jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jan-leila:7b9b394ad26fa67fe50acdf1cde582f29805c3df
Branches Tags
jan-leila:main
jan-leila:469ba567
..
compare: jan-leila:86c585111cf58f3aae11697cdf524d5e591f8f0d
Branches Tags
jan-leila:main
jan-leila:469ba567

No commits in common. "7b9b394ad26fa67fe50acdf1cde582f29805c3df" and "86c585111cf58f3aae11697cdf524d5e591f8f0d" have entirely different histories.
7b9b394ad2 ... 86c585111c

9 changed files with 39 additions and 88 deletions
Show stats Expand all files Collapse all files

1
configurations/home-manager/leyla/packages.nix
View file

@ -76,6 +76,7 @@ in {
# system tools
protonvpn-gui
openvpn
nextcloud-client
noisetorch
# hardware managment tools

9
configurations/nixos/defiant/configuration.nix
View file

@ -58,7 +58,6 @@
folder = "leyla";
user = "leyla";
group = "leyla";
bind = "/home/leyla/documents";
}
{
folder = "eve";
@ -70,12 +69,6 @@
user = "root";
group = "users";
}
{
folder = "media";
user = "jellyfin";
group = "jellyfin_media";
bind = config.host.jellyfin.media_directory;
}
];
nfs = {
enable = true;
@ -115,7 +108,7 @@
enable = false;
};
nextcloud = {
enable = false;
enable = true;
subdomain = "drive";
};
sync = {

24
configurations/nixos/horizon/hardware-configuration.nix
View file

@ -38,28 +38,40 @@
fsType = "vfat";
};
"/mnt/leyla_documents" = {
"/mnt/new_leyla_home" = {
device = "defiant:/exports/leyla";
fsType = "nfs";
options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/eve_documents" = {
"/mnt/new_eve_home" = {
device = "defiant:/exports/eve";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/users_documents" = {
"/mnt/new_users_home" = {
device = "defiant:/exports/users";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/media" = {
device = "defiant:/exports/media";
"/mnt/leyla_home" = {
device = "server.arpa:/home/leyla";
fsType = "nfs";
options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/share_home" = {
device = "server.arpa:/home/share";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/docker_home" = {
device = "server.arpa:/home/docker";
fsType = "nfs";
options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
};
};

14
configurations/nixos/twilight/hardware-configuration.nix
View file

@ -47,22 +47,22 @@
options = ["fmask=0022" "dmask=0022"];
};
"/mnt/leyla_documents" = {
device = "defiant:/exports/leyla";
"/mnt/leyla_home" = {
device = "server.arpa:/home/leyla";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/users_documents" = {
device = "defiant:/exports/users";
"/mnt/share_home" = {
device = "server.arpa:/home/share";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/media" = {
device = "defiant:/exports/media";
"/mnt/docker_home" = {
device = "server.arpa:/home/docker";
fsType = "nfs";
options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
};
};

54
modules/nixos-modules/server/home-assistant.nix
View file

@ -1,11 +1,9 @@
{
lib,
pkgs,
config,
...
}: let
configDir = "/var/lib/hass";
db_user = "hass";
in {
options.host.home-assistant = {
enable = lib.mkEnableOption "should home-assistant be enabled on this computer";
@ -18,57 +16,27 @@ in {
config = lib.mkIf config.host.home-assistant.enable (lib.mkMerge [
{
systemd.tmpfiles.rules = [
"f ${config.services.home-assistant.configDir}/automations.yaml 0755 hass hass"
];
services.home-assistant = {
enable = true;
package =
(pkgs.home-assistant.override {
extraPackages = py: with py; [psycopg2];
})
.overrideAttrs (oldAttrs: {
doInstallCheck = false;
});
configDir = configDir;
extraComponents = [
"esphome"
"met"
"radio_browser"
"isal"
"zha"
"jellyfin"
"webostv"
"tailscale"
"syncthing"
"sonos"
"analytics_insights"
"unifi"
"minecraft_server"
"openweathermap"
];
config = {
http = {
config.http = {
server_port = 8082;
use_x_forwarded_for = true;
trusted_proxies = ["127.0.0.1" "::1"];
ip_ban_enabled = true;
login_attempts_threshold = 10;
};
recorder.db_url = "postgresql://@/${db_user}";
"automation manual" = [];
"automation ui" = "!include automations.yaml";
};
extraPackages = python3Packages:
with python3Packages; [
numpy
gtts
];
};
systemd.services.home-assistant = {
requires = [
"postgresql.service"
];
};
host = {
reverse_proxy.subdomains.${config.host.home-assistant.subdomain} = {
target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}";
@ -76,33 +44,15 @@ in {
extraConfig = ''
add_header Upgrade $http_upgrade;
add_header Connection \"upgrade\";
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_read_timeout 90;
'';
};
postgres = {
enable = true;
extraUsers = {
${db_user} = {
isClient = true;
createUser = true;
};
};
extraDatabases = {
${db_user} = {
name = db_user;
};
};
};
};
}
(lib.mkIf config.host.impermanence.enable {

8
modules/nixos-modules/server/jellyfin.nix
View file

@ -7,6 +7,7 @@
jellyfinPort = 8096;
jellyfin_data_directory = "/var/lib/jellyfin";
jellyfin_cache_directory = "/var/cache/jellyfin";
jellyfin_media_directory = "/srv/jellyfin/media";
in {
options.host.jellyfin = {
enable = lib.mkEnableOption "should jellyfin be enabled on this computer";
@ -20,11 +21,6 @@ in {
description = "ex subdomain of base domain that jellyfin will be hosted at";
default = [];
};
media_directory = lib.mkOption {
type = lib.types.str;
description = "directory jellyfin media will be hosted at";
default = "/srv/jellyfin/media";
};
};
config = lib.mkIf config.host.jellyfin.enable (
@ -130,7 +126,7 @@ in {
hideMounts = true;
directories = [
{
directory = config.host.jellyfin.media_directory;
directory = jellyfin_media_directory;
user = "jellyfin";
group = "jellyfin_media";
mode = "1770";

2
modules/nixos-modules/server/network_storage/default.nix
View file

@ -57,7 +57,7 @@ in {
# create any folders that we need to have for our exports
systemd.tmpfiles.rules =
[
"d ${config.host.network_storage.export_directory} 2775 root root -"
"d ${config.host.network_storage.export_directory} 2770 root root -"
]
++ (
builtins.map (

4
modules/nixos-modules/server/network_storage/nfs.nix
View file

@ -38,8 +38,8 @@
services.nfs.server = {
enable = true;
exports = lib.strings.concatLines (
lib.lists.imap0 (
i: directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt,fsid=${builtins.toString i})"
builtins.map (
directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt)"
)
(
builtins.filter (

1
modules/nixos-modules/server/postgres.nix
View file

@ -65,7 +65,6 @@ in {
++ (
builtins.map (user: {
name = user.name;
ensureDBOwnership = true;
})
createUsers
);