jan-leila/nix-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

made services in defiant configurable

Browse source
This commit is contained in:
Leyla Becker 2024-09-21 12:52:44 -05:00
parent a0e047db97
commit e3990cb6d2
3 changed files with 157 additions and 120 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -38,8 +38,6 @@ set up git configuration for local development: `git config --local include.path
## Tech Debt ## Tech Debt
- allowUnfree should be enabled user side not host side (this isn't enabled at all right now for some reason???) - allowUnfree should be enabled user side not host side (this isn't enabled at all right now for some reason???)
- move services from defiant into own flake
- made base domain in nas services configurable
- vscode extensions should be in own flake (make sure to add the nixpkgs.overlays in it too) - vscode extensions should be in own flake (make sure to add the nixpkgs.overlays in it too)
- server service system users should also be on local systems for file permission reasons - server service system users should also be on local systems for file permission reasons
## New Features ## New Features

271
enviroments/server/default.nix
View file

@ -1,4 +1,5 @@
{ {
lib,
config, config,
pkgs, pkgs,
... ...
@ -7,138 +8,172 @@
../common ../common
]; ];
users = { options = {
groups = { domains = {
jellyfin_media = { base_domain = lib.mkOption { type = lib.types.str; };
members = ["jellyfin" "leyla" "ester" "eve"]; headscale = {
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that headscale will be hosted at";
default = "headscale";
};
}; };
jellyfin = { jellyfin = {
members = ["jellyfin" "leyla"]; subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that jellyfin will be hosted at";
default = "jellyfin";
};
hostname = lib.mkOption {
type = lib.types.str;
description = "hosname that jellyfin will be hosted at";
default = "${config.domains.jellyfin.subdomain}.${config.domains.base_domain}";
};
}; };
forgejo = {
# forgejo = { subdomain = lib.mkOption {
# members = ["forgejo" "leyla"]; type = lib.types.str;
# }; description = "subdomain of base domain that foregjo will be hosted at";
}; default = "forgejo";
};
users = { hostname = lib.mkOption {
jellyfin = { type = lib.types.str;
uid = 2000; description = "hosname that forgejo will be hosted at";
group = "jellyfin"; default = "${config.domains.forgejo.subdomain}.${config.domains.base_domain}";
isSystemUser = true; };
}; };
# forgejo = {
# uid = 2001;
# group = "forgejo";
# isSystemUser = true;
# };
}; };
}; };
systemd.tmpfiles.rules = [ config = {
"d /home/jellyfin 755 jellyfin jellyfin -" users = {
"d /home/jellyfin/media 775 jellyfin jellyfin_media -" groups = {
"d /home/jellyfin/config 750 jellyfin jellyfin -" jellyfin_media = {
"d /home/jellyfin/cache 755 jellyfin jellyfin_media -" members = ["jellyfin" "leyla" "ester" "eve"];
# "d /home/forgejo 750 forgejo forgejo -" };
# "d /home/forgejo/data 750 forgejo forgejo -"
];
services = let jellyfin = {
jellyfinDomain = "jellyfin.jan-leila.com"; members = ["jellyfin" "leyla"];
headscaleDomain = "headscale.jan-leila.com"; };
# forgejoDomain = "forgejo.jan-leila.com";
in {
nfs.server = {
enable = true;
exports = ''
/home/leyla 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/eve 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/ester 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/users 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
'';
};
headscale = { # forgejo = {
enable = true; # members = ["forgejo" "leyla"];
address = "0.0.0.0"; # };
port = 8080;
settings = {
server_url = "https://${headscaleDomain}";
dns_config.base_domain = "jan-leila.com";
logtail.enabled = false;
}; };
};
jellyfin = { users = {
enable = true; jellyfin = {
user = "jellyfin"; uid = 2000;
group = "jellyfin"; group = "jellyfin";
dataDir = "/home/jellyfin/config"; # location on existing server: /home/docker/jellyfin/config isSystemUser = true;
cacheDir = "/home/jellyfin/cache"; # location on existing server: /home/docker/jellyfin/cache
openFirewall = false;
};
# TODO: figure out what needs to be here
# forgejo = {
# enable = true;
# database.type = "postgres";
# lfs.enable = true;
# settings = {
# server = {
# DOMAIN = forgejoDomain;
# HTTP_PORT = 8081;
# };
# service.DISABLE_REGISTRATION = true;
# };
# };
nginx = {
enable = false; # TODO: enable this when you want to test all the configs
virtualHosts = {
${headscaleDomain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
}; };
${jellyfinDomain} = {
forceSSL = true; # forgejo = {
enableACME = true; # uid = 2001;
locations."/".proxyPass = "http://localhost:8096"; # group = "forgejo";
}; # isSystemUser = true;
# ${forgejoDomain} = {
# forceSSL = true;
# enableACME = true;
# locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
# }; # };
}; };
}; };
systemd.tmpfiles.rules = [
"d /home/jellyfin 755 jellyfin jellyfin -"
"d /home/jellyfin/media 775 jellyfin jellyfin_media -"
"d /home/jellyfin/config 750 jellyfin jellyfin -"
"d /home/jellyfin/cache 755 jellyfin jellyfin_media -"
# "d /home/forgejo 750 forgejo forgejo -"
# "d /home/forgejo/data 750 forgejo forgejo -"
];
services = {
nfs.server = {
enable = true;
exports = ''
/home/leyla 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/eve 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/ester 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
/home/users 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
'';
};
headscale = {
enable = true;
address = "0.0.0.0";
port = 8080;
settings = {
server_url = "${config.domains.headscale.subdomain}.${config.domains.base_domain}";
dns_config.base_domain = config.domains.base_domain;
logtail.enabled = false;
};
};
jellyfin = {
enable = true;
user = "jellyfin";
group = "jellyfin";
dataDir = "/home/jellyfin/config"; # location on existing server: /home/docker/jellyfin/config
cacheDir = "/home/jellyfin/cache"; # location on existing server: /home/docker/jellyfin/cache
};
# TODO: figure out what needs to be here
# forgejo = {
# enable = true;
# database.type = "postgres";
# lfs.enable = true;
# settings = {
# server = {
# DOMAIN = forgejoDomain;
# HTTP_PORT = 8081;
# };
# service.DISABLE_REGISTRATION = true;
# };
# };
nginx = {
enable = false; # TODO: enable this when you want to test all the configs
virtualHosts = {
${config.domains.headscale.hostname} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.headscale.port}";
proxyWebsockets = true;
};
};
${config.domains.jellyfin.hostname} = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:8096";
};
# ${config.domains.forgejo.hostname} = {
# forceSSL = true;
# enableACME = true;
# locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
# };
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "jan-leila@protonmail.com";
};
# disable computer sleeping
systemd.targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
};
networking.firewall.allowedTCPPorts = [2049];
environment.systemPackages = [
config.services.headscale.package
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
}; };
security.acme = {
acceptTerms = true;
defaults.email = "jan-leila@protonmail.com";
};
# disable computer sleeping
systemd.targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
};
networking.firewall.allowedTCPPorts = [2049];
environment.systemPackages = [
config.services.headscale.package
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
} }

4
hosts/defiant/configuration.nix
View file

@ -25,6 +25,10 @@
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
domains = {
base_domain = "jan-leila.com";
};
services = { services = {
zfs = { zfs = {
autoScrub.enable = true; autoScrub.enable = true;