diff --git a/hosts/dnsc-server/default.nix b/hosts/dnsc-server/default.nix index da28607..5753b25 100644 --- a/hosts/dnsc-server/default.nix +++ b/hosts/dnsc-server/default.nix @@ -1,14 +1,16 @@ { inputs, outputs, - lib, - config, pkgs, ... }: { imports = [ ./hardware-configuration.nix inputs.home-manager.nixosModules.home-manager + ../../modules/ups + ../../modules/openssh + ../../modules/jellyfin + ../../modules/syncthing ]; # General @@ -91,35 +93,7 @@ enableSSHSupport = true; }; - # UPS - power.ups = { - enable = true; - - ups."eaton-ups" = { - driver = "usbhid-ups"; - port = "auto"; - }; - - users.upsmon = { - passwordFile = "/etc/upsmon.passwd"; - upsmon = "primary"; - }; - - upsmon.monitor."eaton-ups".user = "upsmon"; - }; - # Services - # SSH - services.openssh = { - enable = true; - settings = { - X11Forwarding = false; - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - openFirewall = true; - }; - # ZFS services.zfs = { autoSnapshot.enable = true; @@ -167,50 +141,9 @@ openFirewall = true; }; - # Jellyfin - services.jellyfin = { - enable = true; - openFirewall = true; - }; - - nixpkgs.config.packageOverrides = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - }; - - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver - intel-vaapi-driver - vaapiVdpau - intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) - vpl-gpu-rt # QSV on 11th gen or newer - intel-media-sdk # QSV up to 11th gen - ]; - }; - # Tailscale services.tailscale.enable = true; - # Syncthing - services.syncthing = { - enable = true; - group = "users"; - guiAddress = "0.0.0.0:8384"; - user = "dennis"; - dataDir = "/home/dennis/sync"; - configDir = "/home/dennis/sync/.config/syncthing"; - overrideDevices = true; - overrideFolders = true; - settings = { - devices = { - "dnsc-pixel" = { id = "FD4XYVI-UZCBEXZ-OATLR3Y-7ZZPQOA-MFWP3Q7-OFNZY33-XH4TJAF-KVHW2AI"; }; - "dnsc-air" = { id = "RYFO5XN-RRZZQI3-4W5DPHO-C7OKL5N-ZUQUBEI-ZKSWUHM-2BMTFRY-MDC7MA3"; }; - }; - }; - }; - systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; - # Environment variables environment.variables.EDITOR = "nvim"; diff --git a/hosts/dnsc-vps-sm/default.nix b/hosts/dnsc-vps-sm/default.nix index 115a8ce..e881de4 100644 --- a/hosts/dnsc-vps-sm/default.nix +++ b/hosts/dnsc-vps-sm/default.nix @@ -11,6 +11,9 @@ ./networking.nix inputs.home-manager.nixosModules.home-manager inputs.ip-whitelist.nixosModules.default + ../../modules/vaultwarden + ../../modules/uptime-kuma + ../../modules/homepage ]; # Secrets @@ -63,7 +66,6 @@ ]; }; - # My user account users.users.dennis = { description = "dennis"; @@ -117,145 +119,6 @@ # Tailscale services.tailscale.enable = true; - # Vaultwarden - services.vaultwarden = { - enable = true; - environmentFile = config.age.secrets."vaultwarden/env".path; - }; - - # Uptime Kuma - services.uptime-kuma = { - enable = true; - settings = { - PORT = "9000"; - }; - }; - - # Homepage - services.homepage-dashboard = { - enable = true; - listenPort = 9001; - allowedHosts = "home.dnsc.io"; - settings = { - theme = "dark"; - background = { - image = "https://i.ibb.co/v6FjzW5V/winter.png"; - opacity = 40; - brightness = 50; - }; - }; - services = [ - { - "VPS" = [ - { - "Vaultwarden" = { - href = "https://vault.dnsc.io"; - icon = "vaultwarden.png"; - }; - } - { - "Uptime Kuma" = { - href = "https://uptime.dnsc.io"; - icon = "uptime-kuma.png"; - }; - } - { - "Slides" = { - href = "https://uptime.dnsc.io"; - icon = "slidev.png"; - }; - } - ]; - } - { - "Homelab" = [ - { - "Jellyfin" = { - href = "http://100.103.199.4:8096"; - icon = "jellyfin.png"; - }; - } - { - "Syncthing" = { - href = "http://100.103.199.4:8384"; - icon = "syncthing.png"; - }; - } - ]; - } - ]; - bookmarks = [ - { - Tools = [ - { - Fastmail = [ - { - abbr = "FM"; - href = "https://app.fastmail.com"; - } - ]; - } - { - YNAB = [ - { - abbr = "YN"; - href = "https://app.ynab.com"; - } - ]; - } - ]; - } - { - Dev = [ - { - Codeberg = [ - { - abbr = "CB"; - href = "https://codeberg.org"; - } - ]; - } - { - Github = [ - { - abbr = "GH"; - href = "https://github.com/dennisschoepf"; - } - ]; - } - ]; - } - { - Entertainment = [ - { - YouTube = [ - { - abbr = "YT"; - href = "https://youtube.com"; - } - ]; - } - { - Twitch = [ - { - abbr = "TW"; - href = "https://twitch.tv"; - } - ]; - } - { - Overcast = [ - { - abbr = "OC"; - href = "https://overcast.fm"; - } - ]; - } - ]; - } - ]; - }; - # Caddy services.caddy = { enable = true; diff --git a/modules/homepage/default.nix b/modules/homepage/default.nix new file mode 100644 index 0000000..5597fe0 --- /dev/null +++ b/modules/homepage/default.nix @@ -0,0 +1,125 @@ +{ + services.homepage-dashboard = { + enable = true; + listenPort = 9001; + allowedHosts = "home.dnsc.io"; + settings = { + theme = "dark"; + background = { + image = "https://i.ibb.co/v6FjzW5V/winter.png"; + opacity = 40; + brightness = 50; + }; + }; + services = [ + { + "VPS" = [ + { + "Vaultwarden" = { + href = "https://vault.dnsc.io"; + icon = "vaultwarden.png"; + }; + } + { + "Uptime Kuma" = { + href = "https://uptime.dnsc.io"; + icon = "uptime-kuma.png"; + }; + } + { + "Slides" = { + href = "https://uptime.dnsc.io"; + icon = "slidev.png"; + }; + } + ]; + } + { + "Homelab" = [ + { + "Jellyfin" = { + href = "http://100.103.199.4:8096"; + icon = "jellyfin.png"; + }; + } + { + "Syncthing" = { + href = "http://100.103.199.4:8384"; + icon = "syncthing.png"; + }; + } + ]; + } + ]; + bookmarks = [ + { + Tools = [ + { + Fastmail = [ + { + abbr = "FM"; + href = "https://app.fastmail.com"; + } + ]; + } + { + YNAB = [ + { + abbr = "YN"; + href = "https://app.ynab.com"; + } + ]; + } + ]; + } + { + Dev = [ + { + Codeberg = [ + { + abbr = "CB"; + href = "https://codeberg.org"; + } + ]; + } + { + Github = [ + { + abbr = "GH"; + href = "https://github.com/dennisschoepf"; + } + ]; + } + ]; + } + { + Entertainment = [ + { + YouTube = [ + { + abbr = "YT"; + href = "https://youtube.com"; + } + ]; + } + { + Twitch = [ + { + abbr = "TW"; + href = "https://twitch.tv"; + } + ]; + } + { + Overcast = [ + { + abbr = "OC"; + href = "https://overcast.fm"; + } + ]; + } + ]; + } + ]; + }; +} diff --git a/modules/jellyfin/default.nix b/modules/jellyfin/default.nix new file mode 100644 index 0000000..5a7911a --- /dev/null +++ b/modules/jellyfin/default.nix @@ -0,0 +1,26 @@ +{ + pkgs +}: { + services.jellyfin = { + enable = true; + openFirewall = true; + }; + + nixpkgs.config.packageOverrides = pkgs: { + vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; + }; + + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver + intel-vaapi-driver + vaapiVdpau + intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) + vpl-gpu-rt # QSV on 11th gen or newer + intel-media-sdk # QSV up to 11th gen + ]; + }; + +} + diff --git a/modules/openssh/default.nix b/modules/openssh/default.nix new file mode 100644 index 0000000..3096f39 --- /dev/null +++ b/modules/openssh/default.nix @@ -0,0 +1,12 @@ +{ + services.openssh = { + enable = true; + settings = { + X11Forwarding = false; + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; + openFirewall = true; + }; +} + diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix new file mode 100644 index 0000000..7b3f733 --- /dev/null +++ b/modules/syncthing/default.nix @@ -0,0 +1,20 @@ +{ + services.syncthing = { + enable = true; + group = "users"; + guiAddress = "0.0.0.0:8384"; + user = "dennis"; + dataDir = "/home/dennis/sync"; + configDir = "/home/dennis/sync/.config/syncthing"; + overrideDevices = true; + overrideFolders = true; + settings = { + devices = { + "dnsc-pixel" = { id = "FD4XYVI-UZCBEXZ-OATLR3Y-7ZZPQOA-MFWP3Q7-OFNZY33-XH4TJAF-KVHW2AI"; }; + "dnsc-air" = { id = "RYFO5XN-RRZZQI3-4W5DPHO-C7OKL5N-ZUQUBEI-ZKSWUHM-2BMTFRY-MDC7MA3"; }; + }; + }; + }; + systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true"; +} + diff --git a/modules/ups/default.nix b/modules/ups/default.nix new file mode 100644 index 0000000..c6f2559 --- /dev/null +++ b/modules/ups/default.nix @@ -0,0 +1,18 @@ +{ + power.ups = { + enable = true; + + ups."eaton-ups" = { + driver = "usbhid-ups"; + port = "auto"; + }; + + users.upsmon = { + passwordFile = "/etc/upsmon.passwd"; + upsmon = "primary"; + }; + + upsmon.monitor."eaton-ups".user = "upsmon"; + }; +} + diff --git a/modules/uptime-kuma/default.nix b/modules/uptime-kuma/default.nix new file mode 100644 index 0000000..e28aef1 --- /dev/null +++ b/modules/uptime-kuma/default.nix @@ -0,0 +1,8 @@ +{ + services.uptime-kuma = { + enable = true; + settings = { + PORT = "9000"; + }; + }; +} diff --git a/modules/vaultwarden/default.nix b/modules/vaultwarden/default.nix new file mode 100644 index 0000000..d38ce62 --- /dev/null +++ b/modules/vaultwarden/default.nix @@ -0,0 +1,8 @@ +{ + config +}: { + services.vaultwarden = { + enable = true; + environmentFile = config.age.secrets."vaultwarden/env".path; + }; +}