Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-25 21:30:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Refactored modules

Browse source
This commit is contained in:
Julien Malka 2021-12-04 13:13:13 +01:00
parent 56c0af44ca
commit f4f5d6e869
16 changed files with 368 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
config/hosts/lisa.nix
View file

@ -36,7 +36,7 @@
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
luj.mediaserver.enable = true;
networking.hostName = "lisa"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.

3
configuration.nix
View file

@ -28,7 +28,8 @@
home = "/home/julien";
shell = pkgs.fish;
};
boot.kernelPackages = pkgs.linuxPackages_latest;
services.openssh.enable = true;

65
flake.lock generated
View file

@ -38,11 +38,11 @@
]
},
"locked": {
"lastModified": 1638415301,
"narHash": "sha256-iqszstbHaO5PYeBXQf1ukgYj/aq9wznBbZMrtYMZzgI=",
"lastModified": 1638571010,
"narHash": "sha256-KSO7u13VRLdklQTKYJaBSfVcurEvw+HifAsHR7V2i5E=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "de54d513c74bf8f4f3a58954b80b5f690639fe72",
"rev": "781d25b315def05cd7ede3765226c54216f0b1fe",
"type": "github"
},
"original": {
@ -54,17 +54,15 @@
"neovim-flake": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
"nixpkgs": "nixpkgs"
},
"locked": {
"dir": "contrib",
"lastModified": 1638385790,
"narHash": "sha256-791hsmqwDM5iwWQr4JMtS8D10MAp9bbJ23Sgi0GGkmo=",
"lastModified": 1638557490,
"narHash": "sha256-YzlOQYluPPEnmITALq1rHEI8/LBG7zTnwve6cY7kE88=",
"owner": "neovim",
"repo": "neovim",
"rev": "73b35ef10f95536874bfa147c44f62c4fea08f0f",
"rev": "419e0d117d61f6d22f696a8833541dd1691c92fb",
"type": "github"
},
"original": {
@ -78,14 +76,14 @@
"inputs": {
"flake-compat": "flake-compat",
"neovim-flake": "neovim-flake",
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1638432836,
"narHash": "sha256-zWRWheybaMS7/4+1ZZMnjAMW7N6oPUsgG7yFRG65hgA=",
"lastModified": 1638605624,
"narHash": "sha256-T+f6t0fM3GBVih380zBb3tJZSFqZowm6j17p39tQc+k=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "717e854564cb1232d0024b50f4879da0490fcebe",
"rev": "af8e41f174e2e42a642b2d0e10c56b6a87f979bc",
"type": "github"
},
"original": {
@ -94,6 +92,22 @@
"type": "github"
}
},
"nixos": {
"locked": {
"lastModified": 1638371214,
"narHash": "sha256-0kE6KhgH7n0vyuX4aUoGsGIQOqjIx2fJavpCWtn73rc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a640d8394f34714578f3e6335fc767d0755d78f9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-21.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1638376152,
@ -111,6 +125,22 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1638376152,
"narHash": "sha256-ucgLpVqhFnClH7YRUHBHnmiOd82RZdFR3XJt36ks5fE=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "6daa4a5c045d40e6eae60a3b6e427e8700f1c07f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1638371214,
"narHash": "sha256-0kE6KhgH7n0vyuX4aUoGsGIQOqjIx2fJavpCWtn73rc=",
@ -128,11 +158,11 @@
},
"nur": {
"locked": {
"lastModified": 1638435562,
"narHash": "sha256-l7+pHUJ3C2WVEWRDANHuIJ9R4AhxZoAgDC0HbkrjlWI=",
"lastModified": 1638605839,
"narHash": "sha256-f/REgJDMli9MLdvUSU4doYPnKyC8LrAPcj35fwdM5s8=",
"owner": "nix-community",
"repo": "NUR",
"rev": "68bbcc08934f7185fb39d8abaf9b4dbcadf045bf",
"rev": "3d7aba159607fb9de8f148e86afbaf585bcfa07e",
"type": "github"
},
"original": {
@ -144,7 +174,8 @@
"inputs": {
"home-manager": "home-manager",
"neovim-nightly-overlay": "neovim-nightly-overlay",
"nixpkgs": "nixpkgs_2",
"nixos": "nixos",
"nixpkgs": "nixpkgs_3",
"nur": "nur"
}
}

16
flake.nix
View file

@ -2,6 +2,7 @@
description = "A flake for my personnal configurations";
inputs = {
nixpkgs.url = github:NixOS/nixpkgs/nixos-21.11;
nixos.url = "github:NixOS/nixpkgs/nixos-21.11";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@ -13,15 +14,20 @@
};
outputs = {home-manager, nixpkgs, neovim-nightly-overlay, nur, ... }@inputs :
outputs = { self, nixos, home-manager, nixpkgs, neovim-nightly-overlay, nur, ... }@inputs :
{
nixosModules = builtins.listToAttrs (map (x: {
name = x;
value = import (./modules + "/${x}");
}) (builtins.attrNames (builtins.readDir ./modules)));
nixosConfigurations = {
lisa = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ ./configuration.nix ./config/hosts/lisa.nix ./config/web-services/lisa-services.nix
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
modules = builtins.attrValues self.nixosModules ++ [./configuration.nix ./config/hosts/lisa.nix
home-manager.nixosModules.home-manager {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.julien = import ./config/home/home-lisa.nix;
nixpkgs.overlays = [

0
machines/enigma.nix Normal file
View file

0
machines/lisa.nix Normal file
View file

0
machines/macintosh.nix Normal file
View file

0
machines/newton.nix Normal file
View file

39
modules/jackett/default.nix Normal file
View file

@ -0,0 +1,39 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.jackett;
port = 9117;
in {
options.luj.jackett = {
enable = mkEnableOption "activate jackett service";
nginx.enable = mkEnableOption "activate nginx";
nginx.subdomain = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable (
mkMerge [{
services.jackett = {
enable = true;
};
networking.firewall = { allowedTCPPorts = [ port ]; };
}
(mkIf cfg.nginx.enable {
services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
})
]);
}

41
modules/jellyfin/default.nix Normal file
View file

@ -0,0 +1,41 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.jellyfin;
port = 8096;
in {
options.luj.jellyfin = {
enable = mkEnableOption "activate jellyfin service";
nginx.enable = mkEnableOption "activate nginx";
nginx.subdomain = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable (
mkMerge [{
services.jellyfin = {
enable = true;
group = "tv";
package = pkgs.jellyfin;
};
networking.firewall = { allowedTCPPorts = [ port ]; };
}
(mkIf cfg.nginx.enable {
services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
})
]);
}

46
modules/mediaserver/default.nix Normal file
View file

@ -0,0 +1,46 @@
{ lib, pkgs, config, ... }:
with lib;
let cfg = config.luj.mediaserver;
in {
options.luj.mediaserver = {
enable = mkEnableOption "enable the mediaserver";
};
config = mkIf cfg.enable {
luj.nginx.enable = true;
luj.nginx.email = "julien.malka@me.com";
luj.sonarr = {
enable = true;
nginx.enable = true;
nginx.subdomain = "series";
};
luj.radarr = {
enable = true;
nginx.enable = true;
nginx.subdomain = "films";
};
luj.jellyfin = {
enable = true;
nginx.enable = true;
nginx.subdomain = "tv";
};
luj.jackett = {
enable = true;
nginx.enable = true;
nginx.subdomain = "jackett";
};
luj.transmission = {
enable = true;
nginx.enable = true;
nginx.subdomain = "downloads";
};
};
}

30
modules/nginx/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, pkgs, config, ... }:
with lib;
let cfg = config.luj.nginx;
in {
options.luj.nginx = {
enable = mkEnableOption "activate nginx service";
email = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable {
security.acme.email = "${cfg.email}";
security.acme.acceptTerms = true;
services.nginx = {
enable = true;
recommendedOptimisation = true;
recommendedTlsSettings = true;
clientMaxBodySize = "128m";
commonHttpConfig = ''
server_names_hash_bucket_size 128;
'';
};
};
}

43
modules/radarr/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.radarr;
port = 7878;
in {
options.luj.radarr = {
enable = mkEnableOption "activate radarr service";
nginx.enable = mkEnableOption "activate nginx";
nginx.subdomain = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable (
mkMerge [{
services.radarr = {
enable = true;
#user = "transmission";
#group = "transmission";
#dataDir = "/var/lib/sonarr/.config/NzbDrone";
group = "tv";
};
networking.firewall = { allowedTCPPorts = [ port ]; };
}
(mkIf cfg.nginx.enable {
services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
})
]);
}

43
modules/sonarr/default.nix Normal file
View file

@ -0,0 +1,43 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.sonarr;
port = 8989;
in {
options.luj.sonarr = {
enable = mkEnableOption "activate sonarr service";
nginx.enable = mkEnableOption "activate nginx";
nginx.subdomain = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable (
mkMerge [{
services.sonarr = {
enable = true;
#user = "transmission";
#group = "transmission";
#dataDir = "/var/lib/sonarr/.config/NzbDrone";
group = "tv";
};
networking.firewall = { allowedTCPPorts = [ port ]; };
}
(mkIf cfg.nginx.enable {
services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
})
]);
}

48
modules/transmission/default.nix Normal file
View file

@ -0,0 +1,48 @@
{ lib, pkgs, config, ... }:
with lib;
let
cfg = config.luj.transmission;
port = 9091;
in {
options.luj.transmission = {
enable = mkEnableOption "activate transmission service";
nginx.enable = mkEnableOption "activate nginx";
nginx.subdomain = mkOption {
type = types.str;
};
};
config = mkIf cfg.enable (
mkMerge [{
services.transmission = {
enable = true;
group = "tv";
downloadDirPermissions = "774";
settings = {
rpc-port = 9091;
download-dir = "/home/transmission/Downloads/";
incomplete-dir = "/home/transmission/Incomplete/";
incomplete-dir-enable = true;
};
};
networking.firewall = { allowedTCPPorts = [ port ]; };
}
(mkIf cfg.nginx.enable {
services.nginx.virtualHosts."${cfg.nginx.subdomain}.julienmalka.me" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
})
]);
}

16
users/julien.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, pkgs, lib, ... }: {
users.users.julien = {
isNormalUser = true;
home = "/home/julien";
shell = pkgs.fish;
openssh.authorizedKeys.keyFiles = [
(pkgs.fetchurl {
url = "https://github.com/JulienMalka.keys";
sha256 = "sha256:0lhvhdrzp2vphqhkcgl34xzn0sill6w7mgq8xh1akm1z1rsvd9v4";
})
];
};
nix.allowedUsers = [ "julien" ];
}