dan/dotfiles
1
0
Fork 0
mirror of https://github.com/danbulant/dotfiles synced 2026-05-24 12:35:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

update eisen

Browse source
This commit is contained in:
Daniel Bulant 2026-03-12 18:03:20 +01:00
parent 536e23a85e
commit e7b0784b7c
No known key found for this signature in database
2 changed files with 102 additions and 88 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
flake.nix
View file

@ -51,7 +51,7 @@
nix-monitor = { nix-monitor = {
url = "github:antonjah/nix-monitor"; url = "github:antonjah/nix-monitor";
inputs.nixpkgs.follows = "nixpkgs"; # inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
@ -113,18 +113,18 @@
home-manager.backupFileExtension = "backup"; home-manager.backupFileExtension = "backup";
} }
# nix-monitor.nixosModules.default # nix-monitor.nixosModules.default
# { # {
# programs.nix-monitor = { # programs.nix-monitor = {
# enable = true; # enable = true;
# Required: customize for your setup # Required: customize for your setup
# rebuildCommand = [ # rebuildCommand = [
# "bash" "-c" # "bash" "-c"
# "cd /home/dan/projects/dotfiles; nh os switch . 2>&1" # "cd /home/dan/projects/dotfiles; nh os switch . 2>&1"
# ]; # ];
# }; # };
# } # }
./configuration.nix ./configuration.nix
# Import sysbox module # Import sysbox module
./modules/sysbox.nix ./modules/sysbox.nix

148
servers/eisen/configuration.nix
View file

@ -1,16 +1,23 @@
{
{ config, nix-index-database, pkgs, lib, name ? "eisen", copyparty, ... }: config,
nix-index-database,
pkgs,
lib,
name ? "eisen",
copyparty,
...
}:
let let
# these are used both in service configuration but also to # these are used both in service configuration but also to
# create mappings {name}.eisen.danbulant.cloud to port in caddy # create mappings {name}.eisen.danbulant.cloud to port in caddy
ports = { ports = {
"status" = 3001; "status" = 3001;
"glance" = 5678; "glance" = 5678;
"copyparty" = 3210; # "copyparty" = 3210;
"syncthing" = 8384; # "syncthing" = 8384;
"gitea" = 3000; # "gitea" = 3000;
"immich" = 2283; # "immich" = 2283;
"grafana" = 3002; # "grafana" = 3002;
"ntfy" = 3003; "ntfy" = 3003;
"suwayomi" = 3004; "suwayomi" = 3004;
}; };
@ -20,13 +27,13 @@ in
buildOnTarget = true; buildOnTarget = true;
}; };
nixpkgs.overlays = [ copyparty.overlays.default ]; # nixpkgs.overlays = [ copyparty.overlays.default ];
programs.nix-index-database.comma.enable = true; programs.nix-index-database.comma.enable = true;
imports = [ imports = [
nix-index-database.nixosModules.nix-index nix-index-database.nixosModules.nix-index
copyparty.nixosModules.default # copyparty.nixosModules.default
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -37,7 +44,7 @@ in
networking = { networking = {
hostName = name; hostName = name;
nameservers = ["1.1.1.1"]; nameservers = [ "1.1.1.1" ];
networkmanager.enable = true; networkmanager.enable = true;
}; };
@ -64,45 +71,45 @@ in
avahi.enable = true; avahi.enable = true;
lldpd.enable = true; lldpd.enable = true;
syncthing = { # syncthing = {
enable = true; # enable = true;
openDefaultPorts = true; # openDefaultPorts = true;
settings = { # settings = {
gui = { # gui = {
insecureSkipHostCheck = true; # insecureSkipHostCheck = true;
}; # };
}; # };
}; # };
copyparty = { # copyparty = {
enable = true; # enable = true;
settings = { # settings = {
p = ports.copyparty; # p = ports.copyparty;
idp-hm-usr = "^X-Webauth-Login^danbulant@github^dan"; # idp-hm-usr = "^X-Webauth-Login^danbulant@github^dan";
rproxy = 1; # rproxy = 1;
xff-hdr = "X-Forwarded-For"; # xff-hdr = "X-Forwarded-For";
ipu = [ "100.103.148.81/32=dan" /*"100.79.186.114/32=dan" "100.76.144.133/32=dan" "100.114.62.113/32=dan" */ ]; # ipu = [ "100.103.148.81/32=dan" /*"100.79.186.114/32=dan" "100.76.144.133/32=dan" "100.114.62.113/32=dan" */ ];
}; # };
accounts = { # accounts = {
dan = { # dan = {
passwordFile = "/dev/null"; # passwordFile = "/dev/null";
}; # };
}; # };
volumes = { # volumes = {
"/" = { # "/" = {
path = "/media/large"; # path = "/media/large";
access = { # access = {
rwa = [ "dan" ]; # rwa = [ "dan" ];
r = [ "*" ]; # r = [ "*" ];
}; # };
}; # };
}; # };
openFilesLimit = 8192; # openFilesLimit = 8192;
}; # };
dnsmasq = { dnsmasq = {
enable = true; enable = true;
@ -115,23 +122,11 @@ in
}; };
}; };
grafana = { # grafana = {
enable = true; # enable = true;
settings.server.http_port = ports.grafana; # settings.server.http_port = ports.grafana;
}; # };
prometheus.enable = true; # prometheus.enable = true;
gitea = {
enable = true;
lfs = {
enable = true;
contentDir = "/media/large/gitea-lfs";
};
appName = "Eisen git";
settings.server.DOMAIN = "gitea.eisen";
settings.server.HTTP_PORT = ports.gitea;
settings.server.ROOT_URL = "http://gitea.eisen/";
};
suwayomi-server = { suwayomi-server = {
enable = true; enable = true;
@ -207,13 +202,14 @@ in
}) (builtins.attrNames ports) }) (builtins.attrNames ports)
); );
}; };
tailscale.permitCertUid = "caddy";
tailscaleAuth = { tailscaleAuth = {
# this is what's used above in forward_auth # this is what's used above in forward_auth
enable = true; enable = true;
group = "caddy"; group = "caddy";
}; };
}; };
systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; # systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
virtualisation.docker = { virtualisation.docker = {
enable = true; enable = true;
@ -250,13 +246,29 @@ in
users.users.dan = { users.users.dan = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" "docker" "fuse" "video" "wireshark" "gamemode" "scanner" "lp" "kvm" "adbusers"]; extraGroups = [
"networkmanager"
"wheel"
"docker"
"fuse"
"video"
"wireshark"
"gamemode"
"scanner"
"lp"
"kvm"
"adbusers"
];
shell = pkgs.nushell; shell = pkgs.nushell;
packages = with pkgs; [ packages = with pkgs; [
]; ];
}; };
nix.settings.trusted-users = [ "root" "@wheel" "dan" ]; nix.settings.trusted-users = [
"root"
"@wheel"
"dan"
];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git git
@ -299,9 +311,11 @@ in
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "25.05"; # Did you read the comment? system.stateVersion = "25.05"; # Did you read the comment?
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [
"nix-command"
"flakes"
];
# /etc/hosts :) # /etc/hosts :)
networking.extraHosts = '' networking.extraHosts = "";
'';
} }