS)
80 # traefik (HTTP)
443 # traefik (HTTPS)
32372 # qbittorrent
6600 # mpd
];
allowedUDPPorts = [
53 # adguardhome (DNS)
80 # traefik (HTTP)
443 # traefik (HTTPS)
32372 # qbittorrent
6600 # mpd
80
443
6600
];
};
};
# Use docker instead of podman for our containers.
virtualisation.docker = {
enable = true;
liveRestore = false;
# Configure programs
programs = {
zsh.enable = true;
};
# Manage linux containers
virtualisation = {
docker = {
enable = true;
liveRestore = false;
};
# Implementation to use for containers
oci-containers.backend = "docker";
};
# Required for smooth remote deployments

15
nixos/viridian/containers/default.nix
View file

@ -1,15 +0,0 @@
{...}: {
imports = [
./jellyfin.nix
./jellyseerr.nix
./lidarr.nix
./prowlarr.nix
./qbittorrent.nix
./radarr.nix
./recyclarr.nix
./sonarr.nix
./mealie.nix
./microbin
];
virtualisation.oci-containers.backend = "docker";
}

0
nixos/viridian/containers/jellyfin.nix → nixos/viridian/containers/jellyfin/default.nix
View file

0
nixos/viridian/containers/jellyseerr.nix → nixos/viridian/containers/jellyseerr/default.nix
View file

0
nixos/viridian/containers/lidarr.nix → nixos/viridian/containers/lidarr/default.nix
View file

0
nixos/viridian/containers/mealie.nix → nixos/viridian/containers/mealie/default.nix
View file

0
nixos/viridian/containers/prowlarr.nix → nixos/viridian/containers/prowlarr/default.nix
View file

0
nixos/viridian/containers/qbittorrent.nix → nixos/viridian/containers/qbittorrent/default.nix
View file

0
nixos/viridian/containers/radarr.nix → nixos/viridian/containers/radarr/default.nix
View file

0
nixos/viridian/containers/recyclarr.nix → nixos/viridian/containers/recyclarr/default.nix
View file

0
nixos/viridian/containers/sonarr.nix → nixos/viridian/containers/sonarr/default.nix
View file

5
nixos/viridian/programs/default.nix
View file

@ -1,5 +0,0 @@
{...}: {
programs = {
zsh.enable = true;
};
}

0
nixos/viridian/services/borgbackup.nix → nixos/viridian/services/borgbackup/default.nix
View file

15
nixos/viridian/services/default.nix
View file

@ -1,15 +0,0 @@
{...}: {
imports = [
./traefik
./crowdsec
./minecraft
./borgbackup.nix
./forgejo.nix
./lighttpd.nix
./mpd.nix
./samba.nix
./grafana.nix
./mysql.nix
./prometheus.nix
];
}

0
nixos/viridian/services/forgejo.nix → nixos/viridian/services/forgejo/default.nix
View file

0
nixos/viridian/services/grafana.nix → nixos/viridian/services/grafana/default.nix
View file

0
nixos/viridian/services/lighttpd.nix → nixos/viridian/services/lighttpd/default.nix
View file

0
nixos/viridian/services/mpd.nix → nixos/viridian/services/mpd/default.nix
View file

0
nixos/viridian/services/mysql.nix → nixos/viridian/services/mysql/default.nix
View file

37
nixos/viridian/services/paperless-ngx/default.nix Normal file
View file

@ -0,0 +1,37 @@
{config, ...}: let
dir = "/srv/services/paperless-ngx";
in {
age.secrets.paperless-ngx = {
rekeyFile = ./password.age;
};
services.paperless = {
enable = true;
port = 28981;
dataDir = "${dir}";
mediaDir = "${dir}/media";
settings = {
PAPERLESS_ADMIN_USER = "sajenim";
};
passwordFile = config.age.secrets.paperless-ngx.path;
};
services.traefik.dynamicConfigOptions.http.routers = {
paperless-ngx = {
rule = "Host(`docs.kanto.dev`)";
entryPoints = [
"websecure"
];
middlewares = [
"internal"
];
service = "paperless-ngx";
};
};
services.traefik.dynamicConfigOptions.http.services = {
paperless-ngx.loadBalancer.servers = [
{url = "http://127.0.0.1:${toString config.services.paperless.port}";}
];
};
}

8
nixos/viridian/services/paperless-ngx/password.age Normal file
View file

@ -0,0 +1,8 @@
age-encryption.org/v1
-> piv-p256 hdSnGw A4P0oT5qK/bG8ieEixFW/SCouhantxg3dSjiGG1MEuns
cDorIZ44RmsUsiiybnr1y8WZtv/3kFPi86QkpGURqTY
-> FNP4c-grease
LThbpY1sc7XzQgputWt3ULuLwemBilYrOEZMTAj+/xkxyQg5HwSIhBS1XYzvMc2K
ld/o3JfDaXVLEz0Vk59TClXeOGITp7Ki
--- 572BrDug9qmAG7G0mC5bOZ/h1UD4y2m1ceDhy1qQh3U
/¬vØk)Ùë­hŒ ˆ™æûËÇx^QyAeK}låÆg~¯k> l*p

0
nixos/viridian/services/prometheus.nix → nixos/viridian/services/prometheus/default.nix
View file

0
nixos/viridian/services/samba.nix → nixos/viridian/services/samba/default.nix
View file