Merge pull request 'snowflake: 11.0t.23 -> 11.12.23' (#19) from snowflake into master
All checks were successful
flake check / check (push) Successful in 3m48s
deploy systems / deploy (push) Successful in 13m17s
fmt check / check (push) Successful in 42s

Reviewed-on: #19
This commit is contained in:
notohh 2023-11-11 23:53:23 -05:00
commit be2e463958
14 changed files with 91 additions and 70 deletions

View file

@ -56,4 +56,4 @@
+ [seqizz](https://github.com/seqizz/nixos-config/blob/3ee51f406a8c7aa3afde9cdee97a43641b2ed2ef/modules/server/rustypaste.nix) - rustypaste config
+ [Yavko](https://github.com/yavko) - ironbar config used as reference
+ [hlissner](https://github.com/hlissner) - [security.nix](modules/security.nix)
+ [noc](https://git.flake.sh/noc) - networking diagram + a ton of other stuff
+ [mektov](https://git.flake.sh/mektov) - networking diagram + a ton of other stuff

View file

@ -176,11 +176,11 @@
]
},
"locked": {
"lastModified": 1699025595,
"narHash": "sha256-e+o4PoSu2Z6Ww8y/AVUmMU200rNZoRK+p2opQ7Db8Rg=",
"lastModified": 1699748018,
"narHash": "sha256-28rwXnxgscLkeII6wj44cuP6RuiynhzZSa424ZwGt/s=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8765d4e38aa0be53cdeee26f7386173e6c65618d",
"rev": "50e582b9f91e409ffd2e134017445d376659b32e",
"type": "github"
},
"original": {
@ -198,11 +198,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1699195644,
"narHash": "sha256-8tGZPsIM09gQatIhfUNK8crzx21rsg3u1Kj6uIsh7Uc=",
"lastModified": 1699726486,
"narHash": "sha256-8PP26+ybmScq5WpFd2JPqUDzG2VggYOvD6/rzY9/CJ4=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "c4e1a9b13baf9a0f8b58824803c4a9e63cbc41b3",
"rev": "9afdd61adeaf413afbe853dbc5fdf6853c8bde21",
"type": "github"
},
"original": {
@ -246,11 +246,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1698826933,
"narHash": "sha256-87Qm4QCGtYeyOMVDopTRA9byrZ/hMU9/aVGy1T+Cpqg=",
"lastModified": 1699376527,
"narHash": "sha256-ODtyJTPFPKrkXLdsgsD/mWDO6Eajw3pSMJKDnmtZ8+k=",
"owner": "JakeStanger",
"repo": "ironbar",
"rev": "ae70f1d43211750fe4d4ec9264a4362c5b47b158",
"rev": "0d9e4545aa827a204d6fad17f52d14dff2d40231",
"type": "github"
},
"original": {
@ -352,11 +352,11 @@
]
},
"locked": {
"lastModified": 1699156599,
"narHash": "sha256-Qk9ZE/pG9lNIGUVNArJxL0Hc0Soa92eQPPIhcDwWinU=",
"lastModified": 1699760693,
"narHash": "sha256-u/gkNUHQR/q23voqE5J4xmEWQIAqR+g3lUnCtzn0k7Y=",
"owner": "Mic92",
"repo": "nix-index-database",
"rev": "5388a4002179d6778d212dc2fdcc7ac3fdbd5b65",
"rev": "8aff4ca3dee60d1422489fe8d52c2f837b3ad113",
"type": "github"
},
"original": {
@ -520,11 +520,11 @@
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1699167817,
"narHash": "sha256-TyaCfHSU7hX+LzD9zF7TUCV/8YoCtT6bnkno9qnWQ3g=",
"lastModified": 1699724093,
"narHash": "sha256-oB8kJ2ExM+WCPUMsM3DIDg25ZHop2G01AZJsY6DwkuI=",
"owner": "PrismLauncher",
"repo": "PrismLauncher",
"rev": "070d83d887a6499b1cb531a69dc2f70a109baf4f",
"rev": "e7b2dbdd003c2da55bb3e45b42bd9d6b158d9338",
"type": "github"
},
"original": {
@ -576,11 +576,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1699153251,
"narHash": "sha256-CGx98mbAy9svKTa1dzlrVmkJwgGSXpAQUdMh7U0szts=",
"lastModified": 1699311858,
"narHash": "sha256-W/sQrghPAn5J9d+9kMnHqi4NPVWVpy0V/qzQeZfS/dM=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "5bc2cde6e53241e7df0e8f5df5872223983efa72",
"rev": "664187539871f63857bda2d498f452792457b998",
"type": "github"
},
"original": {
@ -653,18 +653,18 @@
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1697909146,
"narHash": "sha256-jU0I6FoCKnj4zIBL4daosFWh81U1fM719Z6cae8PxSY=",
"lastModified": 1699292815,
"narHash": "sha256-HXu98PyBMKEWLqiTb8viuLDznud/SdkdJsx5A5CWx7I=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "47bf87ade2bd32395615a385ebde1fefbcdf79a2",
"rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "47bf87ade2bd32395615a385ebde1fefbcdf79a2",
"rev": "5de9e1a99d6642c2d09d589aa37ff0a8945dcee1",
"type": "gitlab"
}
},

View file

@ -66,13 +66,21 @@
HostName 100.82.146.40
User notoh
IdentityFile ~/.ssh/tsuru
Host pve
Hostname 100.115.234.69
User root
Host basegbot
HostName 100.83.81.116
User basegbot
IdentityFile ~/.ssh/basegbot
Host pihole
HostName 192.168.1.221
User notoh
IdentityFile ~/.ssh/pihole
Host rpi4
HostName 100.92.145.147
User notoh
IdentityFile ~/.ssh/rpi4
Host pve
Hostname 100.115.234.69
User root
'';
};

View file

@ -209,7 +209,7 @@
staticConfigOptions = {
log.level = "DEBUG";
api.dashboard = true;
api.insecure = false;
api.insecure = true;
global = {
checkNewVersion = false;
sendAnonymousUsage = false;

View file

@ -21,9 +21,8 @@
username = "notoh";
homeDirectory = "/home/notoh";
packages = with pkgs; [
floorp
brave
discord
signal-desktop
jellyfin-media-player
cinny-desktop
thunderbird
@ -36,7 +35,6 @@
imv
mpv
rustypaste-cli
playerctl
obsidian
gimp
cryptomator

View file

@ -1,14 +0,0 @@
_: {
virtualisation.oci-containers.containers.dashdot = {
image = "mauricenino/dashdot:sha-4bef01c";
ports = [
"4000:3001"
];
volumes = [
"/home/notoh/docker/dashdot:/mnt/host:ro"
];
environment = {
DASHDOT_ENABLE_CPU_TEMPS = "true";
};
};
}

View file

@ -3,9 +3,10 @@
./restic.nix
./traefik.nix
./stash.nix
./homarr.nix
./dashdot.nix
./jellyfin.nix
./minecraft.nix
./wallos.nix
./homepage.nix
./glances.nix
];
}

View file

@ -0,0 +1,15 @@
_: {
networking.firewall.allowedTCPPorts = [61208 61209];
virtualisation.oci-containers.containers.glances = {
image = "nicolargo/glances";
ports = [
"61208-61209:61208-61209"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
];
environment = {
GLANCES_OPT = "-w";
};
};
}

View file

@ -1,12 +0,0 @@
_: {
virtualisation.oci-containers.containers.homarr = {
image = "ghcr.io/ajnart/homarr:0.13.4";
ports = [
"7575:7575"
];
volumes = [
"/home/notohh/docker/homarr/configs:/app/data/configs"
"/home/notohh/docker/homarr/icons:/app/public/icons"
];
};
}

View file

@ -0,0 +1,7 @@
_: {
services.homepage-dashboard = {
enable = true;
listenPort = 7676;
openFirewall = true;
};
}

View file

@ -10,21 +10,16 @@ _: {
entryPoints = ["websecure"];
service = "api@internal";
};
homarr = {
homepage = {
rule = "Host(`dashboard.internal.flake.sh`)";
entrypoints = ["web"];
service = "homarr";
service = "homepage";
};
stash = {
rule = "Host(`stash.internal.flake.sh`)";
entrypoints = ["web"];
service = "stash";
};
dashdot = {
rule = "Host(`dashdot.yuki.internal.flake.sh`)";
entrypoints = ["web"];
service = "dashdot";
};
jellyfin = {
rule = "Host(`jellyfin.internal.flake.sh`)";
entrypoints = ["web"];
@ -35,13 +30,18 @@ _: {
entrypoints = ["web"];
service = "jellyseerr";
};
wallos = {
rule = "Host(`wallos.internal.flake.sh`)";
entrypoints = ["web"];
service = "wallos";
};
};
services = {
stash.loadBalancer.servers = [{url = "http://localhost:9999";}];
homarr.loadBalancer.servers = [{url = "http://localhost:7575";}];
dashdot.loadBalancer.servers = [{url = "http://localhost:4000";}];
homepage.loadBalancer.servers = [{url = "http://localhost:7676";}];
jellyfin.loadBalancer.servers = [{url = "http://localhost:8096";}];
jellyseerr.loadBalancer.servers = [{url = "http://localhost:5055";}];
wallos.loadBalancer.servers = [{url = "http://localhost:8282";}];
};
};
};

View file

@ -0,0 +1,15 @@
_: {
virtualisation.oci-containers.containers.wallos = {
image = "bellamy/wallos";
ports = [
"8282:80"
];
volumes = [
"/home/notohh/docker/wallos/db:/var/www/html/db"
"/home/notohh/docker/wallos/logos:/var/www/html/images/uploads/logos"
];
environment = {
TZ = "America/New_York";
};
};
}

View file

@ -7,7 +7,10 @@ _: {
};
};
environment.etc = {
"resolv.conf".text = "nameserver 192.168.1.221\n";
"resolv.conf".text = ''
nameserver 192.168.1.221
nameserver 192.168.1.153
'';
};
services.tailscale.enable = true;

View file

@ -21,8 +21,8 @@ stdenv.mkDerivation rec {
src = fetchFromGitHub {
owner = "SevenTV";
repo = pname;
rev = "c7a11ebce0b4ef7acaa1a71389f242861726c3a7";
sha256 = "sha256-yDqkhlYuaLCWS//Z8ndN/LXSCL61N5vAJWe/SmEHt2Y=";
rev = "178a9b3b6c7314082e6b3b17b1aaf3c01eca6e73";
sha256 = "sha256-lJlxEG3JzGVVBkBhHh1226a0cQ6sgFOJfqLoIgHh3GY=";
fetchSubmodules = true;
};