mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

temp add samba

Browse Source
This commit is contained in:
mjallen18
2024-02-19 18:08:01 -06:00
parent d390d35734
commit aae49aecde
3 changed files with 120 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
configuration-nas.nix
View File

@@ -8,12 +8,12 @@ let
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06"; password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "jallen-nas"; hostname = "jallen-nas";
timezone = "America/Chicago"; timezone = "America/Chicago";
main-pool = ''"Main\ Pool"'';
in in
{ {
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration-nas.nix ./hardware-configuration-nas.nix
./nas-samba/samba.nix
./nas-apps/swag.nix ./nas-apps/swag.nix
./nas-apps/jellyfin.nix ./nas-apps/jellyfin.nix
./nas-apps/sonarr.nix ./nas-apps/sonarr.nix
@@ -140,6 +140,32 @@ in
defaultWindowManager = "startplasma-x11"; defaultWindowManager = "startplasma-x11";
openFirewall = true; openFirewall = true;
}; };
avahi = {
enable = true;
nssmdns = true;
publish = {
enable = true;
addresses = true;
domain = true;
hinfo = true;
userServices = true;
workstation = true;
};
extraServiceFiles = {
smb = ''
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
<name replace-wildcards="yes">%h</name>
<service>
<type>_smb._tcp</type>
<port>445</port>
</service>
</service-group>
'';
};
};
}; };
# libnvidia-container does not support cgroups v2 (prior to 1.8.0) # libnvidia-container does not support cgroups v2 (prior to 1.8.0)
@@ -175,8 +201,10 @@ in
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 80 443 ]; allowPing = true;
allowedUDPPorts = [ 80 443 ]; extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns'';
allowedTCPPorts = [ 80 443 445 139 ];
allowedUDPPorts = [ 80 443 137 138 ];
}; };
}; };
@@ -218,7 +246,7 @@ in
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users."${user}" = { users.users."${user}" = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user. extraGroups = [ "wheel" "networkmanager" "docker" "podman" ]; # Enable sudo for the user.
initialHashedPassword = password; initialHashedPassword = password;
shell = pkgs.fish; shell = pkgs.fish;
packages = with pkgs; [ packages = with pkgs; [
@@ -231,9 +259,18 @@ in
aspellDicts.en-science aspellDicts.en-science
aha aha
papirus-icon-theme papirus-icon-theme
ffmpeg
]; ];
}; };
# Define a user account. Don't forget to set a password with passwd.
users.users.mjallen = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
initialHashedPassword = password;
shell = pkgs.fish;
};
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
virtualisation.docker.enableNvidia = true; virtualisation.docker.enableNvidia = true;
virtualisation.docker.enableOnBoot = true; virtualisation.docker.enableOnBoot = true;

54
nas-apps/jellyfin.nix
View File

@@ -2,24 +2,40 @@
{ {
# Jellyfin # Jellyfin
virtualisation.oci-containers.containers."jellyfin" = {
autoStart = true; environment.systemPackages = [
image = "linuxserver/jellyfin"; pkgs.jellyfin
extraOptions = [ "--runtime=nvidia" ]; pkgs.jellyfin-web
volumes = [ pkgs.jellyfin-ffmpeg
"/mnt/Safe\ SSD/ssd_app_data/jellyfin/config:/config" ];
"/mnt/Safe\ SSD/ssd_app_data/jellyfin/cache:/cache"
"/mnt/Safe\ SSD/ssd_app_data/jellyfin/log:/log" services.jellyfin = {
"/mnt/Main\ Pool/Movies:/movies" enable = true;
"/mnt/Main\ Pool/TV:/tv" user = "911";
]; group = "1000";
ports = [ "8096:8096" ]; # dataDir = "/mnt/Safe\ SSD/ssd_app_data/jellyfin/config"; # defaults to /var/lib/jellyfin and cannot be changed....
environment = { openFirewall = true;
NVIDIA_VISIBLE_DEVICES = "all";
NVIDIA_DRIVER_CAPABILITIES = "compute,utility";
JELLYFIN_LOG_DIR = "/log";
PUID = "911";
PGID = "1000";
};
}; };
# virtualisation.oci-containers.containers."jellyfin" = {
# autoStart = true;
# image = "linuxserver/jellyfin";
# cmd = [ "--gpus all" ];
# volumes = [
# "/mnt/Safe\ SSD/ssd_app_data/jellyfin/config:/config"
# "/mnt/Safe\ SSD/ssd_app_data/jellyfin/cache:/cache"
# "/mnt/Safe\ SSD/ssd_app_data/jellyfin/log:/log"
# "/mnt/Main\ Pool/Movies:/movies"
# "/mnt/Main\ Pool/TV:/tv"
# ];
# ports = [ "8096:8096" ];
# environment = {
# NVIDIA_VISIBLE_DEVICES = "all";
# NVIDIA_DRIVER_CAPABILITIES = "compute,utility";
# JELLYFIN_LOG_DIR = "/log";
# PUID = "911";
# PGID = "1000";
# };
# };
} }

44
nas-samba/samba.nix Normal file
View File

@@ -0,0 +1,44 @@
{ config, ... }:
{
services.samba-wsdd = {
# make shares visible for Windows clients
enable = true;
openFirewall = true;
};
services.samba = {
enable = true;
securityType = "user";
openFirewall = true;
extraConfig = ''
workgroup = WORKGROUP
server string = smbnix
netbios name = smbnix
security = user
#use sendfile = yes
#max protocol = smb2
# note: localhost is the ipv6 localhost ::1
hosts allow = 10.0.1 127.0.0.1 localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
'';
shares = {
backup = {
path = "/mnt/Main\ Pool/backup";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
isos = {
path = "/mnt/Main\ Pool/isos";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
};
};
}