jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jan-leila:3ec99b599bc3f022249c6a604f3793061f664865
Branches Tags
jan-leila:main
jan-leila:469ba567
..
compare: jan-leila:33ea6db98bbbbc816829fe9b618ac14e9b46b4f3
Branches Tags
jan-leila:main
jan-leila:469ba567

No commits in common. "3ec99b599bc3f022249c6a604f3793061f664865" and "33ea6db98bbbbc816829fe9b618ac14e9b46b4f3" have entirely different histories.
3ec99b599b ... 33ea6db98b

8 changed files with 40 additions and 134 deletions
Show stats Expand all files Collapse all files

4
configurations/nixos/defiant/configuration.nix
View file

@ -114,10 +114,6 @@
adguardhome = { adguardhome = {
enable = false; enable = false;
}; };
immich = {
enable = true;
subdomain = "photos";
};
sync = { sync = {
enable = true; enable = true;
folders = { folders = {

26
configurations/nixos/horizon/hardware-configuration.nix
View file

@ -41,71 +41,65 @@
}; };
"/mnt/leyla_documents" = { "/mnt/leyla_documents" = {
device = "defiant:/export/leyla_documents"; device = "defiant:/exports/leyla_documents";
fsType = "nfs"; fsType = "nfs";
options = [ options = [
"vers=4"
"x-systemd.automount" "x-systemd.automount"
"noauto" "noauto"
"user" "user"
"noatime" "noatime"
"nofail" "nofail"
"soft"
"x-systemd.idle-timeout=600" "x-systemd.idle-timeout=600"
"fsc" "fsc"
"timeo=600"
"retrans=2"
]; ];
}; };
"/mnt/eve_documents" = { "/mnt/eve_documents" = {
device = "defiant:/export/eve_documents"; device = "defiant:/exports/eve_documents";
fsType = "nfs"; fsType = "nfs";
options = [ options = [
"vers=4"
"x-systemd.automount" "x-systemd.automount"
"noauto" "noauto"
"user" "user"
"nofail" "nofail"
"soft"
"x-systemd.idle-timeout=600" "x-systemd.idle-timeout=600"
"fsc" "fsc"
"timeo=600"
"retrans=2"
]; ];
}; };
"/mnt/users_documents" = { "/mnt/users_documents" = {
device = "defiant:/export/users_documents"; device = "defiant:/exports/users_documents";
fsType = "nfs"; fsType = "nfs";
options = [ options = [
"vers=4"
"x-systemd.automount" "x-systemd.automount"
"noauto" "noauto"
"user" "user"
"nofail" "nofail"
"soft"
"x-systemd.idle-timeout=600" "x-systemd.idle-timeout=600"
"fsc" "fsc"
"timeo=600"
"retrans=2"
]; ];
}; };
"/mnt/media" = { "/mnt/media" = {
device = "defiant:/export/media"; device = "defiant:/exports/media";
fsType = "nfs"; fsType = "nfs";
options = [ options = [
"vers=4"
"x-systemd.automount" "x-systemd.automount"
"noauto" "noauto"
"user" "user"
"noatime" "noatime"
"nofail" "nofail"
"soft"
"x-systemd.idle-timeout=600" "x-systemd.idle-timeout=600"
"noatime" "noatime"
"nodiratime" "nodiratime"
"relatime" "relatime"
"rsize=32768"
"wsize=32768"
"fsc" "fsc"
"timeo=600"
"retrans=2"
]; ];
}; };
}; };

6
configurations/syncthing/default.nix
View file

@ -67,9 +67,6 @@
share = { share = {
folder = config.folders.share; folder = config.folders.share;
}; };
leyla_documents = {
folder = config.folders.leyla_documents;
};
}; };
}; };
ceder = { ceder = {
@ -78,9 +75,6 @@
share = { share = {
folder = config.folders.share; folder = config.folders.share;
}; };
leyla_documents = {
folder = config.folders.leyla_documents;
};
leyla_calendar = { leyla_calendar = {
folder = config.folders.leyla_calendar; folder = config.folders.leyla_calendar;
}; };

1
modules/nixos-modules/server/default.nix
View file

@ -10,6 +10,5 @@
./searx.nix ./searx.nix
./home-assistant.nix ./home-assistant.nix
./adguardhome.nix ./adguardhome.nix
./immich.nix
]; ];
} }

68
modules/nixos-modules/server/immich.nix
View file

@ -1,68 +0,0 @@
{
lib,
config,
...
}: let
mediaLocation = "/var/lib/immich";
in {
options.host.immich = {
enable = lib.mkEnableOption "should immich be enabled on this computer";
subdomain = lib.mkOption {
type = lib.types.str;
description = "subdomain of base domain that immich will be hosted at";
default = "immich";
};
};
config = lib.mkIf config.host.immich.enable (lib.mkMerge [
{
host = {
reverse_proxy.subdomains.${config.host.immich.subdomain} = {
target = "http://localhost:${toString config.services.immich.port}";
};
postgres = {
enable = true;
extraUsers = {
${config.services.immich.database.user} = {
isClient = true;
};
};
};
};
services.immich = {
enable = true;
port = 2283;
# redis.enable = false;
};
networking.firewall.interfaces.${config.services.tailscale.interfaceName} = {
allowedUDPPorts = [
config.services.immich.port
];
allowedTCPPorts = [
config.services.immich.port
];
};
}
(lib.mkIf config.host.impermanence.enable {
assertions = [
{
assertion = config.services.immich.mediaLocation == mediaLocation;
message = "immich media location does not match persistence";
}
];
environment.persistence."/persist/system/root" = {
enable = true;
hideMounts = true;
directories = [
{
directory = mediaLocation;
user = "immich";
group = "immich";
}
];
};
})
]);
}

22
modules/nixos-modules/server/network_storage/default.nix
View file

@ -15,7 +15,7 @@ in {
export_directory = lib.mkOption { export_directory = lib.mkOption {
type = lib.types.path; type = lib.types.path;
description = "what are exports going to be stored in"; description = "what are exports going to be stored in";
default = "/export"; default = "/exports";
}; };
directories = lib.mkOption { directories = lib.mkOption {
type = lib.types.listOf (lib.types.submodule ({config, ...}: { type = lib.types.listOf (lib.types.submodule ({config, ...}: {
@ -57,7 +57,7 @@ in {
# create any folders that we need to have for our exports # create any folders that we need to have for our exports
systemd.tmpfiles.rules = systemd.tmpfiles.rules =
[ [
"d ${config.host.network_storage.export_directory} 2775 nobody nogroup -" "d ${config.host.network_storage.export_directory} 2775 root root -"
] ]
++ ( ++ (
builtins.map ( builtins.map (
@ -77,14 +77,14 @@ in {
) )
); );
} }
# (lib.mkIf config.host.impermanence.enable { (lib.mkIf config.host.impermanence.enable {
# environment.persistence."/persist/system/root" = { environment.persistence."/persist/system/root" = {
# enable = true; enable = true;
# hideMounts = true; hideMounts = true;
# directories = [ directories = [
# config.host.network_storage.export_directory config.host.network_storage.export_directory
# ]; ];
# }; };
# }) })
]); ]);
} }

15
modules/nixos-modules/server/network_storage/nfs.nix
View file

@ -56,20 +56,11 @@
++ ( ++ (
lib.lists.imap0 ( lib.lists.imap0 (
i: directory: let i: directory: let
createOptions = fsid: "(rw,fsid=${toString fsid},nohide,insecure,no_subtree_check)"; option = fsid: "(rw,fsid=${toString fsid},nohide,insecure,no_subtree_check)";
addresses = [ addresses = ["100.64.0.0/10" "192.168.0.0/24" "127.0.0.1"];
# loopback
"127.0.0.1"
"::1"
# local network
# "192.168.0.0/24"
# tailscale
"100.64.0.0/10"
"fd7a:115c:a1e0::/48"
];
options = lib.strings.concatStrings ( options = lib.strings.concatStrings (
lib.strings.intersperse " " ( lib.strings.intersperse " " (
lib.lists.imap0 (index: address: "${address}${createOptions (1 + (i * (builtins.length addresses)) + index)}") addresses lib.lists.imap0 (index: address: "${address}${option (1 + (i * (builtins.length addresses)) + index)}") addresses
) )
); );
in "${directory._directory} ${options}" in "${directory._directory} ${options}"

32
modules/nixos-modules/users.nix
View file

@ -19,10 +19,10 @@
forgejo = 2002; forgejo = 2002;
adguardhome = 2003; adguardhome = 2003;
hass = 2004; hass = 2004;
headscale = 2005;
syncthing = 2007; syncthing = 2007;
ollama = 2008; ollama = 2008;
git = 2009; git = 2009;
immich = 2010;
}; };
gids = { gids = {
@ -34,10 +34,10 @@
forgejo = 2002; forgejo = 2002;
adguardhome = 2003; adguardhome = 2003;
hass = 2004; hass = 2004;
headscale = 2005;
syncthing = 2007; syncthing = 2007;
ollama = 2008; ollama = 2008;
git = 2009; git = 2009;
immich = 2010;
}; };
users = config.users.users; users = config.users.users;
@ -135,6 +135,12 @@ in {
group = config.users.users.hass.name; group = config.users.users.hass.name;
}; };
headscale = {
uid = lib.mkForce uids.headscale;
isSystemUser = true;
group = config.users.users.headscale.name;
};
syncthing = { syncthing = {
uid = lib.mkForce uids.syncthing; uid = lib.mkForce uids.syncthing;
isSystemUser = true; isSystemUser = true;
@ -153,12 +159,6 @@ in {
isNormalUser = config.services.forgejo.enable; isNormalUser = config.services.forgejo.enable;
group = config.users.users.git.name; group = config.users.users.git.name;
}; };
immich = {
uid = lib.mkForce uids.immich;
isSystemUser = true;
group = config.users.users.immich.name;
};
}; };
groups = { groups = {
@ -225,6 +225,14 @@ in {
]; ];
}; };
headscale = {
gid = lib.mkForce gids.headscale;
members = [
users.headscale.name
# leyla
];
};
syncthing = { syncthing = {
gid = lib.mkForce gids.syncthing; gid = lib.mkForce gids.syncthing;
members = [ members = [
@ -247,14 +255,6 @@ in {
users.git.name users.git.name
]; ];
}; };
immich = {
gid = lib.mkForce gids.immich;
members = [
users.immich.name
# leyla
];
};
}; };
}; };
} }