diff --git a/configurations/home-manager/leyla/packages.nix b/configurations/home-manager/leyla/packages.nix index cceffb6..11c7af1 100644 --- a/configurations/home-manager/leyla/packages.nix +++ b/configurations/home-manager/leyla/packages.nix @@ -76,6 +76,7 @@ in { # system tools protonvpn-gui openvpn + nextcloud-client noisetorch # hardware managment tools diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index f70a15d..9d6a434 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -58,7 +58,6 @@ folder = "leyla"; user = "leyla"; group = "leyla"; - bind = "/home/leyla/documents"; } { folder = "eve"; @@ -70,12 +69,6 @@ user = "root"; group = "users"; } - { - folder = "media"; - user = "jellyfin"; - group = "jellyfin_media"; - bind = config.host.jellyfin.media_directory; - } ]; nfs = { enable = true; @@ -115,7 +108,7 @@ enable = false; }; nextcloud = { - enable = false; + enable = true; subdomain = "drive"; }; sync = { diff --git a/configurations/nixos/horizon/hardware-configuration.nix b/configurations/nixos/horizon/hardware-configuration.nix index cb72d55..48a4680 100644 --- a/configurations/nixos/horizon/hardware-configuration.nix +++ b/configurations/nixos/horizon/hardware-configuration.nix @@ -38,28 +38,40 @@ fsType = "vfat"; }; - "/mnt/leyla_documents" = { + "/mnt/new_leyla_home" = { device = "defiant:/exports/leyla"; fsType = "nfs"; options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/eve_documents" = { + "/mnt/new_eve_home" = { device = "defiant:/exports/eve"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/users_documents" = { + "/mnt/new_users_home" = { device = "defiant:/exports/users"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/media" = { - device = "defiant:/exports/media"; + "/mnt/leyla_home" = { + device = "server.arpa:/home/leyla"; fsType = "nfs"; - options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + }; + + "/mnt/share_home" = { + device = "server.arpa:/home/share"; + fsType = "nfs"; + options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + }; + + "/mnt/docker_home" = { + device = "server.arpa:/home/docker"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"]; }; }; diff --git a/configurations/nixos/twilight/hardware-configuration.nix b/configurations/nixos/twilight/hardware-configuration.nix index 81b32ae..d547c9c 100644 --- a/configurations/nixos/twilight/hardware-configuration.nix +++ b/configurations/nixos/twilight/hardware-configuration.nix @@ -47,22 +47,22 @@ options = ["fmask=0022" "dmask=0022"]; }; - "/mnt/leyla_documents" = { - device = "defiant:/exports/leyla"; + "/mnt/leyla_home" = { + device = "server.arpa:/home/leyla"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/users_documents" = { - device = "defiant:/exports/users"; + "/mnt/share_home" = { + device = "server.arpa:/home/share"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/media" = { - device = "defiant:/exports/media"; + "/mnt/docker_home" = { + device = "server.arpa:/home/docker"; fsType = "nfs"; - options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"]; }; }; diff --git a/modules/nixos-modules/server/home-assistant.nix b/modules/nixos-modules/server/home-assistant.nix index 5c4b81f..63f67d2 100644 --- a/modules/nixos-modules/server/home-assistant.nix +++ b/modules/nixos-modules/server/home-assistant.nix @@ -1,11 +1,9 @@ { lib, - pkgs, config, ... }: let configDir = "/var/lib/hass"; - db_user = "hass"; in { options.host.home-assistant = { enable = lib.mkEnableOption "should home-assistant be enabled on this computer"; @@ -18,45 +16,20 @@ in { config = lib.mkIf config.host.home-assistant.enable (lib.mkMerge [ { - systemd.tmpfiles.rules = [ - "f ${config.services.home-assistant.configDir}/automations.yaml 0755 hass hass" - ]; services.home-assistant = { enable = true; - package = - (pkgs.home-assistant.override { - extraPackages = py: with py; [psycopg2]; - }) - .overrideAttrs (oldAttrs: { - doInstallCheck = false; - }); - configDir = configDir; extraComponents = [ + "esphome" "met" "radio_browser" "isal" - "zha" - "jellyfin" - "webostv" - "tailscale" - "syncthing" - "sonos" - "analytics_insights" - "unifi" - "minecraft_server" - "openweathermap" ]; - config = { - http = { - server_port = 8082; - use_x_forwarded_for = true; - trusted_proxies = ["127.0.0.1" "::1"]; - ip_ban_enabled = true; - login_attempts_threshold = 10; - }; - recorder.db_url = "postgresql://@/${db_user}"; - "automation manual" = []; - "automation ui" = "!include automations.yaml"; + config.http = { + server_port = 8082; + use_x_forwarded_for = true; + trusted_proxies = ["127.0.0.1" "::1"]; + ip_ban_enabled = true; + login_attempts_threshold = 10; }; extraPackages = python3Packages: with python3Packages; [ @@ -64,11 +37,6 @@ in { gtts ]; }; - systemd.services.home-assistant = { - requires = [ - "postgresql.service" - ]; - }; host = { reverse_proxy.subdomains.${config.host.home-assistant.subdomain} = { target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}"; @@ -76,33 +44,15 @@ in { extraConfig = '' add_header Upgrade $http_upgrade; add_header Connection \"upgrade\"; - proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - proxy_buffering off; - proxy_read_timeout 90; ''; }; - postgres = { - enable = true; - extraUsers = { - ${db_user} = { - isClient = true; - createUser = true; - }; - }; - extraDatabases = { - ${db_user} = { - name = db_user; - }; - }; - }; }; } (lib.mkIf config.host.impermanence.enable { diff --git a/modules/nixos-modules/server/jellyfin.nix b/modules/nixos-modules/server/jellyfin.nix index ba58fe9..4746ad3 100644 --- a/modules/nixos-modules/server/jellyfin.nix +++ b/modules/nixos-modules/server/jellyfin.nix @@ -7,6 +7,7 @@ jellyfinPort = 8096; jellyfin_data_directory = "/var/lib/jellyfin"; jellyfin_cache_directory = "/var/cache/jellyfin"; + jellyfin_media_directory = "/srv/jellyfin/media"; in { options.host.jellyfin = { enable = lib.mkEnableOption "should jellyfin be enabled on this computer"; @@ -20,11 +21,6 @@ in { description = "ex subdomain of base domain that jellyfin will be hosted at"; default = []; }; - media_directory = lib.mkOption { - type = lib.types.str; - description = "directory jellyfin media will be hosted at"; - default = "/srv/jellyfin/media"; - }; }; config = lib.mkIf config.host.jellyfin.enable ( @@ -130,7 +126,7 @@ in { hideMounts = true; directories = [ { - directory = config.host.jellyfin.media_directory; + directory = jellyfin_media_directory; user = "jellyfin"; group = "jellyfin_media"; mode = "1770"; diff --git a/modules/nixos-modules/server/network_storage/default.nix b/modules/nixos-modules/server/network_storage/default.nix index f756738..fecc05f 100644 --- a/modules/nixos-modules/server/network_storage/default.nix +++ b/modules/nixos-modules/server/network_storage/default.nix @@ -57,7 +57,7 @@ in { # create any folders that we need to have for our exports systemd.tmpfiles.rules = [ - "d ${config.host.network_storage.export_directory} 2775 root root -" + "d ${config.host.network_storage.export_directory} 2770 root root -" ] ++ ( builtins.map ( diff --git a/modules/nixos-modules/server/network_storage/nfs.nix b/modules/nixos-modules/server/network_storage/nfs.nix index 9aaab39..e793b16 100644 --- a/modules/nixos-modules/server/network_storage/nfs.nix +++ b/modules/nixos-modules/server/network_storage/nfs.nix @@ -38,8 +38,8 @@ services.nfs.server = { enable = true; exports = lib.strings.concatLines ( - lib.lists.imap0 ( - i: directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt,fsid=${builtins.toString i})" + builtins.map ( + directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt)" ) ( builtins.filter ( diff --git a/modules/nixos-modules/server/postgres.nix b/modules/nixos-modules/server/postgres.nix index 71ce44c..8d57d42 100644 --- a/modules/nixos-modules/server/postgres.nix +++ b/modules/nixos-modules/server/postgres.nix @@ -65,7 +65,6 @@ in { ++ ( builtins.map (user: { name = user.name; - ensureDBOwnership = true; }) createUsers );