jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jan-leila:3ec99b599bc3f022249c6a604f3793061f664865
Branches Tags
jan-leila:main
jan-leila:469ba567
..
compare: jan-leila:33ea6db98bbbbc816829fe9b618ac14e9b46b4f3
Branches Tags
jan-leila:main
jan-leila:469ba567

No commits in common. "3ec99b599bc3f022249c6a604f3793061f664865" and "33ea6db98bbbbc816829fe9b618ac14e9b46b4f3" have entirely different histories.
3ec99b599b ... 33ea6db98b

8 changed files with 40 additions and 134 deletions
Show stats Expand all files Collapse all files

4
configurations/nixos/defiant/configuration.nix
View file

@ -114,10 +114,6 @@
adguardhome = {
enable = false;
};
immich = {
enable = true;
subdomain = "photos";
};
sync = {
enable = true;
folders = {

26
configurations/nixos/horizon/hardware-configuration.nix
View file

@ -41,71 +41,65 @@
};
"/mnt/leyla_documents" = {
device = "defiant:/export/leyla_documents";
device = "defiant:/exports/leyla_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/eve_documents" = {
device = "defiant:/export/eve_documents";
device = "defiant:/exports/eve_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/users_documents" = {
device = "defiant:/export/users_documents";
device = "defiant:/exports/users_documents";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"fsc"
"timeo=600"
"retrans=2"
];
};
"/mnt/media" = {
device = "defiant:/export/media";
device = "defiant:/exports/media";
fsType = "nfs";
options = [
"vers=4"
"x-systemd.automount"
"noauto"
"user"
"noatime"
"nofail"
"soft"
"x-systemd.idle-timeout=600"
"noatime"
"nodiratime"
"relatime"
"rsize=32768"
"wsize=32768"
"fsc"
"timeo=600"
"retrans=2"
];
};
};

6
configurations/syncthing/default.nix
View file

@ -67,9 +67,6 @@
share = {
folder = config.folders.share;
};
leyla_documents = {
folder = config.folders.leyla_documents;
};
};
};
ceder = {
@ -78,9 +75,6 @@
share = {
folder = config.folders.share;
};
leyla_documents = {
folder = config.folders.leyla_documents;
};
leyla_calendar = {
folder = config.folders.leyla_calendar;
};

1
modules/nixos-modules/server/default.nix
View file

@ -10,6 +10,5 @@
./searx.nix
./home-assistant.nix
./adguardhome.nix
./immich.nix
];
}

68
modules/nixos-modules/server/immich.nix
View file

@ -1,68 +0,0 @@
{
lib,
config,
...
}: let
mediaLocation = "/var/lib/immich";
in {
options.host.immich = {
enable = lib.mkEnableOption "should immich be enabled on this computer";
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that immich will be hosted at";
default = "immich";
};
};
config = lib.mkIf config.host.immich.enable (lib.mkMerge [
{
host = {
reverse_proxy.subdomains.${config.host.immich.subdomain} = {
target = "http://localhost:${toString config.services.immich.port}";
};
postgres = {
enable = true;
extraUsers = {
${config.services.immich.database.user} = {
isClient = true;
};
};
};
};
services.immich = {
enable = true;
port = 2283;
# redis.enable = false;
};
networking.firewall.interfaces.${config.services.tailscale.interfaceName} = {
allowedUDPPorts = [
config.services.immich.port
];
allowedTCPPorts = [
config.services.immich.port
];
};
}
(lib.mkIf config.host.impermanence.enable {
assertions = [
{
assertion = config.services.immich.mediaLocation == mediaLocation;
message = "immich media location does not match persistence";
}
];
environment.persistence."/persist/system/root" = {
enable = true;
hideMounts = true;
directories = [
{
directory = mediaLocation;
user = "immich";
group = "immich";
}
];
};
})
]);
}

22
modules/nixos-modules/server/network_storage/default.nix
View file

@ -15,7 +15,7 @@ in {
export_directory = lib.mkOption {
type = lib.types.path;
description = "what are exports going to be stored in";
default = "/export";
default = "/exports";
};
directories = lib.mkOption {
type = lib.types.listOf (lib.types.submodule ({config, ...}: {
@ -57,7 +57,7 @@ in {
# create any folders that we need to have for our exports
systemd.tmpfiles.rules =
[
"d ${config.host.network_storage.export_directory} 2775 nobody nogroup -"
"d ${config.host.network_storage.export_directory} 2775 root root -"
]
++ (
builtins.map (
@ -77,14 +77,14 @@ in {
)
);
}
# (lib.mkIf config.host.impermanence.enable {
# environment.persistence."/persist/system/root" = {
# enable = true;
# hideMounts = true;
# directories = [
# config.host.network_storage.export_directory
# ];
# };
# })
(lib.mkIf config.host.impermanence.enable {
environment.persistence."/persist/system/root" = {
enable = true;
hideMounts = true;
directories = [
config.host.network_storage.export_directory
];
};
})
]);
}

15
modules/nixos-modules/server/network_storage/nfs.nix
View file

@ -56,20 +56,11 @@
++ (
lib.lists.imap0 (
i: directory: let
createOptions = fsid: "(rw,fsid=${toString fsid},nohide,insecure,no_subtree_check)";
addresses = [
# loopback
"127.0.0.1"
"::1"
# local network
# "192.168.0.0/24"
# tailscale
"100.64.0.0/10"
"fd7a:115c:a1e0::/48"
];
option = fsid: "(rw,fsid=${toString fsid},nohide,insecure,no_subtree_check)";
addresses = ["100.64.0.0/10" "192.168.0.0/24" "127.0.0.1"];
options = lib.strings.concatStrings (
lib.strings.intersperse " " (
lib.lists.imap0 (index: address: "${address}${createOptions (1 + (i * (builtins.length addresses)) + index)}") addresses
lib.lists.imap0 (index: address: "${address}${option (1 + (i * (builtins.length addresses)) + index)}") addresses
)
);
in "${directory._directory} ${options}"

32
modules/nixos-modules/users.nix
View file

@ -19,10 +19,10 @@
forgejo = 2002;
adguardhome = 2003;
hass = 2004;
headscale = 2005;
syncthing = 2007;
ollama = 2008;
git = 2009;
immich = 2010;
};
gids = {
@ -34,10 +34,10 @@
forgejo = 2002;
adguardhome = 2003;
hass = 2004;
headscale = 2005;
syncthing = 2007;
ollama = 2008;
git = 2009;
immich = 2010;
};
users = config.users.users;
@ -135,6 +135,12 @@ in {
group = config.users.users.hass.name;
};
headscale = {
uid = lib.mkForce uids.headscale;
isSystemUser = true;
group = config.users.users.headscale.name;
};
syncthing = {
uid = lib.mkForce uids.syncthing;
isSystemUser = true;
@ -153,12 +159,6 @@ in {
isNormalUser = config.services.forgejo.enable;
group = config.users.users.git.name;
};
immich = {
uid = lib.mkForce uids.immich;
isSystemUser = true;
group = config.users.users.immich.name;
};
};
groups = {
@ -225,6 +225,14 @@ in {
];
};
headscale = {
gid = lib.mkForce gids.headscale;
members = [
users.headscale.name
# leyla
];
};
syncthing = {
gid = lib.mkForce gids.syncthing;
members = [
@ -247,14 +255,6 @@ in {
users.git.name
];
};
immich = {
gid = lib.mkForce gids.immich;
members = [
users.immich.name
# leyla
];
};
};
};
}