jasmine/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: jasmine:b636d31d9db431b38c526c0d23ae7bb4a144f9ef
Branches Tags
jasmine:master
...
compare: jasmine:7adbb841f7271d82f2e566ce08c914c0400db72d
Branches Tags
jasmine:master

4 commits
b636d31d9d ... 7adbb841f7

Author SHA1 Message Date
jasmine
7adbb841f7
install/remove some programs 2024-11-22 07:17:42 +08:00
jasmine
1ecf47b006
migrate to 24.11 2024-11-22 07:17:23 +08:00
jasmine
ea1ad13c53
remove immich 2024-11-22 07:16:44 +08:00
jasmine
1f776ec51d
migrate internal domain to home.arpa 2024-11-22 07:15:34 +08:00
22 changed files with 38 additions and 167 deletions
Download patch file Download diff file Expand all files Collapse all files

42
flake.lock generated
View file

@ -52,11 +52,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1730074366, "lastModified": 1730927643,
"narHash": "sha256-u8aVS/u/CSOt4M+VEdFNiVRZt1YsM00i7sF8OVDGi6Q=", "narHash": "sha256-3wb8lbQUzXZ0n8FWUxsISubTLi0bRV97GFIxd9Ne1B4=",
"ref": "refs/heads/main", "ref": "refs/heads/main",
"rev": "54ec36a05d01e506b789fd4b5b825a3012bf7a22", "rev": "b35276acd405b1c305cafeb04416d4f61ee78251",
"revCount": 24, "revCount": 25,
"type": "git", "type": "git",
"url": "https://codeberg.org/kampka/nix-flake-crowdsec.git" "url": "https://codeberg.org/kampka/nix-flake-crowdsec.git"
}, },
@ -394,16 +394,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1726989464, "lastModified": 1731880681,
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", "narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", "rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-24.05", "ref": "release-24.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@ -432,11 +432,11 @@
}, },
"impermanence": { "impermanence": {
"locked": { "locked": {
"lastModified": 1730403150, "lastModified": 1731242966,
"narHash": "sha256-W1FH5aJ/GpRCOA7DXT/sJHFpa5r8sq2qAUncWwRZ3Gg=", "narHash": "sha256-B3C3JLbGw0FtLSWCjBxU961gLNv+BOOBC6WvstKLYMw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "impermanence", "repo": "impermanence",
"rev": "0d09341beeaa2367bac5d718df1404bf2ce45e6f", "rev": "3ed3f0eaae9fcc0a8331e77e9319c8a4abd8a71a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -474,11 +474,11 @@
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1731030299, "lastModified": 1731981116,
"narHash": "sha256-PwtzMWPJhz9Rn/0rzQfMb6icSA6DtJZKCuK88IwFSos=", "narHash": "sha256-SgnDCrAuX9JxRk7NqGJCXYmt+EUkDF2rfL7QjtNImuk=",
"owner": "Infinidoge", "owner": "Infinidoge",
"repo": "nix-minecraft", "repo": "nix-minecraft",
"rev": "11ca743d2e4602d5b8bfc8d65303f969d58ec338", "rev": "3b71545aa21e6fe9eb7690be7ee2ee3d633b1990",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -533,11 +533,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1730785428, "lastModified": 1731676054,
"narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -565,16 +565,16 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1730883749, "lastModified": 1731755305,
"narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", "narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", "rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-24.05", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

4
flake.nix
View file

@ -3,12 +3,12 @@
inputs = { inputs = {
# Nixpkgs # Nixpkgs
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
# Home manager # Home manager
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-24.05"; url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };

4
home-manager/sajenim/features/cli/default.nix
View file

@ -8,13 +8,13 @@
programs.ssh = { programs.ssh = {
enable = true; enable = true;
matchBlocks."viridian" = { matchBlocks."viridian" = {
hostname = "viridian.kanto.dev"; hostname = "viridian.home.arpa";
identityFile = "/home/sajenim/.ssh/sajenim_sk"; identityFile = "/home/sajenim/.ssh/sajenim_sk";
port = 22; port = 22;
}; };
matchBlocks."lavender" = { matchBlocks."lavender" = {
hostname = "lavender.kanto.dev"; hostname = "lavender.home.arpa";
identityFile = "/home/sajenim/.ssh/sajenim_sk"; identityFile = "/home/sajenim/.ssh/sajenim_sk";
port = 22; port = 22;
}; };

1
home-manager/sajenim/features/desktop/default.nix
View file

@ -6,7 +6,6 @@
imports = [ imports = [
./discord ./discord
./dunst ./dunst
./cava
./irc ./irc
./mpd ./mpd
./picom ./picom

3
home-manager/sajenim/features/printing/default.nix
View file

@ -3,9 +3,8 @@
packages = with pkgs; [ packages = with pkgs; [
blender blender
freecad freecad
kicad
openscad openscad
prusa-slicer orca-slicer
]; ];
}; };
} }

12
nixos/fuchsia/hardware-configuration.nix
View file

@ -48,17 +48,9 @@
enable = true; enable = true;
powerOnBoot = true; powerOnBoot = true;
}; };
pulseaudio = { graphics = {
enable = true; enable = true;
support32Bit = true; enable32Bit = true;
extraConfig = "load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1";
};
opengl = {
enable = true;
# Vulkan
driSupport = true;
driSupport32Bit = true;
# OpenCL
extraPackages = with pkgs; [ extraPackages = with pkgs; [
rocmPackages.clr.icd rocmPackages.clr.icd
]; ];

1
nixos/viridian/configuration.nix
View file

@ -10,7 +10,6 @@
./services/borgbackup ./services/borgbackup
./services/crowdsec ./services/crowdsec
./services/forgejo ./services/forgejo
./services/immich
./services/lighttpd ./services/lighttpd
./services/minecraft ./services/minecraft
./services/mpd ./services/mpd

2
nixos/viridian/hardware-configuration.nix
View file

@ -35,7 +35,7 @@
}; };
# Hardware configuration # Hardware configuration
hardware.opengl = { hardware.graphics = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
intel-media-driver intel-media-driver

2
nixos/viridian/multimedia/jellyfin/default.nix
View file

@ -33,7 +33,7 @@ in {
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
jellyfin = { jellyfin = {
rule = "Host(`jellyfin.kanto.dev`)"; rule = "Host(`jellyfin.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

2
nixos/viridian/multimedia/lidarr/default.nix
View file

@ -27,7 +27,7 @@ in {
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
lidarr = { lidarr = {
rule = "Host(`lidarr.kanto.dev`)"; rule = "Host(`lidarr.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

2
nixos/viridian/multimedia/prowlarr/default.nix
View file

@ -24,7 +24,7 @@ in {
}; };
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
prowlarr = { prowlarr = {
rule = "Host(`prowlarr.kanto.dev`)"; rule = "Host(`prowlarr.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

2
nixos/viridian/multimedia/qbittorrent/default.nix
View file

@ -27,7 +27,7 @@ in {
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
qbittorrent = { qbittorrent = {
rule = "Host(`qbittorrent.kanto.dev`)"; rule = "Host(`qbittorrent.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

2
nixos/viridian/multimedia/radarr/default.nix
View file

@ -26,7 +26,7 @@ in {
}; };
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
radarr = { radarr = {
rule = "Host(`radarr.kanto.dev`)"; rule = "Host(`radarr.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

2
nixos/viridian/multimedia/sonarr/default.nix
View file

@ -27,7 +27,7 @@ in {
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
sonarr = { sonarr = {
rule = "Host(`sonarr.kanto.dev`)"; rule = "Host(`sonarr.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

70
nixos/viridian/services/immich/default.nix
View file

@ -1,70 +0,0 @@
{
inputs,
pkgs,
config,
...
}: {
imports = [
"${inputs.nixpkgs-unstable}/nixos/modules/services/web-apps/immich.nix"
];
age.secrets.immich = {
rekeyFile = ./secrets.age;
owner = "immich";
group = "immich";
};
services.immich = {
enable = true;
package = pkgs.unstable.immich;
port = 5489;
host = "0.0.0.0";
openFirewall = true;
mediaLocation = "/var/lib/immich";
secretsFile = config.age.secrets.immich.path;
database = {
enable = true;
user = "immich";
name = "immich";
};
environment = {
TZ = "Australia/Perth";
DB_USERNAME = "immich";
DB_DATABASE_NAME = "immich";
};
};
services.traefik.dynamicConfigOptions.http.routers = {
immich = {
rule = "Host(`photos.kanto.dev`)";
entryPoints = [
"websecure"
];
middlewares = [
"internal"
];
service = "immich";
};
};
services.traefik.dynamicConfigOptions.http.services = {
immich.loadBalancer.servers = [
{url = "http://127.0.0.1:${toString config.services.immich.port}";}
];
};
environment.persistence."/persist" = {
directories = [
{
directory = "/var/lib/immich";
user = "immich";
group = "immich";
}
{
directory = "/var/lib/redis-immich";
user = "immich";
group = "immich";
}
];
};
}

9
nixos/viridian/services/immich/secrets.age
View file

@ -1,9 +0,0 @@
age-encryption.org/v1
-> piv-p256 hdSnGw Ave/yX17ylsK6RI5ei/oxD58h8nzXisgLiNvs8p7PKd4
eUz/WZTS3nQ8IyeBZd2/zzW4hjRexuYUuGAiLRFamb4
-> C[:7-grease
tVpdl3Ch
--- wTWoOAjmo0FL1kNZ/6QIMSwA4IV6XQkZLbWobJjnlPY
#º-Øth­„î ("ÎI
t-FmšÔƒK•cÿ×F ´SPdBÃ5
H%LOˆÅØ=½PÌ ÿ

2
nixos/viridian/services/minecraft/default.nix
View file

@ -81,7 +81,7 @@ in {
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
minecraft = { minecraft = {
rule = "Host(`minecraft.kanto.dev`)"; rule = "Host(`minecraft.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

2
nixos/viridian/services/mpd/default.nix
View file

@ -21,7 +21,7 @@
statdPort = 4000; statdPort = 4000;
extraNfsdConfig = ''''; extraNfsdConfig = '''';
exports = '' exports = ''
/srv/multimedia/library/music fuchsia.kanto.dev(rw,nohide,insecure,no_subtree_check) /srv/multimedia/library/music fuchsia.home.arpa(rw,nohide,insecure,no_subtree_check)
''; '';
}; };
networking.firewall = { networking.firewall = {

2
nixos/viridian/services/paperless-ngx/default.nix
View file

@ -18,7 +18,7 @@ in {
services.traefik.dynamicConfigOptions.http.routers = { services.traefik.dynamicConfigOptions.http.routers = {
paperless-ngx = { paperless-ngx = {
rule = "Host(`docs.kanto.dev`)"; rule = "Host(`docs.home.arpa`)";
entryPoints = [ entryPoints = [
"websecure" "websecure"
]; ];

7
nixos/viridian/services/traefik/default.nix
View file

@ -8,9 +8,7 @@
imports = [ imports = [
"${inputs.nixpkgs-unstable}/nixos/modules/services/web-servers/traefik.nix" "${inputs.nixpkgs-unstable}/nixos/modules/services/web-servers/traefik.nix"
./routers.nix
./middlewares.nix ./middlewares.nix
./services.nix
]; ];
age.secrets.traefik = { age.secrets.traefik = {
@ -88,11 +86,6 @@
certResolver = "lets-encrypt"; certResolver = "lets-encrypt";
# List of domains in our network # List of domains in our network
domains = [ domains = [
# Internal services
{
main = "kanto.dev";
sans = ["*.kanto.dev"];
}
# Public services # Public services
{ {
main = "sajenim.dev"; main = "sajenim.dev";

25
nixos/viridian/services/traefik/routers.nix
View file

@ -1,25 +0,0 @@
{...}: {
services.traefik.dynamicConfigOptions.http.routers = {
traefik-dashboard = {
rule = "Host(`traefik.kanto.dev`)";
entryPoints = [
"websecure"
];
middlewares = [
"internal"
];
service = "api@internal";
};
ender1 = {
rule = "Host(`e1.kanto.dev`)";
entryPoints = [
"websecure"
];
middlewares = [
"internal"
];
service = "ender1";
};
};
}

7
nixos/viridian/services/traefik/services.nix
View file

@ -1,7 +0,0 @@
{...}: {
services.traefik.dynamicConfigOptions.http.services = {
ender1.loadBalancer.servers = [
{url = "http://192.168.50.202:80";}
];
};
}