mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

nas cleanup

Browse Source
This commit is contained in:
Matt Jallen
2024-02-20 10:21:33 -06:00
parent 1950e4a75f
commit 5f9eb06a33
1 changed files with 42 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

77
configuration-nas.nix
View File

@@ -131,7 +131,7 @@ in
pulse.enable = true; pulse.enable = true;
}; };
# Enable Flatpak # Set to enable Flatpak
flatpak.enable = false; flatpak.enable = false;
# Enable RDP # Enable RDP
@@ -152,7 +152,7 @@ in
userServices = true; userServices = true;
workstation = true; workstation = true;
}; };
extraServiceFiles = { extraServiceFiles = { # TODO is this needed?
smb = '' smb = ''
<?xml version="1.0" standalone='no'?><!--*-nxml-*--> <?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd"> <!DOCTYPE service-group SYSTEM "avahi-service.dtd">
@@ -168,10 +168,6 @@ in
}; };
}; };
# libnvidia-container does not support cgroups v2 (prior to 1.8.0)
# https://github.com/NVIDIA/nvidia-docker/issues/1447
systemd.enableUnifiedCgroupHierarchy = false;
systemd.services.nas-mounts = { systemd.services.nas-mounts = {
path = [ pkgs.zfs pkgs.bash ]; path = [ pkgs.zfs pkgs.bash ];
script = '' script = ''
@@ -202,7 +198,7 @@ in
firewall = { firewall = {
enable = true; enable = true;
allowPing = true; allowPing = true;
extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; # TODO is this needed?
allowedTCPPorts = [ 80 443 61208 ]; allowedTCPPorts = [ 80 443 61208 ];
allowedUDPPorts = [ 80 443 61208 ]; allowedUDPPorts = [ 80 443 61208 ];
}; };
@@ -246,37 +242,48 @@ in
}; };
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users."${user}" = { users = {
isNormalUser = true; groups.jallen-nas.gid = 1000; # create nas group cause truenas perms
extraGroups = [ "wheel" "networkmanager" "docker" "podman" "libvirtd" ]; # Enable sudo for the user.
initialHashedPassword = password; # Admin account
shell = pkgs.fish; users."${user}" = {
packages = with pkgs; [ isNormalUser = true;
neofetch extraGroups = [ "wheel" "networkmanager" "docker" "podman" "libvirtd" ]; # Enable sudo for the user.
git initialHashedPassword = password;
parted shell = pkgs.fish;
aspell packages = with pkgs; [
aspellDicts.en neofetch
aspellDicts.en-computers git
aspellDicts.en-science parted
aha aspell
papirus-icon-theme aspellDicts.en
firefox aspellDicts.en-computers
]; aspellDicts.en-science
aha
papirus-icon-theme
firefox
];
};
# Nix app account
users.nix-apps = {
isNormalUser = true;
uid = 911;
extraGroups = [ "jallen-nas" "wheel" "docker" "podman" "libvirt" ]; # Enable sudo for the user.
initialHashedPassword = password;
};
}; };
# Define a user account. Don't forget to set a password with passwd. # Virtualisation
users.users.mjallen = { virtualisation = {
isNormalUser = true; docker = {
extraGroups = [ "wheel" ]; # Enable sudo for the user. enable = true;
initialHashedPassword = password; enableNvidia = true;
shell = pkgs.fish; enableOnBoot = true;
}; };
virtualisation.docker.enable = true; libvirtd.enable = true;
virtualisation.docker.enableNvidia = true; };
virtualisation.docker.enableOnBoot = true;
virtualisation.libvirtd.enable = true;
# This option defines the first version of NixOS you have installed on this particular machine, # This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.