mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

more organization, or maybe disorganization...

Browse Source
This commit is contained in:
mjallen18
2024-02-25 18:21:21 -06:00
parent f0e5baea4b
commit cd4a68b513
30 changed files with 560 additions and 447 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
flake.nix
View File

@@ -30,13 +30,13 @@
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
kde.nixosModules.plasma6 kde.nixosModules.plasma6
nix-flatpak.nixosModules.nix-flatpak nix-flatpak.nixosModules.nix-flatpak
./configuration.nix ./hosts/desktop/configuration.nix
./impermanence.nix ./hosts/desktop/impermanence.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.matt = import ./home.nix; home-manager.users.matt = import ./hosts/desktop/home.nix;
} }
]; ];
}; };
@@ -46,7 +46,7 @@
system = "aarch64-linux"; system = "aarch64-linux";
modules = [ modules = [
nixos-hardware.nixosModules.raspberry-pi-4 nixos-hardware.nixosModules.raspberry-pi-4
./configuration-pi4.nix ./hosts/pi4/configuration.nix
]; ];
}; };
}; };

62
hosts/default.nix Normal file
View File

@@ -0,0 +1,62 @@
{ config, lib, pkgs, ... }:
let
timezone = "America/Chicago";
in
{
imports =
[
../modules
];
# Enable nix flakes and nix-command tools
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Hardware configs
hardware = {
# Bluetooth
bluetooth.enable = true;
# Enable all firmware
enableAllFirmware = true;
# Disable pulse audio in favor of pipewire
pulseaudio.enable = false;
};
# Services configs
services = {
openssh.enable = true;
# Enable firmware updates
fwupd.enable = true;
# Enable CUPS to print documents.
printing.enable = true;
# configure pipewire
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
};
# Time config
time = {
# Set your time zone.
timeZone = timezone;
};
boot = {
# Enable AppImage
binfmt.registrations.appimage = {
wrapInterpreterInShell = false;
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
recognitionType = "magic";
offset = 0;
mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff'';
magicOrExtension = ''\x7fELF....AI\x02'';
};
};
}

43
hosts/desktop/configuration.nix
View File

@@ -7,7 +7,6 @@ let
user = "matt"; user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06"; password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "matt-nixos"; hostname = "matt-nixos";
timezone = "America/Chicago";
# discover-wrapper is needed as of 1/24/24 since PackageKit does not work correctly so this removes error messages. # discover-wrapper is needed as of 1/24/24 since PackageKit does not work correctly so this removes error messages.
discover-wrapped = pkgs.symlinkJoin discover-wrapped = pkgs.symlinkJoin
{ {
@@ -23,12 +22,10 @@ in
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./cachix/cachix.nix ../../cachix/cachix.nix
../default.nix
]; ];
# Enable nix flakes and nix-command tools
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Configure bootloader with lanzaboot and secureboot # Configure bootloader with lanzaboot and secureboot
boot = { boot = {
loader = { loader = {
@@ -65,34 +62,15 @@ in
# Network option required using sysctl to let Ubisoft Connect work as of 7-12-2023 # Network option required using sysctl to let Ubisoft Connect work as of 7-12-2023
kernel.sysctl."net.ipv4.tcp_mtu_probing" = 1; kernel.sysctl."net.ipv4.tcp_mtu_probing" = 1;
# Enable AppImage
binfmt.registrations.appimage = {
wrapInterpreterInShell = false;
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
recognitionType = "magic";
offset = 0;
mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff'';
magicOrExtension = ''\x7fELF....AI\x02'';
};
}; };
# Hardware configs # Hardware configs
hardware = { hardware = {
# Bluetooth
bluetooth.enable = true;
# Xbox controllers # Xbox controllers
xpadneo.enable = true; xpadneo.enable = true;
# Steam udev rules for remote play # Steam udev rules for remote play
steam-hardware.enable = true; steam-hardware.enable = true;
# Enable all firmware
enableAllFirmware = true;
# Disable pulse audio in favor of pipewire
pulseaudio.enable = false;
opengl.enable = true; opengl.enable = true;
# Enables support for 32bit libs that steam uses # Enables support for 32bit libs that steam uses
@@ -101,9 +79,6 @@ in
# Services configs # Services configs
services = { services = {
# Enable firmware updates
fwupd.enable = true;
# Enable the X11 windowing system. # Enable the X11 windowing system.
xserver = { xserver = {
enable = true; enable = true;
@@ -115,17 +90,6 @@ in
}; };
desktopManager.plasma6.enable = true; desktopManager.plasma6.enable = true;
}; };
# Enable CUPS to print documents.
printing.enable = true;
# configure pipewire
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# enable auto discovery of printers # enable auto discovery of printers
avahi = { avahi = {
@@ -161,6 +125,7 @@ in
fi fi
''; '';
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "NetworkManager.target" ];
}; };
# Networking configs # Networking configs
@@ -173,8 +138,6 @@ in
# Time config # Time config
time = { time = {
# Set your time zone.
timeZone = timezone;
hardwareClockInLocalTime = true; hardwareClockInLocalTime = true;
}; };

70
hosts/nas/configuration.nix
View File

@@ -7,19 +7,14 @@ let
user = "admin"; user = "admin";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06"; password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "jallen-nas"; hostname = "jallen-nas";
timezone = "America/Chicago";
in in
{ {
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../../nas-samba/samba.nix ../default.nix
../../nas-apps/nas-apps.nix
]; ];
# Enable nix flakes and nix-command tools
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nas-apps = { nas-apps = {
jellyfin.enable = true; jellyfin.enable = true;
@@ -44,6 +39,38 @@ in
swag.enable = true; swag.enable = true;
}; };
nas-samba = {
enable = true;
hostsAllow = "10.0.1.";
enableTimeMachine = true;
timeMachinePath = "/mnt/mainpool/TimeMachine";
shares = {
"3d_printer" = {
public = true;
sharePath = "/mnt/mainpool/3d_printer";
};
Backup = {
public = true;
sharePath = "/mnt/mainpool/Backup";
};
Documents = {
public = true;
sharePath = "/mnt/mainpool/Documents";
};
isos = {
public = true;
sharePath = "/mnt/mainpool/isos";
};
TimeMachine = {
public = true;
sharePath = "/mnt/mainpool/TimeMachine";
enableTimeMachine = true;
timeMachineMaxSize = "1T";
};
};
};
# Configure bootloader with lanzaboot and secureboot # Configure bootloader with lanzaboot and secureboot
boot = { boot = {
loader = { loader = {
@@ -76,15 +103,6 @@ in
# Hardware configs # Hardware configs
hardware = { hardware = {
# Bluetooth
bluetooth.enable = true;
# Enable all firmware
enableAllFirmware = true;
# Disable pulse audio in favor of pipewire
pulseaudio.enable = false;
# Nvidia # Nvidia
nvidia = { nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.beta; package = config.boot.kernelPackages.nvidiaPackages.beta;
@@ -123,11 +141,6 @@ in
# Services configs # Services configs
services = { services = {
openssh.enable = true;
# Enable firmware updates
fwupd.enable = true;
# Enable the X11 windowing system. # Enable the X11 windowing system.
xserver = { xserver = {
enable = true; enable = true;
@@ -142,17 +155,6 @@ in
}; };
desktopManager.plasma5.enable = true; desktopManager.plasma5.enable = true;
}; };
# Enable CUPS to print documents.
printing.enable = true;
# configure pipewire
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Set to enable Flatpak # Set to enable Flatpak
flatpak.enable = false; flatpak.enable = false;
@@ -237,12 +239,6 @@ in
}; };
}; };
# Time config
time = {
# Set your time zone.
timeZone = timezone;
};
# Configure environment # Configure environment
environment = { environment = {
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:

4
hosts/pi4/configuration.nix
View File

@@ -15,7 +15,7 @@ let
in { in {
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration-pi4.nix ./hardware-configuration.nix
./docker-pi4.nix ./docker-pi4.nix
]; ];
@@ -32,7 +32,7 @@ in {
}; };
# Set your time zone. # Set your time zone.
time.timeZone = "America/Chicago"; time.timeZone = timezone;
networking = { networking = {
hostName = hostname; hostName = hostname;

25
modules/apps/collabora/default.nix Normal file
View File

@@ -0,0 +1,25 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.collabora;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:9980" ];
volumes = [
# ...
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

22
nas-apps/collabora.nix → modules/apps/collabora/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: { lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.collabora;
in {
options.nas-apps.collabora = { options.nas-apps.collabora = {
enable = mkEnableOption "collabora docker service"; enable = mkEnableOption "collabora docker service";
@@ -42,20 +40,4 @@ in {
}; };
}; };
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:9980" ];
volumes = [
# ...
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
} }

0
nas-apps/dashy.nix → modules/apps/dashy/default.nix
View File

59
nas-apps/jellyfin.nix → modules/apps/jellyfin/default.nix
View File

@@ -3,61 +3,10 @@ with lib;
let let
cfg = config.nas-apps.jellyfin; cfg = config.nas-apps.jellyfin;
in { in {
options.nas-apps.jellyfin = { imports = [
enable = mkEnableOption "jellyfin docker service"; ./options.nix
];
autoStart = mkOption {
type = types.bool;
default = true;
};
port = mkOption {
type = types.str;
default = "8096";
};
name = mkOption {
type = types.str;
default = "jellyfin";
};
image = mkOption {
type = types.str;
default = "lscr.io/linuxserver/jellyfin";
};
configPath = mkOption {
type = types.str;
default = "/mnt/ssd/nix-app-data/jellyfin";
};
moviesPath = mkOption {
type = types.str;
default = "/mnt/mainpool/Movies";
};
tvPath = mkOption {
type = types.str;
default = "/mnt/mainpool/Tv";
};
puid = mkOption {
type = types.str;
default = "911";
};
pgid = mkOption {
type = types.str;
default = "1000";
};
timeZone = mkOption {
type = types.str;
default = "America/Chicago";
};
};
config = mkIf cfg.enable { config = mkIf cfg.enable {
systemd.services.jellyfin-nvidia-docker = { systemd.services.jellyfin-nvidia-docker = {

58
modules/apps/jellyfin/options.nix Normal file
View File

@@ -0,0 +1,58 @@
{ lib, ... }:
with lib;
{
options.nas-apps.jellyfin = {
enable = mkEnableOption "jellyfin docker service";
autoStart = mkOption {
type = types.bool;
default = true;
};
port = mkOption {
type = types.str;
default = "8096";
};
name = mkOption {
type = types.str;
default = "jellyfin";
};
image = mkOption {
type = types.str;
default = "lscr.io/linuxserver/jellyfin";
};
configPath = mkOption {
type = types.str;
default = "/mnt/ssd/nix-app-data/jellyfin";
};
moviesPath = mkOption {
type = types.str;
default = "/mnt/mainpool/Movies";
};
tvPath = mkOption {
type = types.str;
default = "/mnt/mainpool/Tv";
};
puid = mkOption {
type = types.str;
default = "911";
};
pgid = mkOption {
type = types.str;
default = "1000";
};
timeZone = mkOption {
type = types.str;
default = "America/Chicago";
};
};
}

25
modules/apps/jellyseerr/default.nix Normal file
View File

@@ -0,0 +1,25 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.jellyseerr;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:5055" ];
volumes = [
"${cfg.configPath}:/config"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

24
nas-apps/jellyseerr.nix → modules/apps/jellyseerr/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: { lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.jellyseerr;
in {
options.nas-apps.jellyseerr = { options.nas-apps.jellyseerr = {
enable = mkEnableOption "jellyseerr docker service"; enable = mkEnableOption "jellyseerr docker service";
@@ -47,20 +45,4 @@ in {
}; };
}; };
}
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:5055" ];
volumes = [
"${cfg.configPath}:/config"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

29
modules/apps/mariadb/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.mariadb;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:3306" ];
volumes = [
"${cfg.configPath}:/config"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
MYSQL_ROOT_PASSWORD = cfg.rootPassword;
MYSQL_DATABASE = cfg.databaseName;
MYSQL_USER = cfg.databaseUser;
MYSQL_PASSWORD = cfg.databasePassword;
};
};
};
}

27
nas-apps/mariadb.nix → modules/apps/mariadb/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: { lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.mariadb;
in {
options.nas-apps.mariadb = { options.nas-apps.mariadb = {
enable = mkEnableOption "mariadb docker service"; enable = mkEnableOption "mariadb docker service";
@@ -65,26 +63,5 @@ in {
type = types.str; type = types.str;
default = "BogieDudie1"; default = "BogieDudie1";
}; };
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:3306" ];
volumes = [
"${cfg.configPath}:/config"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
MYSQL_ROOT_PASSWORD = cfg.rootPassword;
MYSQL_DATABASE = cfg.databaseName;
MYSQL_USER = cfg.databaseUser;
MYSQL_PASSWORD = cfg.databasePassword;
};
};
}; };
} }

26
modules/apps/nextcloud/default.nix Normal file
View File

@@ -0,0 +1,26 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.nextcloud;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.httpPort}:80" "${cfg.httpsPort}:443" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.dataPath}:/data"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

26
nas-apps/nextcloud.nix → modules/apps/nextcloud/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: { lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.nextcloud;
in {
options.nas-apps.nextcloud = { options.nas-apps.nextcloud = {
enable = mkEnableOption "nextcloud docker service"; enable = mkEnableOption "nextcloud docker service";
@@ -55,23 +53,5 @@ in {
type = types.str; type = types.str;
default = "America/Chicago"; default = "America/Chicago";
}; };
}; };
}
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.httpPort}:80" "${cfg.httpsPort}:443" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.dataPath}:/data"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

27
modules/apps/radarr/default.nix Normal file
View File

@@ -0,0 +1,27 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.radarr;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:7878" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/movies"
"${cfg.downloadsPath}:/downloads"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

25
nas-apps/radarr.nix → modules/apps/radarr/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: { lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.radarr;
in {
options.nas-apps.radarr = { options.nas-apps.radarr = {
enable = mkEnableOption "radarr docker service"; enable = mkEnableOption "radarr docker service";
@@ -55,24 +53,5 @@ in {
type = types.str; type = types.str;
default = "America/Chicago"; default = "America/Chicago";
}; };
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:7878" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/movies"
"${cfg.downloadsPath}:/downloads"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
}; };
} }

29
modules/apps/sabnzbd/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.sabnzbd;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:8080" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/movies"
"${cfg.tvPath}:/tv"
"${cfg.downloadsPath}:/downloads"
"${cfg.downloadsIncompletePath}:/downloads-incomplete"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

26
nas-apps/sabnzbd.nix → modules/apps/sabnzbd/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: { lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.sabnzbd;
in {
options.nas-apps.sabnzbd = { options.nas-apps.sabnzbd = {
enable = mkEnableOption "sabnzbd docker service"; enable = mkEnableOption "sabnzbd docker service";
@@ -67,24 +65,4 @@ in {
}; };
}; };
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:8080" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/movies"
"${cfg.tvPath}:/tv"
"${cfg.downloadsPath}:/downloads"
"${cfg.downloadsIncompletePath}:/downloads-incomplete"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
} }

27
modules/apps/sonarr/default.nix Normal file
View File

@@ -0,0 +1,27 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.sonarr;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:8989" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.tvPath}:/tv"
"${cfg.downloadsPath}:/downloads"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}

25
nas-apps/sonarr.nix → modules/apps/sonarr/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: {lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.sonarr;
in {
options.nas-apps.sonarr = { options.nas-apps.sonarr = {
enable = mkEnableOption "sonarr docker service"; enable = mkEnableOption "sonarr docker service";
@@ -55,24 +53,5 @@ in {
type = types.str; type = types.str;
default = "America/Chicago"; default = "America/Chicago";
}; };
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:8989" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.tvPath}:/tv"
"${cfg.downloadsPath}:/downloads"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
}; };
} }

35
modules/apps/swag/default.nix Normal file
View File

@@ -0,0 +1,35 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-apps.swag;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
networking.firewall = {
allowedTCPPorts = [ cfg.httpPort cfg.httpsPort ];
allowedUDPPorts = [ cfg.httpPort cfg.httpsPort ];
};
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${toString cfg.httpPort}:80" "${toString cfg.httpsPort}:443" ];
volumes = [
"${cfg.configPath}:/config"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
EMAIL = cfg.email;
URL = cfg.url;
VALIDATION = cfg.validation;
SUBDOMAINS = cfg.subdomains;
};
};
};
}

33
nas-apps/swag.nix → modules/apps/swag/options.nix
View File

@@ -1,8 +1,6 @@
{ lib, pkgs, config, ... }: {lib, ... }:
with lib; with lib;
let {
cfg = config.nas-apps.swag;
in {
options.nas-apps.swag = { options.nas-apps.swag = {
enable = mkEnableOption "swag docker service"; enable = mkEnableOption "swag docker service";
@@ -70,32 +68,5 @@ in {
type = types.str; type = types.str;
default = "jellyfin,hass,cloud,office,jellyseerr"; default = "jellyfin,hass,cloud,office,jellyseerr";
}; };
};
config = mkIf cfg.enable {
networking.firewall = {
allowedTCPPorts = [ cfg.httpPort cfg.httpsPort ];
allowedUDPPorts = [ cfg.httpPort cfg.httpsPort ];
};
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${toString cfg.httpPort}:80" "${toString cfg.httpsPort}:443" ];
volumes = [
"${cfg.configPath}:/config"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
EMAIL = cfg.email;
URL = cfg.url;
VALIDATION = cfg.validation;
SUBDOMAINS = cfg.subdomains;
};
};
}; };
} }

16
modules/default.nix Normal file
View File

@@ -0,0 +1,16 @@
{ ... }:
{
imports = [
./samba
./apps/collabora
./apps/dashy
./apps/jellyfin
./apps/jellyseerr
./apps/mariadb
./apps/nextcloud
./apps/radarr
./apps/sabnzbd
./apps/sonarr
./apps/swag
];
}

67
modules/samba/default.nix Normal file
View File

@@ -0,0 +1,67 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.nas-samba;
in {
imports = [
./options.nix
];
config = mkIf cfg.enable {
# make shares visible for Windows clients
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.netatalk = {
enable = cfg.enableTimeMachine;
settings = {
time-machine = {
path = cfg.timeMachinePath;
"valid users" = "whoever";
"time machine" = cfg.enableTimeMachine;
};
};
};
services.samba = {
enable = true;
securityType = "user";
openFirewall = true;
extraConfig = ''
workgroup = WORKGROUP
server string = smbnix
netbios name = smbnix
security = user
#use sendfile = yes
#max protocol = smb2
# note: localhost is the ipv6 localhost ::1
hosts allow = ${cfg.hostsAllow} 127.0.0.1 localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
'';
shares =
let
make = name: share: nameValuePair "${name}"
{
path = share.sharePath;
public = if share.enableTimeMachine then false else share.public;
private = if !share.public || share.enableTimeMachine then "yes" else "no";
browseable = if share.browseable then "yes" else "no";
writable = "yes";
"read only" = if share.readOnly then "yes" else "no";
"guest ok" = if share.guestOk then "yes" else "no";
"create mask" = share.createMask;
"directory mask" = share.directoryMask;
"fruit:aapl" = if share.enableTimeMachine then "yes" else "no";
"fruit:time machine" = if share.enableTimeMachine then "yes" else "no";
"vfs objects" = "catia fruit streams_xattr";
"fruit:time machine max size" = share.timeMachineMaxSize;
};
in
mapAttrs' make cfg.shares;
};
};
}

70
modules/samba/options.nix Normal file
View File

@@ -0,0 +1,70 @@
{ lib, ... }:
with lib;
{
options.nas-samba = {
enable = mkEnableOption "nas samba service";
autoStart = mkOption {
type = types.bool;
default = true;
};
enableTimeMachine = mkOption {
type = types.bool;
default = false;
};
timeMachinePath = mkOption {
type = types.str;
default = "";
};
hostsAllow = mkOption {
type = types.str;
default = "";
};
shares = mkOption {
type = types.attrsOf (types.submodule
{
options = {
public = mkOption {
type = types.bool;
default = false;
};
sharePath = mkOption {
type = types.str;
default = "";
};
readOnly = mkOption {
type = types.bool;
default = false;
};
browseable = mkOption {
type = types.bool;
default = true;
};
guestOk = mkOption {
type = types.bool;
default = true;
};
createMask = mkOption {
type = types.str;
default = "0644";
};
directoryMask = mkOption {
type = types.str;
default = "0755";
};
enableTimeMachine = mkOption {
type = types.bool;
default = false;
};
timeMachineMaxSize = mkOption {
type = types.str;
default = "0K";
};
};
}
);
default = { };
};
};
}

16
nas-apps/nas-apps.nix
View File

@@ -1,16 +0,0 @@
{ ... }:
{
imports =
[
./swag.nix
./jellyfin.nix
./sonarr.nix
./radarr.nix
./sabnzbd.nix
./mariadb.nix
./nextcloud.nix
./collabora.nix
./jellyseerr.nix
# ./dashy.nix
];
}

20
nas-apps/vscode.nix
View File

@@ -1,20 +0,0 @@
{ config, pkgs, ... }:
{
environment.systemPackages = with pkgs; [
(vscode-with-extensions.override {
vscodeExtensions = with vscode-extensions; [
bbenoist.nix
ms-python.python
ms-azuretools.vscode-docker
ms-vscode-remote.remote-ssh
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
{
name = "remote-ssh-edit";
publisher = "ms-vscode-remote";
version = "0.47.2";
sha256 = "1hp6gjh4xp2m1xlm1jsdzxw9d8frkiidhph6nvl24d0h8z34w49g";
}
];
})
];
}

83
nas-samba/samba.nix
View File

@@ -1,83 +0,0 @@
{ config, ... }:
{
# make shares visible for Windows clients
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.samba = {
enable = true;
securityType = "user";
openFirewall = true;
extraConfig = ''
workgroup = WORKGROUP
server string = smbnix
netbios name = smbnix
security = user
#use sendfile = yes
#max protocol = smb2
# note: localhost is the ipv6 localhost ::1
hosts allow = 10.0.1. 127.0.0.1 localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
'';
shares = {
"3d_printer" = {
path = "/mnt/mainpool/3d_printer";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
Backup = {
path = "/mnt/mainpool/Backup";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
Documents = {
path = "/mnt/mainpool/Documents";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
isos = {
path = "/mnt/mainpool/isos";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"create mask" = "0644";
"directory mask" = "0755";
};
TimeMachine = {
path = "/mnt/mainpool/TimeMachine";
public = "no";
private = "yes";
browseable = "yes";
writable = "yes";
"fruit:aapl" = "yes";
"fruit:time machine" = "yes";
"vfs objects" = "catia fruit streams_xattr";
"fruit:time machine max size" = "1T";
};
};
};
services.netatalk = {
enable = true;
settings = {
time-machine = {
path = "/mnt/mainpool/TimeMachine";
"valid users" = "whoever";
"time machine" = true;
};
};
};
}