jan-leila/nix-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jan-leila:86c585111cf58f3aae11697cdf524d5e591f8f0d
Branches Tags
jan-leila:main
jan-leila:469ba567
...
compare: jan-leila:7b9b394ad26fa67fe50acdf1cde582f29805c3df
Branches Tags
jan-leila:main
jan-leila:469ba567

6 commits
86c585111c ... 7b9b394ad2

Author SHA1 Message Date
Leyla Becker 7b9b394ad2 exported export folder from nfs 2025-03-09 14:24:15 -05:00
Leyla Becker 1e98b54454 added more config for nfs mounts 2025-03-09 14:10:50 -05:00
Leyla Becker f5c67b812f updated nfs mounts 2025-03-08 16:16:03 -06:00
Leyla Becker 0e5d8e3335 added postgres config to home assistant 2025-03-08 05:05:32 -06:00
Leyla Becker 9715517af6 added more config to home assistant 2025-03-07 19:53:11 -06:00
Leyla Becker 99e57603c7 added components to home assistant 2025-03-07 18:54:22 -06:00
9 changed files with 88 additions and 39 deletions
Show stats Expand all files Collapse all files

1
configurations/home-manager/leyla/packages.nix
View file

@ -76,7 +76,6 @@ in {
# system tools # system tools
protonvpn-gui protonvpn-gui
openvpn openvpn
nextcloud-client
noisetorch noisetorch
# hardware managment tools # hardware managment tools

9
configurations/nixos/defiant/configuration.nix
View file

@ -58,6 +58,7 @@
folder = "leyla"; folder = "leyla";
user = "leyla"; user = "leyla";
group = "leyla"; group = "leyla";
bind = "/home/leyla/documents";
} }
{ {
folder = "eve"; folder = "eve";
@ -69,6 +70,12 @@
user = "root"; user = "root";
group = "users"; group = "users";
} }
{
folder = "media";
user = "jellyfin";
group = "jellyfin_media";
bind = config.host.jellyfin.media_directory;
}
]; ];
nfs = { nfs = {
enable = true; enable = true;
@ -108,7 +115,7 @@
enable = false; enable = false;
}; };
nextcloud = { nextcloud = {
enable = true; enable = false;
subdomain = "drive"; subdomain = "drive";
}; };
sync = { sync = {

24
configurations/nixos/horizon/hardware-configuration.nix
View file

@ -38,40 +38,28 @@
fsType = "vfat"; fsType = "vfat";
}; };
"/mnt/new_leyla_home" = { "/mnt/leyla_documents" = {
device = "defiant:/exports/leyla"; device = "defiant:/exports/leyla";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
}; };
"/mnt/new_eve_home" = { "/mnt/eve_documents" = {
device = "defiant:/exports/eve"; device = "defiant:/exports/eve";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
}; };
"/mnt/new_users_home" = { "/mnt/users_documents" = {
device = "defiant:/exports/users"; device = "defiant:/exports/users";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
}; };
"/mnt/leyla_home" = { "/mnt/media" = {
device = "server.arpa:/home/leyla"; device = "defiant:/exports/media";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/share_home" = {
device = "server.arpa:/home/share";
fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
};
"/mnt/docker_home" = {
device = "server.arpa:/home/docker";
fsType = "nfs";
options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
}; };
}; };

14
configurations/nixos/twilight/hardware-configuration.nix
View file

@ -47,22 +47,22 @@
options = ["fmask=0022" "dmask=0022"]; options = ["fmask=0022" "dmask=0022"];
}; };
"/mnt/leyla_home" = { "/mnt/leyla_documents" = {
device = "server.arpa:/home/leyla"; device = "defiant:/exports/leyla";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
}; };
"/mnt/share_home" = { "/mnt/users_documents" = {
device = "server.arpa:/home/share"; device = "defiant:/exports/users";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"]; options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
}; };
"/mnt/docker_home" = { "/mnt/media" = {
device = "server.arpa:/home/docker"; device = "defiant:/exports/media";
fsType = "nfs"; fsType = "nfs";
options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"]; options = ["x-systemd.automount" "noauto" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
}; };
}; };

54
modules/nixos-modules/server/home-assistant.nix
View file

@ -1,9 +1,11 @@
{ {
lib, lib,
pkgs,
config, config,
... ...
}: let }: let
configDir = "/var/lib/hass"; configDir = "/var/lib/hass";
db_user = "hass";
in { in {
options.host.home-assistant = { options.host.home-assistant = {
enable = lib.mkEnableOption "should home-assistant be enabled on this computer"; enable = lib.mkEnableOption "should home-assistant be enabled on this computer";
@ -16,27 +18,57 @@ in {
config = lib.mkIf config.host.home-assistant.enable (lib.mkMerge [ config = lib.mkIf config.host.home-assistant.enable (lib.mkMerge [
{ {
systemd.tmpfiles.rules = [
"f ${config.services.home-assistant.configDir}/automations.yaml 0755 hass hass"
];
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;
package =
(pkgs.home-assistant.override {
extraPackages = py: with py; [psycopg2];
})
.overrideAttrs (oldAttrs: {
doInstallCheck = false;
});
configDir = configDir;
extraComponents = [ extraComponents = [
"esphome"
"met" "met"
"radio_browser" "radio_browser"
"isal" "isal"
"zha"
"jellyfin"
"webostv"
"tailscale"
"syncthing"
"sonos"
"analytics_insights"
"unifi"
"minecraft_server"
"openweathermap"
]; ];
config.http = { config = {
http = {
server_port = 8082; server_port = 8082;
use_x_forwarded_for = true; use_x_forwarded_for = true;
trusted_proxies = ["127.0.0.1" "::1"]; trusted_proxies = ["127.0.0.1" "::1"];
ip_ban_enabled = true; ip_ban_enabled = true;
login_attempts_threshold = 10; login_attempts_threshold = 10;
}; };
recorder.db_url = "postgresql://@/${db_user}";
"automation manual" = [];
"automation ui" = "!include automations.yaml";
};
extraPackages = python3Packages: extraPackages = python3Packages:
with python3Packages; [ with python3Packages; [
numpy numpy
gtts gtts
]; ];
}; };
systemd.services.home-assistant = {
requires = [
"postgresql.service"
];
};
host = { host = {
reverse_proxy.subdomains.${config.host.home-assistant.subdomain} = { reverse_proxy.subdomains.${config.host.home-assistant.subdomain} = {
target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}"; target = "http://localhost:${toString config.services.home-assistant.config.http.server_port}";
@ -44,15 +76,33 @@ in {
extraConfig = '' extraConfig = ''
add_header Upgrade $http_upgrade; add_header Upgrade $http_upgrade;
add_header Connection \"upgrade\"; add_header Connection \"upgrade\";
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
proxy_set_header X-Forwarded-Host $server_name; proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_read_timeout 90; proxy_read_timeout 90;
''; '';
}; };
postgres = {
enable = true;
extraUsers = {
${db_user} = {
isClient = true;
createUser = true;
};
};
extraDatabases = {
${db_user} = {
name = db_user;
};
};
};
}; };
} }
(lib.mkIf config.host.impermanence.enable { (lib.mkIf config.host.impermanence.enable {

8
modules/nixos-modules/server/jellyfin.nix
View file

@ -7,7 +7,6 @@
jellyfinPort = 8096; jellyfinPort = 8096;
jellyfin_data_directory = "/var/lib/jellyfin"; jellyfin_data_directory = "/var/lib/jellyfin";
jellyfin_cache_directory = "/var/cache/jellyfin"; jellyfin_cache_directory = "/var/cache/jellyfin";
jellyfin_media_directory = "/srv/jellyfin/media";
in { in {
options.host.jellyfin = { options.host.jellyfin = {
enable = lib.mkEnableOption "should jellyfin be enabled on this computer"; enable = lib.mkEnableOption "should jellyfin be enabled on this computer";
@ -21,6 +20,11 @@ in {
description = "ex subdomain of base domain that jellyfin will be hosted at"; description = "ex subdomain of base domain that jellyfin will be hosted at";
default = []; default = [];
}; };
media_directory = lib.mkOption {
type = lib.types.str;
description = "directory jellyfin media will be hosted at";
default = "/srv/jellyfin/media";
};
}; };
config = lib.mkIf config.host.jellyfin.enable ( config = lib.mkIf config.host.jellyfin.enable (
@ -126,7 +130,7 @@ in {
hideMounts = true; hideMounts = true;
directories = [ directories = [
{ {
directory = jellyfin_media_directory; directory = config.host.jellyfin.media_directory;
user = "jellyfin"; user = "jellyfin";
group = "jellyfin_media"; group = "jellyfin_media";
mode = "1770"; mode = "1770";

2
modules/nixos-modules/server/network_storage/default.nix
View file

@ -57,7 +57,7 @@ in {
# create any folders that we need to have for our exports # create any folders that we need to have for our exports
systemd.tmpfiles.rules = systemd.tmpfiles.rules =
[ [
"d ${config.host.network_storage.export_directory} 2770 root root -" "d ${config.host.network_storage.export_directory} 2775 root root -"
] ]
++ ( ++ (
builtins.map ( builtins.map (

4
modules/nixos-modules/server/network_storage/nfs.nix
View file

@ -38,8 +38,8 @@
services.nfs.server = { services.nfs.server = {
enable = true; enable = true;
exports = lib.strings.concatLines ( exports = lib.strings.concatLines (
builtins.map ( lib.lists.imap0 (
directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt)" i: directory: "${directory._directory} 100.64.0.0/10(rw,sync,no_subtree_check,crossmnt,fsid=${builtins.toString i})"
) )
( (
builtins.filter ( builtins.filter (

1
modules/nixos-modules/server/postgres.nix
View file

@ -65,6 +65,7 @@ in {
++ ( ++ (
builtins.map (user: { builtins.map (user: {
name = user.name; name = user.name;
ensureDBOwnership = true;
}) })
createUsers createUsers
); );