Merge pull request 'snowflake: 11.0t.23 -> 11.12.23' (#19) from snowflake into master
All checks were successful
flake check / check (push) Successful in 3m48s
deploy systems / deploy (push) Successful in 13m17s
fmt check / check (push) Successful in 42s
All checks were successful
flake check / check (push) Successful in 3m48s
deploy systems / deploy (push) Successful in 13m17s
fmt check / check (push) Successful in 42s
Reviewed-on: #19
This commit is contained in:
commit
be2e463958
14 changed files with 91 additions and 70 deletions
|
@ -56,4 +56,4 @@
|
||||||
+ [seqizz](https://github.com/seqizz/nixos-config/blob/3ee51f406a8c7aa3afde9cdee97a43641b2ed2ef/modules/server/rustypaste.nix) - rustypaste config
|
+ [seqizz](https://github.com/seqizz/nixos-config/blob/3ee51f406a8c7aa3afde9cdee97a43641b2ed2ef/modules/server/rustypaste.nix) - rustypaste config
|
||||||
+ [Yavko](https://github.com/yavko) - ironbar config used as reference
|
+ [Yavko](https://github.com/yavko) - ironbar config used as reference
|
||||||
+ [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix)
|
+ [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix)
|
||||||
+ [noc](https://git.flake.sh/noc) - networking diagram + a ton of other stuff
|
+ [mektov](https://git.flake.sh/mektov) - networking diagram + a ton of other stuff
|
||||||
|
|
44
flake.lock
44
flake.lock
|
@ -176,11 +176,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699025595,
|
"lastModified": 1699748018,
|
||||||
"narHash": "sha256-e+o4PoSu2Z6Ww8y/AVUmMU200rNZoRK+p2opQ7Db8Rg=",
|
"narHash": "sha256-28rwXnxgscLkeII6wj44cuP6RuiynhzZSa424ZwGt/s=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "8765d4e38aa0be53cdeee26f7386173e6c65618d",
|
"rev": "50e582b9f91e409ffd2e134017445d376659b32e",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -198,11 +198,11 @@
|
||||||
"xdph": "xdph"
|
"xdph": "xdph"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699195644,
|
"lastModified": 1699726486,
|
||||||
"narHash": "sha256-8tGZPsIM09gQatIhfUNK8crzx21rsg3u1Kj6uIsh7Uc=",
|
"narHash": "sha256-8PP26+ybmScq5WpFd2JPqUDzG2VggYOvD6/rzY9/CJ4=",
|
||||||
"owner": "hyprwm",
|
"owner": "hyprwm",
|
||||||
"repo": "Hyprland",
|
"repo": "Hyprland",
|
||||||
"rev": "c4e1a9b13baf9a0f8b58824803c4a9e63cbc41b3",
|
"rev": "9afdd61adeaf413afbe853dbc5fdf6853c8bde21",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -246,11 +246,11 @@
|
||||||
"rust-overlay": "rust-overlay"
|
"rust-overlay": "rust-overlay"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1698826933,
|
"lastModified": 1699376527,
|
||||||
"narHash": "sha256-87Qm4QCGtYeyOMVDopTRA9byrZ/hMU9/aVGy1T+Cpqg=",
|
"narHash": "sha256-ODtyJTPFPKrkXLdsgsD/mWDO6Eajw3pSMJKDnmtZ8+k=",
|
||||||
"owner": "JakeStanger",
|
"owner": "JakeStanger",
|
||||||
"repo": "ironbar",
|
"repo": "ironbar",
|
||||||
"rev": "ae70f1d43211750fe4d4ec9264a4362c5b47b158",
|
"rev": "0d9e4545aa827a204d6fad17f52d14dff2d40231",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -352,11 +352,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699156599,
|
"lastModified": 1699760693,
|
||||||
"narHash": "sha256-Qk9ZE/pG9lNIGUVNArJxL0Hc0Soa92eQPPIhcDwWinU=",
|
"narHash": "sha256-u/gkNUHQR/q23voqE5J4xmEWQIAqR+g3lUnCtzn0k7Y=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "nix-index-database",
|
"repo": "nix-index-database",
|
||||||
"rev": "5388a4002179d6778d212dc2fdcc7ac3fdbd5b65",
|
"rev": "8aff4ca3dee60d1422489fe8d52c2f837b3ad113",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -520,11 +520,11 @@
|
||||||
"pre-commit-hooks": "pre-commit-hooks"
|
"pre-commit-hooks": "pre-commit-hooks"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699167817,
|
"lastModified": 1699724093,
|
||||||
"narHash": "sha256-TyaCfHSU7hX+LzD9zF7TUCV/8YoCtT6bnkno9qnWQ3g=",
|
"narHash": "sha256-oB8kJ2ExM+WCPUMsM3DIDg25ZHop2G01AZJsY6DwkuI=",
|
||||||
"owner": "PrismLauncher",
|
"owner": "PrismLauncher",
|
||||||
"repo": "PrismLauncher",
|
"repo": "PrismLauncher",
|
||||||
"rev": "070d83d887a6499b1cb531a69dc2f70a109baf4f",
|
"rev": "e7b2dbdd003c2da55bb3e45b42bd9d6b158d9338",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -576,11 +576,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1699153251,
|
"lastModified": 1699311858,
|
||||||
"narHash": "sha256-CGx98mbAy9svKTa1dzlrVmkJwgGSXpAQUdMh7U0szts=",
|
"narHash": "sha256-W/sQrghPAn5J9d+9kMnHqi4NPVWVpy0V/qzQeZfS/dM=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "5bc2cde6e53241e7df0e8f5df5872223983efa72",
|
"rev": "664187539871f63857bda2d498f452792457b998",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -653,18 +653,18 @@
|
||||||
"flake": false,
|
"flake": false,
|
||||||
"locked": {
|
"locked": {
|
||||||
"host": "gitlab.freedesktop.org",
|
"host": "gitlab.freedesktop.org",
|
||||||
"lastModified": 1697909146,
|
"lastModified": 1699292815,
|
||||||
"narHash": "sha256-jU0I6FoCKnj4zIBL4daosFWh81U1fM719Z6cae8PxSY=",
|
"narHash": "sha256-HXu98PyBMKEWLqiTb8viuLDznud/SdkdJsx5A5CWx7I=",
|
||||||
"owner": "wlroots",
|
"owner": "wlroots",
|
||||||
"repo": "wlroots",
|
"repo": "wlroots",
|
||||||
"rev": "47bf87ade2bd32395615a385ebde1fefbcdf79a2",
|
"rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"host": "gitlab.freedesktop.org",
|
"host": "gitlab.freedesktop.org",
|
||||||
"owner": "wlroots",
|
"owner": "wlroots",
|
||||||
"repo": "wlroots",
|
"repo": "wlroots",
|
||||||
"rev": "47bf87ade2bd32395615a385ebde1fefbcdf79a2",
|
"rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
@ -66,13 +66,21 @@
|
||||||
HostName 100.82.146.40
|
HostName 100.82.146.40
|
||||||
User notoh
|
User notoh
|
||||||
IdentityFile ~/.ssh/tsuru
|
IdentityFile ~/.ssh/tsuru
|
||||||
Host pve
|
|
||||||
Hostname 100.115.234.69
|
|
||||||
User root
|
|
||||||
Host basegbot
|
Host basegbot
|
||||||
HostName 100.83.81.116
|
HostName 100.83.81.116
|
||||||
User basegbot
|
User basegbot
|
||||||
IdentityFile ~/.ssh/basegbot
|
IdentityFile ~/.ssh/basegbot
|
||||||
|
Host pihole
|
||||||
|
HostName 192.168.1.221
|
||||||
|
User notoh
|
||||||
|
IdentityFile ~/.ssh/pihole
|
||||||
|
Host rpi4
|
||||||
|
HostName 100.92.145.147
|
||||||
|
User notoh
|
||||||
|
IdentityFile ~/.ssh/rpi4
|
||||||
|
Host pve
|
||||||
|
Hostname 100.115.234.69
|
||||||
|
User root
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -209,7 +209,7 @@
|
||||||
staticConfigOptions = {
|
staticConfigOptions = {
|
||||||
log.level = "DEBUG";
|
log.level = "DEBUG";
|
||||||
api.dashboard = true;
|
api.dashboard = true;
|
||||||
api.insecure = false;
|
api.insecure = true;
|
||||||
global = {
|
global = {
|
||||||
checkNewVersion = false;
|
checkNewVersion = false;
|
||||||
sendAnonymousUsage = false;
|
sendAnonymousUsage = false;
|
||||||
|
|
|
@ -21,9 +21,8 @@
|
||||||
username = "notoh";
|
username = "notoh";
|
||||||
homeDirectory = "/home/notoh";
|
homeDirectory = "/home/notoh";
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
floorp
|
brave
|
||||||
discord
|
discord
|
||||||
signal-desktop
|
|
||||||
jellyfin-media-player
|
jellyfin-media-player
|
||||||
cinny-desktop
|
cinny-desktop
|
||||||
thunderbird
|
thunderbird
|
||||||
|
@ -36,7 +35,6 @@
|
||||||
imv
|
imv
|
||||||
mpv
|
mpv
|
||||||
rustypaste-cli
|
rustypaste-cli
|
||||||
playerctl
|
|
||||||
obsidian
|
obsidian
|
||||||
gimp
|
gimp
|
||||||
cryptomator
|
cryptomator
|
||||||
|
|
|
@ -1,14 +0,0 @@
|
||||||
_: {
|
|
||||||
virtualisation.oci-containers.containers.dashdot = {
|
|
||||||
image = "mauricenino/dashdot:sha-4bef01c";
|
|
||||||
ports = [
|
|
||||||
"4000:3001"
|
|
||||||
];
|
|
||||||
volumes = [
|
|
||||||
"/home/notoh/docker/dashdot:/mnt/host:ro"
|
|
||||||
];
|
|
||||||
environment = {
|
|
||||||
DASHDOT_ENABLE_CPU_TEMPS = "true";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -3,9 +3,10 @@
|
||||||
./restic.nix
|
./restic.nix
|
||||||
./traefik.nix
|
./traefik.nix
|
||||||
./stash.nix
|
./stash.nix
|
||||||
./homarr.nix
|
|
||||||
./dashdot.nix
|
|
||||||
./jellyfin.nix
|
./jellyfin.nix
|
||||||
./minecraft.nix
|
./minecraft.nix
|
||||||
|
./wallos.nix
|
||||||
|
./homepage.nix
|
||||||
|
./glances.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
15
hosts/yuki/services/glances.nix
Normal file
15
hosts/yuki/services/glances.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
_: {
|
||||||
|
networking.firewall.allowedTCPPorts = [61208 61209];
|
||||||
|
virtualisation.oci-containers.containers.glances = {
|
||||||
|
image = "nicolargo/glances";
|
||||||
|
ports = [
|
||||||
|
"61208-61209:61208-61209"
|
||||||
|
];
|
||||||
|
volumes = [
|
||||||
|
"/var/run/docker.sock:/var/run/docker.sock"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
GLANCES_OPT = "-w";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,12 +0,0 @@
|
||||||
_: {
|
|
||||||
virtualisation.oci-containers.containers.homarr = {
|
|
||||||
image = "ghcr.io/ajnart/homarr:0.13.4";
|
|
||||||
ports = [
|
|
||||||
"7575:7575"
|
|
||||||
];
|
|
||||||
volumes = [
|
|
||||||
"/home/notohh/docker/homarr/configs:/app/data/configs"
|
|
||||||
"/home/notohh/docker/homarr/icons:/app/public/icons"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
7
hosts/yuki/services/homepage.nix
Normal file
7
hosts/yuki/services/homepage.nix
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
_: {
|
||||||
|
services.homepage-dashboard = {
|
||||||
|
enable = true;
|
||||||
|
listenPort = 7676;
|
||||||
|
openFirewall = true;
|
||||||
|
};
|
||||||
|
}
|
|
@ -10,21 +10,16 @@ _: {
|
||||||
entryPoints = ["websecure"];
|
entryPoints = ["websecure"];
|
||||||
service = "api@internal";
|
service = "api@internal";
|
||||||
};
|
};
|
||||||
homarr = {
|
homepage = {
|
||||||
rule = "Host(`dashboard.internal.flake.sh`)";
|
rule = "Host(`dashboard.internal.flake.sh`)";
|
||||||
entrypoints = ["web"];
|
entrypoints = ["web"];
|
||||||
service = "homarr";
|
service = "homepage";
|
||||||
};
|
};
|
||||||
stash = {
|
stash = {
|
||||||
rule = "Host(`stash.internal.flake.sh`)";
|
rule = "Host(`stash.internal.flake.sh`)";
|
||||||
entrypoints = ["web"];
|
entrypoints = ["web"];
|
||||||
service = "stash";
|
service = "stash";
|
||||||
};
|
};
|
||||||
dashdot = {
|
|
||||||
rule = "Host(`dashdot.yuki.internal.flake.sh`)";
|
|
||||||
entrypoints = ["web"];
|
|
||||||
service = "dashdot";
|
|
||||||
};
|
|
||||||
jellyfin = {
|
jellyfin = {
|
||||||
rule = "Host(`jellyfin.internal.flake.sh`)";
|
rule = "Host(`jellyfin.internal.flake.sh`)";
|
||||||
entrypoints = ["web"];
|
entrypoints = ["web"];
|
||||||
|
@ -35,13 +30,18 @@ _: {
|
||||||
entrypoints = ["web"];
|
entrypoints = ["web"];
|
||||||
service = "jellyseerr";
|
service = "jellyseerr";
|
||||||
};
|
};
|
||||||
|
wallos = {
|
||||||
|
rule = "Host(`wallos.internal.flake.sh`)";
|
||||||
|
entrypoints = ["web"];
|
||||||
|
service = "wallos";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
services = {
|
services = {
|
||||||
stash.loadBalancer.servers = [{url = "http://localhost:9999";}];
|
stash.loadBalancer.servers = [{url = "http://localhost:9999";}];
|
||||||
homarr.loadBalancer.servers = [{url = "http://localhost:7575";}];
|
homepage.loadBalancer.servers = [{url = "http://localhost:7676";}];
|
||||||
dashdot.loadBalancer.servers = [{url = "http://localhost:4000";}];
|
|
||||||
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
|
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
|
||||||
jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}];
|
jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}];
|
||||||
|
wallos.loadBalancer.servers = [{url = "http://localhost:8282";}];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
15
hosts/yuki/services/wallos.nix
Normal file
15
hosts/yuki/services/wallos.nix
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
_: {
|
||||||
|
virtualisation.oci-containers.containers.wallos = {
|
||||||
|
image = "bellamy/wallos";
|
||||||
|
ports = [
|
||||||
|
"8282:80"
|
||||||
|
];
|
||||||
|
volumes = [
|
||||||
|
"/home/notohh/docker/wallos/db:/var/www/html/db"
|
||||||
|
"/home/notohh/docker/wallos/logos:/var/www/html/images/uploads/logos"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
TZ = "America/New_York";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -7,7 +7,10 @@ _: {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
environment.etc = {
|
environment.etc = {
|
||||||
"resolv.conf".text = "nameserver 192.168.1.221\n";
|
"resolv.conf".text = ''
|
||||||
|
nameserver 192.168.1.221
|
||||||
|
nameserver 192.168.1.153
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.tailscale.enable = true;
|
services.tailscale.enable = true;
|
||||||
|
|
|
@ -21,8 +21,8 @@ stdenv.mkDerivation rec {
|
||||||
src = fetchFromGitHub {
|
src = fetchFromGitHub {
|
||||||
owner = "SevenTV";
|
owner = "SevenTV";
|
||||||
repo = pname;
|
repo = pname;
|
||||||
rev = "c7a11ebce0b4ef7acaa1a71389f242861726c3a7";
|
rev = "178a9b3b6c7314082e6b3b17b1aaf3c01eca6e73";
|
||||||
sha256 = "sha256-yDqkhlYuaLCWS//Z8ndN/LXSCL61N5vAJWe/SmEHt2Y=";
|
sha256 = "sha256-lJlxEG3JzGVVBkBhHh1226a0cQ6sgFOJfqLoIgHh3GY=";
|
||||||
fetchSubmodules = true;
|
fetchSubmodules = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue