From 99e57603c768e5e75abf8984568178e68592987d Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Fri, 7 Mar 2025 18:54:22 -0600 Subject: [PATCH 1/6] added components to home assistant --- modules/nixos-modules/server/home-assistant.nix | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/modules/nixos-modules/server/home-assistant.nix b/modules/nixos-modules/server/home-assistant.nix index 63f67d2..8ff688f 100644 --- a/modules/nixos-modules/server/home-assistant.nix +++ b/modules/nixos-modules/server/home-assistant.nix @@ -18,11 +18,22 @@ in { { services.home-assistant = { enable = true; + configDir = configDir; extraComponents = [ "esphome" "met" "radio_browser" "isal" + "zha" + "jellyfin" + "webostv" + "tailscale" + "syncthing" + "sonos" + "analytics_insights" + "unifi" + "minecraft_server" + "openweathermap" ]; config.http = { server_port = 8082; @@ -44,12 +55,16 @@ in { extraConfig = '' add_header Upgrade $http_upgrade; add_header Connection \"upgrade\"; + proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_buffering off; + proxy_read_timeout 90; ''; }; From 9715517af68766b21316600c3dbdfd45b662fcdd Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Fri, 7 Mar 2025 19:53:11 -0600 Subject: [PATCH 2/6] added more config to home assistant --- .../nixos-modules/server/home-assistant.nix | 23 +++++++++++++------ 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/modules/nixos-modules/server/home-assistant.nix b/modules/nixos-modules/server/home-assistant.nix index 8ff688f..967846a 100644 --- a/modules/nixos-modules/server/home-assistant.nix +++ b/modules/nixos-modules/server/home-assistant.nix @@ -20,7 +20,6 @@ in { enable = true; configDir = configDir; extraComponents = [ - "esphome" "met" "radio_browser" "isal" @@ -35,12 +34,22 @@ in { "minecraft_server" "openweathermap" ]; - config.http = { - server_port = 8082; - use_x_forwarded_for = true; - trusted_proxies = ["127.0.0.1" "::1"]; - ip_ban_enabled = true; - login_attempts_threshold = 10; + config = { + homeassistant = { + name = "Home"; + latitude = "!secret latitude"; + longitude = "!secret longitude"; + elevation = "!secret elevation"; + unit_system = "metric"; + time_zone = "CDT"; + }; + http = { + server_port = 8082; + use_x_forwarded_for = true; + trusted_proxies = ["127.0.0.1" "::1"]; + ip_ban_enabled = true; + login_attempts_threshold = 10; + }; }; extraPackages = python3Packages: with python3Packages; [ From 0e5d8e3335764f411f4d1d27d2fdff8fd5a8925a Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Sat, 8 Mar 2025 05:05:32 -0600 Subject: [PATCH 3/6] added postgres config to home assistant --- .../nixos-modules/server/home-assistant.nix | 42 +++++++++++++++---- modules/nixos-modules/server/postgres.nix | 1 + 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/modules/nixos-modules/server/home-assistant.nix b/modules/nixos-modules/server/home-assistant.nix index 967846a..5c4b81f 100644 --- a/modules/nixos-modules/server/home-assistant.nix +++ b/modules/nixos-modules/server/home-assistant.nix @@ -1,9 +1,11 @@ { lib, + pkgs, config, ... }: let configDir = "/var/lib/hass"; + db_user = "hass"; in { options.host.home-assistant = { enable = lib.mkEnableOption "should home-assistant be enabled on this computer"; @@ -16,8 +18,18 @@ in { config = lib.mkIf config.host.home-assistant.enable (lib.mkMerge [ { + systemd.tmpfiles.rules = [ + "f ${config.services.home-assistant.configDir}/automations.yaml 0755 hass hass" + ]; services.home-assistant = { enable = true; + package = + (pkgs.home-assistant.override { + extraPackages = py: with py; [psycopg2]; + }) + .overrideAttrs (oldAttrs: { + doInstallCheck = false; + }); configDir = configDir; extraComponents = [ "met" @@ -35,14 +47,6 @@ in { "openweathermap" ]; config = { - homeassistant = { - name = "Home"; - latitude = "!secret latitude"; - longitude = "!secret longitude"; - elevation = "!secret elevation"; - unit_system = "metric"; - time_zone = "CDT"; - }; http = { server_port = 8082; use_x_forwarded_for = true; @@ -50,6 +54,9 @@ in { ip_ban_enabled = true; login_attempts_threshold = 10; }; + recorder.db_url = "postgresql://@/${db_user}"; + "automation manual" = []; + "automation ui" = "!include automations.yaml"; }; extraPackages = python3Packages: with python3Packages; [ @@ -57,6 +64,11 @@ in { gtts ]; }; + systemd.services.home-assistant = { + requires = [ + "postgresql.service" + ]; + }; host = { reverse_proxy.subdomains.${config.host.home-assistant.subdomain} = { target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}"; @@ -77,6 +89,20 @@ in { proxy_read_timeout 90; ''; }; + postgres = { + enable = true; + extraUsers = { + ${db_user} = { + isClient = true; + createUser = true; + }; + }; + extraDatabases = { + ${db_user} = { + name = db_user; + }; + }; + }; }; } (lib.mkIf config.host.impermanence.enable { diff --git a/modules/nixos-modules/server/postgres.nix b/modules/nixos-modules/server/postgres.nix index 8d57d42..71ce44c 100644 --- a/modules/nixos-modules/server/postgres.nix +++ b/modules/nixos-modules/server/postgres.nix @@ -65,6 +65,7 @@ in { ++ ( builtins.map (user: { name = user.name; + ensureDBOwnership = true; }) createUsers ); From f5c67b812f7b4d00f8977b6034d2c0141d8f12a4 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Sat, 8 Mar 2025 16:16:03 -0600 Subject: [PATCH 4/6] updated nfs mounts --- .../nixos/horizon/hardware-configuration.nix | 24 +++---------------- .../nixos/twilight/hardware-configuration.nix | 12 +++------- 2 files changed, 6 insertions(+), 30 deletions(-) diff --git a/configurations/nixos/horizon/hardware-configuration.nix b/configurations/nixos/horizon/hardware-configuration.nix index 48a4680..b7e7d84 100644 --- a/configurations/nixos/horizon/hardware-configuration.nix +++ b/configurations/nixos/horizon/hardware-configuration.nix @@ -38,41 +38,23 @@ fsType = "vfat"; }; - "/mnt/new_leyla_home" = { + "/mnt/leyla_home" = { device = "defiant:/exports/leyla"; fsType = "nfs"; options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/new_eve_home" = { + "/mnt/eve_home" = { device = "defiant:/exports/eve"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/new_users_home" = { + "/mnt/users_home" = { device = "defiant:/exports/users"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - - "/mnt/leyla_home" = { - device = "server.arpa:/home/leyla"; - fsType = "nfs"; - options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; - }; - - "/mnt/share_home" = { - device = "server.arpa:/home/share"; - fsType = "nfs"; - options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; - }; - - "/mnt/docker_home" = { - device = "server.arpa:/home/docker"; - fsType = "nfs"; - options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"]; - }; }; environment.systemPackages = with pkgs; [ diff --git a/configurations/nixos/twilight/hardware-configuration.nix b/configurations/nixos/twilight/hardware-configuration.nix index d547c9c..53e8cc2 100644 --- a/configurations/nixos/twilight/hardware-configuration.nix +++ b/configurations/nixos/twilight/hardware-configuration.nix @@ -48,22 +48,16 @@ }; "/mnt/leyla_home" = { - device = "server.arpa:/home/leyla"; + device = "defiant:/exports/leyla"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/share_home" = { - device = "server.arpa:/home/share"; + "/mnt/users_home" = { + device = "defiant:/exports/users"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - - "/mnt/docker_home" = { - device = "server.arpa:/home/docker"; - fsType = "nfs"; - options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"]; - }; }; environment.systemPackages = with pkgs; [ From 1e98b54454f86dc3963dd1ca6e3522dd2289d6aa Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Sun, 9 Mar 2025 14:10:50 -0500 Subject: [PATCH 5/6] added more config for nfs mounts --- configurations/nixos/defiant/configuration.nix | 7 +++++++ .../nixos/horizon/hardware-configuration.nix | 12 +++++++++--- .../nixos/twilight/hardware-configuration.nix | 4 ++-- modules/nixos-modules/server/jellyfin.nix | 8 ++++++-- .../nixos-modules/server/network_storage/default.nix | 2 +- modules/nixos-modules/server/network_storage/nfs.nix | 4 ++-- 6 files changed, 27 insertions(+), 10 deletions(-) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 9d6a434..2ec7914 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -58,6 +58,7 @@ folder = "leyla"; user = "leyla"; group = "leyla"; + bind = "/home/leyla/documents"; } { folder = "eve"; @@ -69,6 +70,12 @@ user = "root"; group = "users"; } + { + folder = "media"; + user = "jellyfin"; + group = "jellyfin_media"; + bind = config.host.jellyfin.media_directory; + } ]; nfs = { enable = true; diff --git a/configurations/nixos/horizon/hardware-configuration.nix b/configurations/nixos/horizon/hardware-configuration.nix index b7e7d84..f5342a1 100644 --- a/configurations/nixos/horizon/hardware-configuration.nix +++ b/configurations/nixos/horizon/hardware-configuration.nix @@ -38,23 +38,29 @@ fsType = "vfat"; }; - "/mnt/leyla_home" = { + "/mnt/leyla_documents" = { device = "defiant:/exports/leyla"; fsType = "nfs"; options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/eve_home" = { + "/mnt/eve_documents" = { device = "defiant:/exports/eve"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/users_home" = { + "/mnt/users_documents" = { device = "defiant:/exports/users"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; + + "/mnt/media" = { + device = "defiant:/exports/media"; + fsType = "nfs"; + options = ["user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + }; }; environment.systemPackages = with pkgs; [ diff --git a/configurations/nixos/twilight/hardware-configuration.nix b/configurations/nixos/twilight/hardware-configuration.nix index 53e8cc2..c215e02 100644 --- a/configurations/nixos/twilight/hardware-configuration.nix +++ b/configurations/nixos/twilight/hardware-configuration.nix @@ -47,13 +47,13 @@ options = ["fmask=0022" "dmask=0022"]; }; - "/mnt/leyla_home" = { + "/mnt/leyla_documents" = { device = "defiant:/exports/leyla"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; - "/mnt/users_home" = { + "/mnt/users_documents" = { device = "defiant:/exports/users"; fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; diff --git a/modules/nixos-modules/server/jellyfin.nix b/modules/nixos-modules/server/jellyfin.nix index 4746ad3..ba58fe9 100644 --- a/modules/nixos-modules/server/jellyfin.nix +++ b/modules/nixos-modules/server/jellyfin.nix @@ -7,7 +7,6 @@ jellyfinPort = 8096; jellyfin_data_directory = "/var/lib/jellyfin"; jellyfin_cache_directory = "/var/cache/jellyfin"; - jellyfin_media_directory = "/srv/jellyfin/media"; in { options.host.jellyfin = { enable = lib.mkEnableOption "should jellyfin be enabled on this computer"; @@ -21,6 +20,11 @@ in { description = "ex subdomain of base domain that jellyfin will be hosted at"; default = []; }; + media_directory = lib.mkOption { + type = lib.types.str; + description = "directory jellyfin media will be hosted at"; + default = "/srv/jellyfin/media"; + }; }; config = lib.mkIf config.host.jellyfin.enable ( @@ -126,7 +130,7 @@ in { hideMounts = true; directories = [ { - directory = jellyfin_media_directory; + directory = config.host.jellyfin.media_directory; user = "jellyfin"; group = "jellyfin_media"; mode = "1770"; diff --git a/modules/nixos-modules/server/network_storage/default.nix b/modules/nixos-modules/server/network_storage/default.nix index fecc05f..f756738 100644 --- a/modules/nixos-modules/server/network_storage/default.nix +++ b/modules/nixos-modules/server/network_storage/default.nix @@ -57,7 +57,7 @@ in { # create any folders that we need to have for our exports systemd.tmpfiles.rules = [ - "d ${config.host.network_storage.export_directory} 2770 root root -" + "d ${config.host.network_storage.export_directory} 2775 root root -" ] ++ ( builtins.map ( diff --git a/modules/nixos-modules/server/network_storage/nfs.nix b/modules/nixos-modules/server/network_storage/nfs.nix index e793b16..9aaab39 100644 --- a/modules/nixos-modules/server/network_storage/nfs.nix +++ b/modules/nixos-modules/server/network_storage/nfs.nix @@ -38,8 +38,8 @@ services.nfs.server = { enable = true; exports = lib.strings.concatLines ( - builtins.map ( - directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt)" + lib.lists.imap0 ( + i: directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt,fsid=${builtins.toString i})" ) ( builtins.filter ( From 7b9b394ad26fa67fe50acdf1cde582f29805c3df Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Sun, 9 Mar 2025 14:24:15 -0500 Subject: [PATCH 6/6] exported export folder from nfs --- configurations/home-manager/leyla/packages.nix | 1 - configurations/nixos/defiant/configuration.nix | 2 +- configurations/nixos/horizon/hardware-configuration.nix | 2 +- configurations/nixos/twilight/hardware-configuration.nix | 6 ++++++ 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/configurations/home-manager/leyla/packages.nix b/configurations/home-manager/leyla/packages.nix index 11c7af1..cceffb6 100644 --- a/configurations/home-manager/leyla/packages.nix +++ b/configurations/home-manager/leyla/packages.nix @@ -76,7 +76,6 @@ in { # system tools protonvpn-gui openvpn - nextcloud-client noisetorch # hardware managment tools diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 2ec7914..f70a15d 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -115,7 +115,7 @@ enable = false; }; nextcloud = { - enable = true; + enable = false; subdomain = "drive"; }; sync = { diff --git a/configurations/nixos/horizon/hardware-configuration.nix b/configurations/nixos/horizon/hardware-configuration.nix index f5342a1..cb72d55 100644 --- a/configurations/nixos/horizon/hardware-configuration.nix +++ b/configurations/nixos/horizon/hardware-configuration.nix @@ -59,7 +59,7 @@ "/mnt/media" = { device = "defiant:/exports/media"; fsType = "nfs"; - options = ["user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; }; diff --git a/configurations/nixos/twilight/hardware-configuration.nix b/configurations/nixos/twilight/hardware-configuration.nix index c215e02..81b32ae 100644 --- a/configurations/nixos/twilight/hardware-configuration.nix +++ b/configurations/nixos/twilight/hardware-configuration.nix @@ -58,6 +58,12 @@ fsType = "nfs"; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; }; + + "/mnt/media" = { + device = "defiant:/exports/media"; + fsType = "nfs"; + options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; + }; }; environment.systemPackages = with pkgs; [