nix-serve maybe
This commit is contained in:
0
hosts/nas/apps.nix
Normal file → Executable file
0
hosts/nas/apps.nix
Normal file → Executable file
0
hosts/nas/apps/arrs/default.nix
Normal file → Executable file
0
hosts/nas/apps/arrs/default.nix
Normal file → Executable file
0
hosts/nas/apps/collabora/default.nix
Normal file → Executable file
0
hosts/nas/apps/collabora/default.nix
Normal file → Executable file
0
hosts/nas/apps/crowdsec/default.nix
Normal file → Executable file
0
hosts/nas/apps/crowdsec/default.nix
Normal file → Executable file
0
hosts/nas/apps/jellyfin/default.nix
Normal file → Executable file
0
hosts/nas/apps/jellyfin/default.nix
Normal file → Executable file
0
hosts/nas/apps/jellyseerr/default.nix
Normal file → Executable file
0
hosts/nas/apps/jellyseerr/default.nix
Normal file → Executable file
0
hosts/nas/apps/netdata/default.nix
Normal file → Executable file
0
hosts/nas/apps/netdata/default.nix
Normal file → Executable file
0
hosts/nas/apps/nextcloud/default.nix
Normal file → Executable file
0
hosts/nas/apps/nextcloud/default.nix
Normal file → Executable file
0
hosts/nas/apps/ollama/default.nix
Normal file → Executable file
0
hosts/nas/apps/ollama/default.nix
Normal file → Executable file
0
hosts/nas/apps/paperless-ai/default.nix
Normal file → Executable file
0
hosts/nas/apps/paperless-ai/default.nix
Normal file → Executable file
0
hosts/nas/apps/paperless-ai/options.nix
Normal file → Executable file
0
hosts/nas/apps/paperless-ai/options.nix
Normal file → Executable file
0
hosts/nas/apps/paperless/default.nix
Normal file → Executable file
0
hosts/nas/apps/paperless/default.nix
Normal file → Executable file
12
hosts/nas/apps/traefik/default.nix
Normal file → Executable file
12
hosts/nas/apps/traefik/default.nix
Normal file → Executable file
@@ -11,6 +11,7 @@ let
|
||||
hassUrl = "http://jallen-hass.local:8123";
|
||||
openWebUIUrl = "http://10.0.1.18:8888";
|
||||
paperlessUrl = "http://10.0.1.20:28981";
|
||||
cacheUrl = "http://10.0.1.18:5000";
|
||||
in
|
||||
{
|
||||
networking.firewall = {
|
||||
@@ -166,6 +167,11 @@ in
|
||||
url = openWebUIUrl;
|
||||
}
|
||||
];
|
||||
cache.loadBalancer.servers = [
|
||||
{
|
||||
url = cacheUrl;
|
||||
}
|
||||
];
|
||||
paperless.loadBalancer.servers = [
|
||||
{
|
||||
url = paperlessUrl;
|
||||
@@ -228,6 +234,12 @@ in
|
||||
priority = 10;
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
cache = {
|
||||
entryPoints = [ "websecure" ];
|
||||
rule = "Host(`cache.${domain}`)";
|
||||
service = "cache";
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
# paperless = {
|
||||
# entryPoints = ["websecure"];
|
||||
# rule = "Host(`paperless.${domain}`)";
|
||||
|
||||
0
hosts/nas/boot.nix
Normal file → Executable file
0
hosts/nas/boot.nix
Normal file → Executable file
@@ -276,6 +276,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
# Enable binfmt emulation for ARM
|
||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
|
||||
# Virtualisation
|
||||
virtualisation = {
|
||||
podman = {
|
||||
|
||||
0
hosts/nas/filesystems.nix
Normal file → Executable file
0
hosts/nas/filesystems.nix
Normal file → Executable file
0
hosts/nas/grafana.nix
Normal file → Executable file
0
hosts/nas/grafana.nix
Normal file → Executable file
0
hosts/nas/hardware-configuration.nix
Normal file → Executable file
0
hosts/nas/hardware-configuration.nix
Normal file → Executable file
0
hosts/nas/home.nix
Normal file → Executable file
0
hosts/nas/home.nix
Normal file → Executable file
0
hosts/nas/impermanence.nix
Normal file → Executable file
0
hosts/nas/impermanence.nix
Normal file → Executable file
0
hosts/nas/machine-id
Normal file → Executable file
0
hosts/nas/machine-id
Normal file → Executable file
0
hosts/nas/networking.nix
Normal file → Executable file
0
hosts/nas/networking.nix
Normal file → Executable file
73
hosts/nas/nix-serve.nix
Executable file
73
hosts/nas/nix-serve.nix
Executable file
@@ -0,0 +1,73 @@
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
# "https://cache.mjallen.dev"
|
||||
# "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
|
||||
services.nix-serve = {
|
||||
enable = true;
|
||||
secretKeyFile = "/etc/nix/cache-priv-key.pem";
|
||||
port = 5000; # Choose your preferred port
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
# Improved systemd service with better error handling
|
||||
systemd.services.nix-rebuild-cache = {
|
||||
description = "Rebuild all NixOS configurations for cache";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "root";
|
||||
WorkingDirectory = "/etc/nixos"; # Update this path
|
||||
StandardOutput = "journal+console";
|
||||
StandardError = "journal+console";
|
||||
Restart = "no";
|
||||
# Increase timeout for large builds
|
||||
TimeoutStartSec = "2h";
|
||||
};
|
||||
path = with pkgs; [
|
||||
nix
|
||||
git
|
||||
coreutils
|
||||
gnugrep
|
||||
gnused
|
||||
];
|
||||
script = ''
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
# Pull latest changes if in a git repo
|
||||
if [ -d .git ]; then
|
||||
git pull || echo "Warning: Could not pull latest changes"
|
||||
fi
|
||||
|
||||
# Run the build-all script
|
||||
echo "Starting build of all systems at $(date)"
|
||||
if nix run .#build-all; then
|
||||
echo "All systems built successfully at $(date)"
|
||||
else
|
||||
echo "Some systems failed to build at $(date)"
|
||||
exit 1
|
||||
fi
|
||||
'';
|
||||
# # Send an email on failure (optional)
|
||||
# startPost = ''
|
||||
# if [ $SERVICE_RESULT != "success" ]; then
|
||||
# ${pkgs.mailutils}/bin/mail -s "NixOS cache rebuild failed" your-email@example.com <<EOF
|
||||
# The nix-rebuild-cache service failed at $(date).
|
||||
# Please check the logs with: journalctl -u nix-rebuild-cache
|
||||
# EOF
|
||||
# fi
|
||||
# '';
|
||||
};
|
||||
|
||||
systemd.timers.nix-rebuild-cache = {
|
||||
description = "Timer for rebuilding NixOS configurations cache";
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnCalendar = "weekly"; # Or your preferred schedule
|
||||
Persistent = true;
|
||||
RandomizedDelaySec = "1h"; # Spread load
|
||||
};
|
||||
};
|
||||
|
||||
# Monitor the cache service
|
||||
services.prometheus.exporters.node.enabledCollectors = [ "systemd" ];
|
||||
}
|
||||
0
hosts/nas/samba.nix
Normal file → Executable file
0
hosts/nas/samba.nix
Normal file → Executable file
0
hosts/nas/sensors.txt
Normal file → Executable file
0
hosts/nas/sensors.txt
Normal file → Executable file
2
hosts/nas/services.nix
Normal file → Executable file
2
hosts/nas/services.nix
Normal file → Executable file
@@ -3,6 +3,8 @@ let
|
||||
enableDisplayManager = true;
|
||||
in
|
||||
{
|
||||
imports = [ ./nix-serve.nix ];
|
||||
|
||||
# Services configs
|
||||
services = {
|
||||
|
||||
|
||||
0
hosts/nas/sops.nix
Normal file → Executable file
0
hosts/nas/sops.nix
Normal file → Executable file
0
hosts/nas/ups.nix
Normal file → Executable file
0
hosts/nas/ups.nix
Normal file → Executable file
Reference in New Issue
Block a user