forked from jan-leila/nix-config
ran linter
This commit is contained in:
parent
5da0753b7c
commit
dcd5accea0
23 changed files with 372 additions and 309 deletions
|
|
@ -1,11 +1,9 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
imports = [
|
||||
../common
|
||||
];
|
||||
|
||||
services = {
|
||||
|
||||
# Enable CUPS to print documents.
|
||||
printing.enable = true;
|
||||
|
||||
|
|
@ -21,7 +19,7 @@
|
|||
};
|
||||
|
||||
# Get rid of xTerm
|
||||
excludePackages = [ pkgs.xterm ];
|
||||
excludePackages = [pkgs.xterm];
|
||||
|
||||
# Configure keymap in X11
|
||||
xkb = {
|
||||
|
|
@ -44,7 +42,6 @@
|
|||
};
|
||||
};
|
||||
|
||||
|
||||
# Enable sound with pipewire.
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
|
|
@ -57,4 +54,4 @@
|
|||
|
||||
gnomeExtensions.dash-to-dock
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,11 +1,10 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
{pkgs, ...}: {
|
||||
imports = [
|
||||
../../users
|
||||
../../users
|
||||
];
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
nix.settings.trusted-users = [ "leyla" ];
|
||||
nix.settings.experimental-features = ["nix-command" "flakes"];
|
||||
nix.settings.trusted-users = ["leyla"];
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
|
|
@ -32,10 +31,10 @@
|
|||
services = {
|
||||
openssh = {
|
||||
enable = true;
|
||||
ports = [ 22 ];
|
||||
ports = [22];
|
||||
settings = {
|
||||
PasswordAuthentication = false;
|
||||
AllowUsers = [ "leyla" ]; # Allows all users by default. Can be [ "user1" "user2" ]
|
||||
AllowUsers = ["leyla"]; # Allows all users by default. Can be [ "user1" "user2" ]
|
||||
UseDns = true;
|
||||
X11Forwarding = false;
|
||||
};
|
||||
|
|
@ -47,7 +46,7 @@
|
|||
defaultSopsFormat = "yaml";
|
||||
gnupg.sshKeyPaths = [];
|
||||
|
||||
age ={
|
||||
age = {
|
||||
keyFile = "/var/lib/sops-nix/key.txt";
|
||||
sshKeyPaths = [];
|
||||
# generateKey = true;
|
||||
|
|
@ -68,4 +67,4 @@
|
|||
iputils
|
||||
dnsutils
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,21 +1,40 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
imports = [
|
||||
../common
|
||||
];
|
||||
|
||||
users.groups.jellyfin_media = {
|
||||
members = ["jellyfin" "leyla" "ester" "eve"];
|
||||
};
|
||||
users = {
|
||||
groups = {
|
||||
jellyfin_media = {
|
||||
members = ["jellyfin" "leyla" "ester" "eve"];
|
||||
};
|
||||
|
||||
users.groups.jellyfin = {
|
||||
members = ["jellyfin" "leyla"];
|
||||
};
|
||||
jellyfin = {
|
||||
members = ["jellyfin" "leyla"];
|
||||
};
|
||||
|
||||
users.users.jellyfin = {
|
||||
uid = 2000;
|
||||
group = "jellyfin";
|
||||
isSystemUser = true;
|
||||
# forgejo = {
|
||||
# members = ["forgejo" "leyla"];
|
||||
# };
|
||||
};
|
||||
|
||||
users = {
|
||||
jellyfin = {
|
||||
uid = 2000;
|
||||
group = "jellyfin";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
# forgejo = {
|
||||
# uid = 2001;
|
||||
# group = "forgejo";
|
||||
# isSystemUser = true;
|
||||
# };
|
||||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
|
|
@ -23,11 +42,14 @@
|
|||
"d /home/jellyfin/media 775 jellyfin jellyfin_media -"
|
||||
"d /home/jellyfin/config 750 jellyfin jellyfin -"
|
||||
"d /home/jellyfin/cache 755 jellyfin jellyfin_media -"
|
||||
# "d /home/forgejo 750 forgejo forgejo -"
|
||||
# "d /home/forgejo/data 750 forgejo forgejo -"
|
||||
];
|
||||
|
||||
services = let
|
||||
jellyfinDomain = "jellyfin.jan-leila.com";
|
||||
headscaleDomain = "headscale.jan-leila.com";
|
||||
# forgejoDomain = "forgejo.jan-leila.com";
|
||||
in {
|
||||
nfs.server = {
|
||||
enable = true;
|
||||
|
|
@ -59,6 +81,20 @@
|
|||
openFirewall = false;
|
||||
};
|
||||
|
||||
# TODO: figure out what needs to be here
|
||||
# forgejo = {
|
||||
# enable = true;
|
||||
# database.type = "postgres";
|
||||
# lfs.enable = true;
|
||||
# settings = {
|
||||
# server = {
|
||||
# DOMAIN = forgejoDomain;
|
||||
# HTTP_PORT = 8081;
|
||||
# };
|
||||
# service.DISABLE_REGISTRATION = true;
|
||||
# };
|
||||
# };
|
||||
|
||||
nginx = {
|
||||
enable = false; # TODO: enable this when you want to test all the configs
|
||||
virtualHosts = {
|
||||
|
|
@ -66,20 +102,20 @@
|
|||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass =
|
||||
"http://localhost:${toString config.services.headscale.port}";
|
||||
proxyPass = "http://localhost:${toString config.services.headscale.port}";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
${jellyfinDomain} = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass =
|
||||
"http://localhost:8096";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
locations."/".proxyPass = "http://localhost:8096";
|
||||
};
|
||||
# ${forgejoDomain} = {
|
||||
# forceSSL = true;
|
||||
# enableACME = true;
|
||||
# locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
|
||||
# };
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
@ -97,7 +133,7 @@
|
|||
hybrid-sleep.enable = false;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 2049 ];
|
||||
networking.firewall.allowedTCPPorts = [2049];
|
||||
|
||||
environment.systemPackages = [
|
||||
config.services.headscale.package
|
||||
|
|
@ -105,4 +141,4 @@
|
|||
pkgs.jellyfin-web
|
||||
pkgs.jellyfin-ffmpeg
|
||||
];
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue