mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

teml

Browse Source
This commit is contained in:
mjallen18
2025-12-15 19:51:42 -06:00
parent 367c3a16c5
commit e74ea5f13b
3 changed files with 157 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
modules/nixos/services/collabora/default.nix
View File

@@ -5,27 +5,15 @@
... ...
}: }:
let let
inherit (lib.${namespace}) mkOpt mkReverseProxyOpt; name = "collabora";
cfg = config.${namespace}.services.collabora; cfg = config.${namespace}.services.${name};
jwtSecretFile = config.sops.secrets."jallen-nas/onlyoffice-key".path; jwtSecretFile = config.sops.secrets."jallen-nas/onlyoffice-key".path;
in
{
options.${namespace}.services.collabora = with lib; {
enable = lib.mkEnableOption "";
port = mkOpt types.int 9980 "Port for opencloud to be hosted on"; collaboraConfig = lib.${namespace}.mkModule {
inherit config name;
configPath = mkOpt types.str "/media/nas/main/nix-app-data/collabora" "Path to the data dir"; description = "collabora code server";
options = { };
puid = mkOpt types.str "911" "puid"; moduleConfig = {
pgid = mkOpt types.str "1000" "pgid";
timeZone = mkOpt types.str "America/Chicago" "container tz";
};
config = lib.mkIf cfg.enable {
services.collabora-online = { services.collabora-online = {
enable = true; enable = true;
port = cfg.port; port = cfg.port;
@@ -38,7 +26,7 @@ in
# Listen on loopback interface only, and accept requests from ::1 # Listen on loopback interface only, and accept requests from ::1
net = { net = {
listen = "0.0.0.0"; listen = cfg.listenAddress;
post_allow.host = [ post_allow.host = [
"cloud.mjallen.dev" "cloud.mjallen.dev"
"office.mjallen.dev" "office.mjallen.dev"
@@ -59,4 +47,8 @@ in
}; };
}; };
}; };
};
in
{
imports = [ collaboraConfig ];
} }

23
modules/nixos/services/crowdsec/default.nix
View File

@@ -5,16 +5,21 @@
... ...
}: }:
let let
cfg = config.${namespace}.services.crowdsec; inherit (lib.${namespace}) mkOpt;
in name = "crowdsec";
{ cfg = config.${namespace}.services.${name};
imports = [ ./options.nix ];
config = lib.mkIf cfg.enable {
crowdsecConfig = lib.${namespace}.mkModule {
inherit config name;
description = "crowdsec";
options = with lib; {
apiKey = mkOpt types.str "" "API key for crowdsec bouncer";
};
moduleConfig = {
services = { services = {
crowdsec = { crowdsec = {
enable = true; enable = true;
openFirewall = true; openFirewall = cfg.openFirewall;
hub = { hub = {
appSecConfigs = [ appSecConfigs = [
"crowdsecurity/appsec-default" "crowdsecurity/appsec-default"
@@ -105,7 +110,7 @@ in
general.api = { general.api = {
server = { server = {
enable = true; enable = true;
listen_uri = "${cfg.apiAddress}:${toString cfg.port}"; listen_uri = "${cfg.listenAddress}:${toString cfg.port}";
}; };
client = { client = {
credentials_path = lib.mkForce "/media/nas/main/nix-app-data/crowdsec/client.yaml"; credentials_path = lib.mkForce "/media/nas/main/nix-app-data/crowdsec/client.yaml";
@@ -116,4 +121,8 @@ in
}; };
}; };
}; };
};
in
{
imports = [ crowdsecConfig ];
} }

6
overlays/redis/default.nix
View File

@@ -3,4 +3,10 @@ final: _prev: {
redis = final.valkey; redis = final.valkey;
uv = final.stable.uv; uv = final.stable.uv;
onnxruntime = final.stable.onnxruntime; onnxruntime = final.stable.onnxruntime;
firefox = final.stable.firefox;
orca-slicer = final.stable.orca-slicer;
kde-connect = final.stable.kde-connect;
kdeconnect-kde = final.stable.kdeconnect-kde;
webkit-gtk = final.stable.webkit-gtk;
qtwebengine = final.stable.qtwebengine;
} }