mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
d32826dc36b9eee06ac23ea5a6497fe7c1f89550
nix-config/systems/x86_64-linux/jallen-nas/services.nix
mjallen18 d32826dc36 ccache?
2025-12-04 20:09:27 -06:00

81 lines
2.1 KiB
Nix
Executable File
Raw Blame History

{ config, pkgs, ... }:
{
# Services configs
services = {
tailscale = {
enable = true;
openFirewall = true;
useRoutingFeatures = "client";
extraUpFlags = [
"--advertise-exit-node"
"--accept-dns=false"
"--advertise-routes=10.0.1.0/24"
"--hostname=jallen-nas"
];
extraSetFlags = [
"--advertise-exit-node"
"--hostname=jallen-nas"
"--webclient"
];
# authKeyFile = "/media/nas/main/nix-app-data/tailscale/auth";
};
postgresql = {
enable = true;
package = pkgs.postgresql_16;
enableTCPIP = true;
dataDir = "/media/nas/main/nix-app-data/postgresql";
ensureDatabases = [
"authentik"
"homeassistant"
"nextcloud"
"synapse"
];
ensureUsers = [
{
name = "authentik";
ensureDBOwnership = true;
}
{
name = "homeassistant";
ensureDBOwnership = true;
}
{
name = "nextcloud";
ensureDBOwnership = true;
}
{
name = "synapse";
ensureDBOwnership = true;
}
];
# Allow access via pg_hba.conf rules:
authentication = pkgs.lib.mkOverride 50 ''
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host homeassistant homeassistant 10.0.1.0/24 trust
local nextcloud nextcloud trust
host nextcloud nextcloud 10.0.1.0/24 trust
host nextcloud nextcloud ::1/128 trust
local synapse synapse trust
host synapse synapse ::1/128 trust
'';
};
redis = {
servers = {
authentik = {
enable = true;
port = 6379;
};
manyfold = {
enable = true;
port = 6380;
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink