Merge pull request 'snowflake: 11.0t.23 -> 11.12.23' (#19) from snowflake into master
All checks were successful
flake check / check (push) Successful in 3m48s
deploy systems / deploy (push) Successful in 13m17s
fmt check / check (push) Successful in 42s

Reviewed-on: #19
This commit is contained in:
notohh 2023-11-11 23:53:23 -05:00
commit be2e463958
14 changed files with 91 additions and 70 deletions

View file

@ -56,4 +56,4 @@
+ [seqizz](https://github.com/seqizz/nixos-config/blob/3ee51f406a8c7aa3afde9cdee97a43641b2ed2ef/modules/server/rustypaste.nix) - rustypaste config + [seqizz](https://github.com/seqizz/nixos-config/blob/3ee51f406a8c7aa3afde9cdee97a43641b2ed2ef/modules/server/rustypaste.nix) - rustypaste config
+ [Yavko](https://github.com/yavko) - ironbar config used as reference + [Yavko](https://github.com/yavko) - ironbar config used as reference
+ [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix) + [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix)
+ [noc](https://git.flake.sh/noc) - networking diagram + a ton of other stuff + [mektov](https://git.flake.sh/mektov) - networking diagram + a ton of other stuff

View file

@ -176,11 +176,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1699025595, "lastModified": 1699748018,
"narHash": "sha256-e+o4PoSu2Z6Ww8y/AVUmMU200rNZoRK+p2opQ7Db8Rg=", "narHash": "sha256-28rwXnxgscLkeII6wj44cuP6RuiynhzZSa424ZwGt/s=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "8765d4e38aa0be53cdeee26f7386173e6c65618d", "rev": "50e582b9f91e409ffd2e134017445d376659b32e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -198,11 +198,11 @@
"xdph": "xdph" "xdph": "xdph"
}, },
"locked": { "locked": {
"lastModified": 1699195644, "lastModified": 1699726486,
"narHash": "sha256-8tGZPsIM09gQatIhfUNK8crzx21rsg3u1Kj6uIsh7Uc=", "narHash": "sha256-8PP26+ybmScq5WpFd2JPqUDzG2VggYOvD6/rzY9/CJ4=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "Hyprland", "repo": "Hyprland",
"rev": "c4e1a9b13baf9a0f8b58824803c4a9e63cbc41b3", "rev": "9afdd61adeaf413afbe853dbc5fdf6853c8bde21",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -246,11 +246,11 @@
"rust-overlay": "rust-overlay" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1698826933, "lastModified": 1699376527,
"narHash": "sha256-87Qm4QCGtYeyOMVDopTRA9byrZ/hMU9/aVGy1T+Cpqg=", "narHash": "sha256-ODtyJTPFPKrkXLdsgsD/mWDO6Eajw3pSMJKDnmtZ8+k=",
"owner": "JakeStanger", "owner": "JakeStanger",
"repo": "ironbar", "repo": "ironbar",
"rev": "ae70f1d43211750fe4d4ec9264a4362c5b47b158", "rev": "0d9e4545aa827a204d6fad17f52d14dff2d40231",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -352,11 +352,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1699156599, "lastModified": 1699760693,
"narHash": "sha256-Qk9ZE/pG9lNIGUVNArJxL0Hc0Soa92eQPPIhcDwWinU=", "narHash": "sha256-u/gkNUHQR/q23voqE5J4xmEWQIAqR+g3lUnCtzn0k7Y=",
"owner": "Mic92", "owner": "Mic92",
"repo": "nix-index-database", "repo": "nix-index-database",
"rev": "5388a4002179d6778d212dc2fdcc7ac3fdbd5b65", "rev": "8aff4ca3dee60d1422489fe8d52c2f837b3ad113",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -520,11 +520,11 @@
"pre-commit-hooks": "pre-commit-hooks" "pre-commit-hooks": "pre-commit-hooks"
}, },
"locked": { "locked": {
"lastModified": 1699167817, "lastModified": 1699724093,
"narHash": "sha256-TyaCfHSU7hX+LzD9zF7TUCV/8YoCtT6bnkno9qnWQ3g=", "narHash": "sha256-oB8kJ2ExM+WCPUMsM3DIDg25ZHop2G01AZJsY6DwkuI=",
"owner": "PrismLauncher", "owner": "PrismLauncher",
"repo": "PrismLauncher", "repo": "PrismLauncher",
"rev": "070d83d887a6499b1cb531a69dc2f70a109baf4f", "rev": "e7b2dbdd003c2da55bb3e45b42bd9d6b158d9338",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -576,11 +576,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1699153251, "lastModified": 1699311858,
"narHash": "sha256-CGx98mbAy9svKTa1dzlrVmkJwgGSXpAQUdMh7U0szts=", "narHash": "sha256-W/sQrghPAn5J9d+9kMnHqi4NPVWVpy0V/qzQeZfS/dM=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "5bc2cde6e53241e7df0e8f5df5872223983efa72", "rev": "664187539871f63857bda2d498f452792457b998",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -653,18 +653,18 @@
"flake": false, "flake": false,
"locked": { "locked": {
"host": "gitlab.freedesktop.org", "host": "gitlab.freedesktop.org",
"lastModified": 1697909146, "lastModified": 1699292815,
"narHash": "sha256-jU0I6FoCKnj4zIBL4daosFWh81U1fM719Z6cae8PxSY=", "narHash": "sha256-HXu98PyBMKEWLqiTb8viuLDznud/SdkdJsx5A5CWx7I=",
"owner": "wlroots", "owner": "wlroots",
"repo": "wlroots", "repo": "wlroots",
"rev": "47bf87ade2bd32395615a385ebde1fefbcdf79a2", "rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
"host": "gitlab.freedesktop.org", "host": "gitlab.freedesktop.org",
"owner": "wlroots", "owner": "wlroots",
"repo": "wlroots", "repo": "wlroots",
"rev": "47bf87ade2bd32395615a385ebde1fefbcdf79a2", "rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1",
"type": "gitlab" "type": "gitlab"
} }
}, },

View file

@ -66,13 +66,21 @@
HostName 100.82.146.40 HostName 100.82.146.40
User notoh User notoh
IdentityFile ~/.ssh/tsuru IdentityFile ~/.ssh/tsuru
Host pve
Hostname 100.115.234.69
User root
Host basegbot Host basegbot
HostName 100.83.81.116 HostName 100.83.81.116
User basegbot User basegbot
IdentityFile ~/.ssh/basegbot IdentityFile ~/.ssh/basegbot
Host pihole
HostName 192.168.1.221
User notoh
IdentityFile ~/.ssh/pihole
Host rpi4
HostName 100.92.145.147
User notoh
IdentityFile ~/.ssh/rpi4
Host pve
Hostname 100.115.234.69
User root
''; '';
}; };

View file

@ -209,7 +209,7 @@
staticConfigOptions = { staticConfigOptions = {
log.level = "DEBUG"; log.level = "DEBUG";
api.dashboard = true; api.dashboard = true;
api.insecure = false; api.insecure = true;
global = { global = {
checkNewVersion = false; checkNewVersion = false;
sendAnonymousUsage = false; sendAnonymousUsage = false;

View file

@ -21,9 +21,8 @@
username = "notoh"; username = "notoh";
homeDirectory = "/home/notoh"; homeDirectory = "/home/notoh";
packages = with pkgs; [ packages = with pkgs; [
floorp brave
discord discord
signal-desktop
jellyfin-media-player jellyfin-media-player
cinny-desktop cinny-desktop
thunderbird thunderbird
@ -36,7 +35,6 @@
imv imv
mpv mpv
rustypaste-cli rustypaste-cli
playerctl
obsidian obsidian
gimp gimp
cryptomator cryptomator

View file

@ -1,14 +0,0 @@
_: {
virtualisation.oci-containers.containers.dashdot = {
image = "mauricenino/dashdot:sha-4bef01c";
ports = [
"4000:3001"
];
volumes = [
"/home/notoh/docker/dashdot:/mnt/host:ro"
];
environment = {
DASHDOT_ENABLE_CPU_TEMPS = "true";
};
};
}

View file

@ -3,9 +3,10 @@
./restic.nix ./restic.nix
./traefik.nix ./traefik.nix
./stash.nix ./stash.nix
./homarr.nix
./dashdot.nix
./jellyfin.nix ./jellyfin.nix
./minecraft.nix ./minecraft.nix
./wallos.nix
./homepage.nix
./glances.nix
]; ];
} }

View file

@ -0,0 +1,15 @@
_: {
networking.firewall.allowedTCPPorts = [61208 61209];
virtualisation.oci-containers.containers.glances = {
image = "nicolargo/glances";
ports = [
"61208-61209:61208-61209"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
];
environment = {
GLANCES_OPT = "-w";
};
};
}

View file

@ -1,12 +0,0 @@
_: {
virtualisation.oci-containers.containers.homarr = {
image = "ghcr.io/ajnart/homarr:0.13.4";
ports = [
"7575:7575"
];
volumes = [
"/home/notohh/docker/homarr/configs:/app/data/configs"
"/home/notohh/docker/homarr/icons:/app/public/icons"
];
};
}

View file

@ -0,0 +1,7 @@
_: {
services.homepage-dashboard = {
enable = true;
listenPort = 7676;
openFirewall = true;
};
}

View file

@ -10,21 +10,16 @@ _: {
entryPoints = ["websecure"]; entryPoints = ["websecure"];
service = "api@internal"; service = "api@internal";
}; };
homarr = { homepage = {
rule = "Host(`dashboard.internal.flake.sh`)"; rule = "Host(`dashboard.internal.flake.sh`)";
entrypoints = ["web"]; entrypoints = ["web"];
service = "homarr"; service = "homepage";
}; };
stash = { stash = {
rule = "Host(`stash.internal.flake.sh`)"; rule = "Host(`stash.internal.flake.sh`)";
entrypoints = ["web"]; entrypoints = ["web"];
service = "stash"; service = "stash";
}; };
dashdot = {
rule = "Host(`dashdot.yuki.internal.flake.sh`)";
entrypoints = ["web"];
service = "dashdot";
};
jellyfin = { jellyfin = {
rule = "Host(`jellyfin.internal.flake.sh`)"; rule = "Host(`jellyfin.internal.flake.sh`)";
entrypoints = ["web"]; entrypoints = ["web"];
@ -35,13 +30,18 @@ _: {
entrypoints = ["web"]; entrypoints = ["web"];
service = "jellyseerr"; service = "jellyseerr";
}; };
wallos = {
rule = "Host(`wallos.internal.flake.sh`)";
entrypoints = ["web"];
service = "wallos";
};
}; };
services = { services = {
stash.loadBalancer.servers = [{url = "http://localhost:9999";}]; stash.loadBalancer.servers = [{url = "http://localhost:9999";}];
homarr.loadBalancer.servers = [{url = "http://localhost:7575";}]; homepage.loadBalancer.servers = [{url = "http://localhost:7676";}];
dashdot.loadBalancer.servers = [{url = "http://localhost:4000";}];
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}]; jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}]; jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}];
wallos.loadBalancer.servers = [{url = "http://localhost:8282";}];
}; };
}; };
}; };

View file

@ -0,0 +1,15 @@
_: {
virtualisation.oci-containers.containers.wallos = {
image = "bellamy/wallos";
ports = [
"8282:80"
];
volumes = [
"/home/notohh/docker/wallos/db:/var/www/html/db"
"/home/notohh/docker/wallos/logos:/var/www/html/images/uploads/logos"
];
environment = {
TZ = "America/New_York";
};
};
}

View file

@ -7,7 +7,10 @@ _: {
}; };
}; };
environment.etc = { environment.etc = {
"resolv.conf".text = "nameserver 192.168.1.221\n"; "resolv.conf".text = ''
nameserver 192.168.1.221
nameserver 192.168.1.153
'';
}; };
services.tailscale.enable = true; services.tailscale.enable = true;

View file

@ -21,8 +21,8 @@ stdenv.mkDerivation rec {
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "SevenTV"; owner = "SevenTV";
repo = pname; repo = pname;
rev = "c7a11ebce0b4ef7acaa1a71389f242861726c3a7"; rev = "178a9b3b6c7314082e6b3b17b1aaf3c01eca6e73";
sha256 = "sha256-yDqkhlYuaLCWS//Z8ndN/LXSCL61N5vAJWe/SmEHt2Y="; sha256 = "sha256-lJlxEG3JzGVVBkBhHh1226a0cQ6sgFOJfqLoIgHh3GY=";
fetchSubmodules = true; fetchSubmodules = true;
}; };