Several changes
This commit is contained in:
parent
1dcc822bfd
commit
26218809a5
|
@ -2,8 +2,8 @@
|
||||||
let
|
let
|
||||||
inherit (pkgs) lib;
|
inherit (pkgs) lib;
|
||||||
# inherit (specialArgs) machineVars;
|
# inherit (specialArgs) machineVars;
|
||||||
inherit (config) machineVars;
|
# inherit (config) machineVars;
|
||||||
has_graphics = !config.machineVars.headless;
|
# has_graphics = !config.machineVars.headless;
|
||||||
in {
|
in {
|
||||||
time.timeZone = "Europe/Oslo";
|
time.timeZone = "Europe/Oslo";
|
||||||
|
|
||||||
|
@ -63,7 +63,7 @@ in {
|
||||||
|
|
||||||
systemPackages = with pkgs; ([
|
systemPackages = with pkgs; ([
|
||||||
wget
|
wget
|
||||||
] ++ (lib.optionals (!machineVars.headless) [
|
] ++ (lib.optionals (!config.machineVars.headless) [
|
||||||
haskellPackages.xmobar
|
haskellPackages.xmobar
|
||||||
]));
|
]));
|
||||||
|
|
||||||
|
@ -199,7 +199,7 @@ in {
|
||||||
# makes it so that other software can not be activated at the same time
|
# makes it so that other software can not be activated at the same time
|
||||||
# and that those asserts triggers some kind of evaluation chain that
|
# and that those asserts triggers some kind of evaluation chain that
|
||||||
# recurses infinitely.
|
# recurses infinitely.
|
||||||
# enable = !config.machineVars.headless;
|
# enable = true;
|
||||||
layout = "us";
|
layout = "us";
|
||||||
xkbOptions = "caps:escape";
|
xkbOptions = "caps:escape";
|
||||||
|
|
||||||
|
@ -220,7 +220,7 @@ in {
|
||||||
|
|
||||||
# displayManager.startx.enable = true;
|
# displayManager.startx.enable = true;
|
||||||
# displayManager.gdm.enable = true;
|
# displayManager.gdm.enable = true;
|
||||||
# displayManager.lightdm.enable = !config.machineVars.headless;
|
# displayManager.lightdm.enable = true;
|
||||||
displayManager.defaultSession = "none+xmonad";
|
displayManager.defaultSession = "none+xmonad";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -8,6 +8,25 @@
|
||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
services.xserver.displayManager.lightdm.enable = true;
|
services.xserver.displayManager.lightdm.enable = true;
|
||||||
|
|
||||||
|
machineVars = {
|
||||||
|
headless = false;
|
||||||
|
gaming = true;
|
||||||
|
development = true;
|
||||||
|
creative = true;
|
||||||
|
|
||||||
|
dataDrives = let
|
||||||
|
main = "/data";
|
||||||
|
in {
|
||||||
|
drives = { inherit main; };
|
||||||
|
default = main;
|
||||||
|
};
|
||||||
|
|
||||||
|
screens = {
|
||||||
|
"DP-1" = {};
|
||||||
|
"HDMI-1" = {};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
systemd.targets = {
|
systemd.targets = {
|
||||||
sleep.enable = false;
|
sleep.enable = false;
|
||||||
suspend.enable = false;
|
suspend.enable = false;
|
||||||
|
|
|
@ -1,27 +1,27 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
||||||
# ./services/calibre.nix
|
# ./services/calibre.nix
|
||||||
# ./services/dokuwiki.nix
|
# ./services/dokuwiki.nix
|
||||||
./services/gitea
|
./services/gitea
|
||||||
# ./services/gitlab
|
# ./services/gitlab
|
||||||
./services/grafana.nix
|
./services/grafana.nix
|
||||||
./services/hydra.nix
|
./services/hydra.nix
|
||||||
./services/jitsi.nix
|
./services/jitsi.nix
|
||||||
# ./services/keycloak.nix
|
# ./services/keycloak.nix
|
||||||
# ./services/libvirt.nix
|
# ./services/libvirt.nix
|
||||||
./services/matrix.nix
|
./services/matrix
|
||||||
./services/nginx.nix
|
./services/nginx.nix
|
||||||
# ./services/openldap.nix
|
# ./services/openldap.nix
|
||||||
./services/openvpn.nix
|
# ./services/openvpn.nix
|
||||||
./services/plex.nix
|
./services/plex.nix
|
||||||
# ./services/samba.nix
|
./services/postgres.nix
|
||||||
./services/searx.nix
|
./services/samba.nix
|
||||||
# ./services/syncthing.nix
|
./services/searx.nix
|
||||||
|
# ./services/syncthing.nix
|
||||||
./services/vscode-server.nix
|
./services/vscode-server.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# TODO: See ../common.nix
|
# TODO: See ../common.nix
|
||||||
services.xserver.enable = false;
|
services.xserver.enable = false;
|
||||||
|
@ -29,6 +29,15 @@
|
||||||
|
|
||||||
machineVars = {
|
machineVars = {
|
||||||
headless = true;
|
headless = true;
|
||||||
|
dataDrives = let
|
||||||
|
momiji = "/data2";
|
||||||
|
in {
|
||||||
|
drives = {
|
||||||
|
cirno = "/data";
|
||||||
|
inherit momiji;
|
||||||
|
};
|
||||||
|
default = momiji;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.targets = {
|
systemd.targets = {
|
||||||
|
@ -74,6 +83,7 @@
|
||||||
users.groups.media = {};
|
users.groups.media = {};
|
||||||
|
|
||||||
users.users = {
|
users.users = {
|
||||||
|
h7x4.extraGroups = [ "media" ];
|
||||||
media = {
|
media = {
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
group = "media";
|
group = "media";
|
||||||
|
|
|
@ -1,9 +1,12 @@
|
||||||
{ secrets, ... }:
|
{ secrets, ... }:
|
||||||
{
|
{
|
||||||
|
# Follow instructions for setup:
|
||||||
|
# https://gist.github.com/joepie91/c26f01a787af87a96f967219234a8723
|
||||||
services.hydra = {
|
services.hydra = {
|
||||||
enable = true;
|
enable = true;
|
||||||
hydraURL = "http://hydra.nani.wtf";
|
hydraURL = "http://hydra.nani.wtf";
|
||||||
notificationSender = "hydra@nani.wtf";
|
notificationSender = "hydra@nani.wtf";
|
||||||
|
useSubstitutes = true;
|
||||||
port = secrets.ports.hydra;
|
port = secrets.ports.hydra;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -111,10 +111,10 @@
|
||||||
(makeClientCertProxy ["log"] "http://localhost:${s ports.grafana}" {
|
(makeClientCertProxy ["log"] "http://localhost:${s ports.grafana}" {
|
||||||
locations."/".proxyWebsockets = true;
|
locations."/".proxyWebsockets = true;
|
||||||
})
|
})
|
||||||
(makeClientCertProxy ["pg"] "http://localhost:${s ports.postgres}" {})
|
(makeClientCertProxy ["pg"] "http://localhost:${s ports.pgadmin}" {})
|
||||||
# (makeProxy ["wiki"] "" {})
|
# (makeProxy ["wiki"] "" {})
|
||||||
# (makeHost ["vpn"] "" {})
|
# (makeHost ["vpn"] "" {})
|
||||||
(makeClientCertProxy ["hydra"] "http://localhost:${s ports.hydra}" {})
|
(makeACMEProxy ["hydra"] "http://localhost:${s ports.hydra}" {})
|
||||||
(makeClientCertProxy ["air"] "https://${ips.kansei}:${s ports.kansei}" {})
|
(makeClientCertProxy ["air"] "https://${ips.kansei}:${s ports.kansei}" {})
|
||||||
|
|
||||||
# (makePassProxy ["sync" "drive"] "" {})
|
# (makePassProxy ["sync" "drive"] "" {})
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
{
|
{
|
||||||
services.openldap = {
|
services.openldap = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# dataDir = "/data/var/openldap";
|
# dataDir = "${config.machineVars.dataDrives.default}/var/openldap";
|
||||||
urlList = [ "ldap:///" "ldapi:///" ]; # Add ldaps to this list to listen with SSL (requires configured certificates)
|
urlList = [ "ldap:///" "ldapi:///" ]; # Add ldaps to this list to listen with SSL (requires configured certificates)
|
||||||
# suffix = "dc=nixos,dc=org";
|
# suffix = "dc=nixos,dc=org";
|
||||||
# rootdn = "cn=admin,dc=nixos,dc=org";
|
# rootdn = "cn=admin,dc=nixos,dc=org";
|
||||||
|
|
|
@ -1,21 +1,10 @@
|
||||||
{ secrets, ... }:
|
{ config, secrets, ... }:
|
||||||
{
|
{
|
||||||
services.plex = {
|
services.plex = {
|
||||||
enable = true;
|
enable = true;
|
||||||
openFirewall = true;
|
openFirewall = true;
|
||||||
dataDir = "/data/var/plex";
|
dataDir = "${config.machineVars.dataDrives.default}/var/plex";
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO: make default directories.
|
# networking.firewall.allowedTCPPorts = [ secrets.ports.plex ];
|
||||||
services.samba.shares.plex = {
|
|
||||||
path = "/data/media";
|
|
||||||
browseable = "yes";
|
|
||||||
"read only" = "no";
|
|
||||||
"guest ok" = "no";
|
|
||||||
"create mode" = 0664;
|
|
||||||
"directory mode" = 2775;
|
|
||||||
comment = "Movies, Series and other stuff for Plex";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ secrets.ports.plex ];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -2,16 +2,26 @@
|
||||||
|
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# port = secrets.ports.postgres
|
enableTCPIP = true;
|
||||||
# dataDir =
|
authentication = pkgs.lib.mkOverride 10 ''
|
||||||
|
local all all trust
|
||||||
|
local hydra all ident map=hydra-users
|
||||||
|
host all all 127.0.0.1/32 trust
|
||||||
|
host all all ::1/128 trust
|
||||||
|
'';
|
||||||
|
port = secrets.ports.postgres;
|
||||||
|
dataDir = "${config.machineVars.dataDrives.default}/db/postgres/${config.services.postgresql.package.psqlSchema}";
|
||||||
# settings = {};
|
# settings = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.pgadmin = {
|
services.pgadmin = {
|
||||||
enable = true;
|
enable = true;
|
||||||
openFirewall = true;
|
openFirewall = true;
|
||||||
# port = secrets.ports.pgadmin
|
initialEmail = "h7x4abk3g@protonmail.com";
|
||||||
# settings = {
|
initialPasswordFile = "${config.machineVars.dataDrives.default}/var/pgadmin_pass";
|
||||||
# };
|
port = secrets.ports.pgadmin;
|
||||||
|
settings = {
|
||||||
|
DATA_DIR = "${config.machineVars.dataDrives.default}/var/pgadmin";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,6 +46,31 @@ t tools preinstalled.";
|
||||||
type = types.nullOr types.str;
|
type = types.nullOr types.str;
|
||||||
default = null;
|
default = null;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
dataDrives = let
|
||||||
|
driveType =
|
||||||
|
types.addCheck types.path (path: builtins.elem path (builtins.attrNames config.fileSystems));
|
||||||
|
in {
|
||||||
|
drives = mkOption {
|
||||||
|
type = types.attrsOf driveType;
|
||||||
|
default = { };
|
||||||
|
example = {
|
||||||
|
dataDrive1 = "/data/data1";
|
||||||
|
dataDrive2 = "/another/location";
|
||||||
|
};
|
||||||
|
description = ''
|
||||||
|
Drives that should act as data drives.
|
||||||
|
These need to be registered in `fileSystems`
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
|
default = mkOption {
|
||||||
|
type = types.nullOr driveType;
|
||||||
|
description = ''
|
||||||
|
Data drive that should be used for most purposes.
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
|
|
@ -4,10 +4,11 @@ in {
|
||||||
programs.xmobar = let
|
programs.xmobar = let
|
||||||
networkCard = "wlp2s0f0u7u4";
|
networkCard = "wlp2s0f0u7u4";
|
||||||
|
|
||||||
|
# TODO: loop over dataDrives
|
||||||
disks = [
|
disks = [
|
||||||
"/"
|
"/"
|
||||||
"/data"
|
"${config.machineVars.dataDrives.default}"
|
||||||
"/data/disks/data2"
|
"${config.machineVars.dataDrives.default}/disks/data2"
|
||||||
];
|
];
|
||||||
|
|
||||||
mpd_status_script = pkgs.writeShellScript "mpd-status" ''
|
mpd_status_script = pkgs.writeShellScript "mpd-status" ''
|
||||||
|
|
Loading…
Reference in New Issue