mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

idk shits so fucked lol

Browse Source
This commit is contained in:
mjallen18
2026-01-29 19:15:22 -06:00
parent 9c8733431d
commit 1331e69b58
19 changed files with 619 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
systems/aarch64-darwin/macbook-pro/default.nix
View File

@@ -43,10 +43,10 @@
remote_only: true
'';
# programs.ccache.cacheDir = "/etc/ccache";
systemd.tmpfiles.rules = [
# "d /var/cache/ccache 0770 builder nixbld -"
"p+ /var/cache/ccache/ccache.conf - - - - /etc/ccache.conf"
];
# systemd.tmpfiles.rules = [
# # "d /var/cache/ccache 0770 builder nixbld -"
# "p+ /var/cache/ccache/ccache.conf - - - - /etc/ccache.conf"
# ];
}
);
};

16
systems/aarch64-linux/macbook-pro-nixos/default.nix
View File

@@ -23,14 +23,14 @@
${namespace} = {
impermanence = {
enable = true;
extraDirectories = [
{
directory = "/var/cache/ccache";
user = "nobody";
group = "nobody";
mode = "u=rwx,g=rwx,o=rx";
}
];
# extraDirectories = [
# {
# directory = "/var/cache/ccache";
# user = "nobody";
# group = "nobody";
# mode = "u=rwx,g=rwx,o=rx";
# }
# ];
};
user = {
name = "matt";

16
systems/aarch64-linux/pi5/default.nix
View File

@@ -21,14 +21,14 @@
# ###################################################
impermanence = {
enable = true;
extraDirectories = [
{
directory = "/var/cache/ccache";
user = "nobody";
group = "nobody";
mode = "u=rwx,g=rwx,o=rx";
}
];
# extraDirectories = [
# {
# directory = "/var/cache/ccache";
# user = "nobody";
# group = "nobody";
# mode = "u=rwx,g=rwx,o=rx";
# }
# ];
};
# ###################################################

15
systems/x86_64-linux/jallen-nas/apps.nix
View File

@@ -23,7 +23,7 @@ in
];
};
};
ai = enabled;
# ai = enabled;
arrs = enabled;
attic = {
enable = true;
@@ -62,7 +62,7 @@ in
};
};
collabora = {
enable = true;
enable = false;
port = 9980;
};
crowdsec = {
@@ -79,7 +79,7 @@ in
port = 8409;
};
free-games-claimer = {
enable = true;
enable = false;
port = 6080;
};
gitea = {
@@ -122,7 +122,7 @@ in
port = 3214;
};
matrix = {
enable = true;
enable = false;
port = 8448;
reverseProxy.enable = true;
};
@@ -133,12 +133,13 @@ in
port = 4000;
};
nextcloud = {
enable = true;
enable = false;
port = 9988;
};
ntfy = {
enable = true;
port = 2586;
createUser = true;
reverseProxy.enable = true;
};
ocis = disabled;
@@ -147,12 +148,12 @@ in
port = 9200;
};
opencloud = {
enable = true;
enable = false;
port = 9200;
reverseProxy.enable = true;
};
orca-slicer = {
enable = true;
enable = false;
port = 3100;
httpsPort = 3101;
};

144
systems/x86_64-linux/jallen-nas/default.nix
View File

@@ -12,6 +12,7 @@ in
imports = [
./boot.nix
./apps.nix
# ./nas-pool.nix
./users.nix
./services.nix
./sops.nix
@@ -267,20 +268,119 @@ in
# ###################################################
# # Mounts # #
# ###################################################
fileSystems."/media/nas/main" = {
label = "nas_pool";
# device = "/dev/sde:/dev/sdf:/dev/sdh:/dev/sdi:/dev/sdj:/dev/nmve0n1:/dev/nvme1n1";
fsType = "bcachefs";
mountPoint = "/media/nas/main";
options = [
# "noauto"
"nofail"
# "x-systemd.mount-timeout=0"
# "x-systemd.device-timeout=0"
];
# fileSystems."/media/nas/main" = {
# label = "nas_pool";
# # device = "/dev/sde:/dev/sdf:/dev/sdh:/dev/sdi:/dev/sdj:/dev/nmve0n1:/dev/nvme1n1";
# fsType = "bcachefs";
# mountPoint = "/media/nas/main";
# options = [
# # "noauto"
# "nofail"
# # "x-systemd.mount-timeout=0"
# # "x-systemd.device-timeout=0"
# ];
# };
fileSystems = {
"/media/nas/main/appdata" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=appdata"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/main/backup" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=backup"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/main/databases" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=databases"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/main/documents" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=documents"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/games/heroic" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=heroic"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/main/movies" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=movies"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/main/photos" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=photos"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/games/steam" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=steam"
"x-systemd.device-timeout=180s"
];
};
"/media/nas/main/tv" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=tv"
"x-systemd.device-timeout=180s"
];
};
"/persist" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
options = [
"X-mount.subdir=persist"
"x-systemd.device-timeout=180s"
];
};
"/subvolumes" = {
device = "UUID=adf7b4e1-dfed-4c10-a9ab-2741c1055552";
fsType = "bcachefs";
};
};
boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-partlabel/disk-main-jallen-nas-cryptroot";
environment.etc = {
"crypttab".text = ''
hdd1-cryptroot UUID="295d4c78-41f0-4792-bd97-ac88b2455cdc" none tpm2-device=auto
hdd2-cryptroot UUID="7c9c2179-351c-40a5-9257-e9ee2a1e794a" none tpm2-device=auto
ssd1-cryptroot UUID="d78fa862-212c-4d4f-ad86-bfeead5cc054" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
ssd2-cryptroot UUID="1661c173-3809-4517-9ab8-ad94c229048d" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
ssd3-cryptroot UUID="cfea125e-90b1-4248-834d-16dcaf310783" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
ssd4-cryptroot UUID="96055401-6d1a-4308-9e4e-2211e1e23635" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
ssd5-cryptroot UUID="055e27e0-c96a-4899-8ee7-cb1cd5f21476" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
ssd6-cryptroot UUID="6e830abd-2555-4558-81a3-4a990507b5a7" none tpm2-device=auto,allow-discards,perf-no_read_workqueue,perf-no_write_workqueue
'';
};
# boot.initrd.luks.devices.cryptroot.device = "/dev/disk/by-partlabel/disk-main-jallen-nas-cryptroot";
# Configure environment
environment = {
@@ -310,22 +410,18 @@ in
persistence."/media/nas/main/persist" = {
hideMounts = true;
directories = [
{
directory = "/var/cache/ccache";
user = "nobody";
group = "nobody";
mode = "u=rwx,g=rwx,o=rx";
}
{
directory = "/var/lib/redis-ccache";
user = "redis-ccache";
group = "redis-ccache";
mode = "u=rwx,g=,o=";
}
# {
# directory = "/var/lib/redis-ccache";
# user = "redis-ccache";
# group = "redis-ccache";
# mode = "u=rwx,g=,o=";
# }
];
};
};
networking.firewall.checkReversePath = false;
# Configure programs
programs = {
kdeconnect.enable = lib.mkForce false;

383
systems/x86_64-linux/jallen-nas/nas-pool.nix Normal file
View File

@@ -0,0 +1,383 @@
{ lib, ... }:
{
disko.devices = {
disk = {
#################################################################
# HDD1
#################################################################
hdd1 = {
device = "/dev/disk/by-id/ata-ST24000DM001-3Y7103_ZXA0QYPG";
type = "disk";
content = {
type = "gpt";
partitions = {
hdd1p1 = {
size = "100%";
content = {
type = "luks";
name = "hdd1-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "hdd.hdd1";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# HDD2
#################################################################
hdd2 = {
device = "/dev/disk/by-id/ata-ST24000NM000C-3WD103_ZXA0H7EQ";
type = "disk";
content = {
type = "gpt";
partitions = {
hdd2p1 = {
size = "100%";
content = {
type = "luks";
name = "hdd2-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "hdd.hdd2";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# SSD1
#################################################################
ssd1 = {
device = "/dev/disk/by-id/nvme-CT1000P310SSD8_25034D8045A9";
type = "disk";
content = {
type = "gpt";
partitions = {
ssd1p1 = {
size = "100%";
content = {
type = "luks";
name = "ssd1-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "ssd.ssd1";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# SSD2
#################################################################
ssd2 = {
device = "/dev/disk/by-id/nvme-CT1000P310SSD8_25185002525B";
type = "disk";
content = {
type = "gpt";
partitions = {
ssd2p1 = {
size = "100%";
content = {
type = "luks";
name = "ssd2-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "ssd.ssd2";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# SSD3
#################################################################
ssd3 = {
device = "/dev/disk/by-id/nvme-CT1000P310SSD8_25285184CC5C";
type = "disk";
content = {
type = "gpt";
partitions = {
ssd3p1 = {
size = "100%";
content = {
type = "luks";
name = "ssd3-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "ssd.ssd3";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# SSD4
#################################################################
ssd4 = {
device = "/dev/disk/by-id/nvme-CT1000P310SSD8_25285186280D";
type = "disk";
content = {
type = "gpt";
partitions = {
ssd4p1 = {
size = "100%";
content = {
type = "luks";
name = "ssd4-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "ssd.ssd4";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# SSD5
#################################################################
ssd5 = {
device = "/dev/disk/by-id/nvme-INTEL_SSDPEKNW010T8_PHNH845600381P0B";
type = "disk";
content = {
type = "gpt";
partitions = {
ssd5p1 = {
size = "100%";
content = {
type = "luks";
name = "ssd5-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "ssd.ssd5";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
#################################################################
# SSD6
#################################################################
ssd6 = {
device = "/dev/disk/by-id/nvme-WDS100T3X0C-00SJG0_202007A00A86";
type = "disk";
content = {
type = "gpt";
partitions = {
ssd6p1 = {
size = "100%";
content = {
type = "luks";
name = "ssd6-cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
settings = {
allowDiscards = true;
# keyFile = lib.snowfall.fs.get-file "secrets/nas_pool.key";
crypttabExtraOpts = [
"tpm2-device=auto"
"fido2-device=auto"
"token-timeout=10"
];
};
content = {
type = "bcachefs";
filesystem = "nas_pool_subvolumes";
label = "ssd.ssd6";
extraFormatArgs = [
"--discard"
];
};
};
};
};
};
};
};
bcachefs_filesystems = {
nas_pool_subvolumes = {
type = "bcachefs_filesystem";
extraFormatArgs = [
"--compression=zstd"
"--background_compression=zstd"
"--metadata_tartget=ssd"
"--promote_tartget=ssd"
"--foreground_target=ssd"
"--background_target=hdd"
"--data_replicas=2"
];
subvolumes = {
"backup" = {
mountpoint = "/media/nas/main/backup";
};
"documents" = {
mountpoint = "/media/nas/main/documents";
};
"heroic" = {
mountpoint = "/media/nas/games/heroic";
};
"movies" = {
mountpoint = "/media/nas/main/movies";
};
"photos" = {
mountpoint = "/media/nas/main/photos";
};
"steam" = {
mountpoint = "/media/nas/games/steam";
};
"tv" = {
mountpoint = "/media/nas/main/tv";
};
"persist" = {
mountpoint = "/persist";
};
};
};
};
};
}

2
systems/x86_64-linux/jallen-nas/services.nix
View File

@@ -32,7 +32,7 @@
enable = true;
package = pkgs.postgresql_16;
enableTCPIP = true;
dataDir = "/media/nas/main/nix-app-data/postgresql";
dataDir = "/media/nas/main/databases/postgresql";
ensureDatabases = [
"authentik"
"homeassistant"

16
systems/x86_64-linux/matt-nixos/default.nix
View File

@@ -55,14 +55,14 @@
impermanence = {
enable = true;
extraDirectories = [
{
directory = "/var/cache/ccache";
user = "nobody";
group = "nobody";
mode = "u=rwx,g=rwx,o=rx";
}
];
# extraDirectories = [
# {
# directory = "/var/cache/ccache";
# user = "nobody";
# group = "nobody";
# mode = "u=rwx,g=rwx,o=rx";
# }
# ];
};
network = {