jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

drafted out pihole config

Browse source
This commit is contained in:
Leyla Becker 2024-09-21 18:50:04 -05:00
parent 521d319399
commit 7c7468cf20
1 changed files with 73 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
enviroments/server/default.nix
View file

@ -61,9 +61,14 @@
}; };
forgejo = { forgejo = {
uid = 2002; gid = 2002;
members = ["forgejo" "leyla"]; members = ["forgejo" "leyla"];
}; };
# pihole = {
# gid = 2003;
# members = ["pihole" "leyla"];
# };
}; };
users = { users = {
@ -78,18 +83,77 @@
group = "forgejo"; group = "forgejo";
isSystemUser = true; isSystemUser = true;
}; };
# pihole = {
# uid = 2003;
# group = "forgejo";
# isSystemUser = true;
# };
}; };
}; };
systemd.tmpfiles.rules = [ # virtualisation.oci-containers.containers.pihole = {
# image = "pihole/pihole:latest";
# environment = {
# TZ = "America/Chicago"; # TODO: set this to the systems timezone
# WEBPASSWORD_FILE = "..."; # TODO: set this from secrets file/config that is set to secrets file (I think this also needs to be mounted in volumns?)
# };
# volumes = [
# "/home/docker/pihole:/etc/pihole:rw" # TODO; set this based on configs
# ];
# ports = [
# "53:53/tcp"
# "53:53/udp"
# "3000:80/tcp" # TODO: bind container ip address?
# ];
# log-driver = "journald";
# extraOptions = [
# "--ip=172.18.1.5" # TODO: set this to some ip address from configs
# "--network-alias=pihole" # TODO: set this from configs
# "--network=nas_default"
# ];
# };
systemd = {
tmpfiles.rules = [
"d /home/jellyfin 755 jellyfin jellyfin -" "d /home/jellyfin 755 jellyfin jellyfin -"
"d /home/jellyfin/media 775 jellyfin jellyfin_media -" "d /home/jellyfin/media 775 jellyfin jellyfin_media -"
"d /home/jellyfin/config 750 jellyfin jellyfin -" "d /home/jellyfin/config 750 jellyfin jellyfin -"
"d /home/jellyfin/cache 755 jellyfin jellyfin_media -" "d /home/jellyfin/cache 755 jellyfin jellyfin_media -"
"d /home/forgejo 750 forgejo forgejo -" "d /home/forgejo 750 forgejo forgejo -"
"d /home/forgejo/data 750 forgejo forgejo -" "d /home/forgejo/data 750 forgejo forgejo -"
# "d /home/forgejo 750 pihole pihole -"
]; ];
# services = {
# pihole = {
# serviceConfig = {
# Restart = lib.mkOverride 500 "always";
# };
# after = [
# "podman-network-nas_default.service"
# ];
# requires = [
# "podman-network-nas_default.service"
# ];
# partOf = [
# "podman-compose-nas-root.target"
# ];
# wantedBy = [
# "podman-compose-nas-root.target"
# ];
# };
# };
# disable computer sleeping
targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
};
};
services = { services = {
nfs.server = { nfs.server = {
enable = true; enable = true;
@ -180,14 +244,6 @@
defaults.email = "jan-leila@protonmail.com"; defaults.email = "jan-leila@protonmail.com";
}; };
# disable computer sleeping
systemd.targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
};
networking.firewall.allowedTCPPorts = [2049 8081]; networking.firewall.allowedTCPPorts = [2049 8081];
environment.systemPackages = [ environment.systemPackages = [