dennis/nix-config
1
1
Fork 0
Code Issues 2 Pull requests 1 Projects Releases Packages Wiki Activity Actions

splits out server config into modules

Browse source
This commit is contained in:
Dennis Schoepf 2025-05-29 18:44:12 +02:00
parent 8a8763d6b6
commit ee99ab0565
9 changed files with 224 additions and 211 deletions
Download patch file Download diff file Expand all files Collapse all files

75
hosts/dnsc-server/default.nix
View file

@ -1,14 +1,16 @@
{ {
inputs, inputs,
outputs, outputs,
lib,
config,
pkgs, pkgs,
... ...
}: { }: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
../../modules/ups
../../modules/openssh
../../modules/jellyfin
../../modules/syncthing
]; ];
# General # General
@ -91,35 +93,7 @@
enableSSHSupport = true; enableSSHSupport = true;
}; };
# UPS
power.ups = {
enable = true;
ups."eaton-ups" = {
driver = "usbhid-ups";
port = "auto";
};
users.upsmon = {
passwordFile = "/etc/upsmon.passwd";
upsmon = "primary";
};
upsmon.monitor."eaton-ups".user = "upsmon";
};
# Services # Services
# SSH
services.openssh = {
enable = true;
settings = {
X11Forwarding = false;
PermitRootLogin = "no";
PasswordAuthentication = false;
};
openFirewall = true;
};
# ZFS # ZFS
services.zfs = { services.zfs = {
autoSnapshot.enable = true; autoSnapshot.enable = true;
@ -167,50 +141,9 @@
openFirewall = true; openFirewall = true;
}; };
# Jellyfin
services.jellyfin = {
enable = true;
openFirewall = true;
};
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver
vaapiVdpau
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
vpl-gpu-rt # QSV on 11th gen or newer
intel-media-sdk # QSV up to 11th gen
];
};
# Tailscale # Tailscale
services.tailscale.enable = true; services.tailscale.enable = true;
# Syncthing
services.syncthing = {
enable = true;
group = "users";
guiAddress = "0.0.0.0:8384";
user = "dennis";
dataDir = "/home/dennis/sync";
configDir = "/home/dennis/sync/.config/syncthing";
overrideDevices = true;
overrideFolders = true;
settings = {
devices = {
"dnsc-pixel" = { id = "FD4XYVI-UZCBEXZ-OATLR3Y-7ZZPQOA-MFWP3Q7-OFNZY33-XH4TJAF-KVHW2AI"; };
"dnsc-air" = { id = "RYFO5XN-RRZZQI3-4W5DPHO-C7OKL5N-ZUQUBEI-ZKSWUHM-2BMTFRY-MDC7MA3"; };
};
};
};
systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
# Environment variables # Environment variables
environment.variables.EDITOR = "nvim"; environment.variables.EDITOR = "nvim";

143
hosts/dnsc-vps-sm/default.nix
View file

@ -11,6 +11,9 @@
./networking.nix ./networking.nix
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
inputs.ip-whitelist.nixosModules.default inputs.ip-whitelist.nixosModules.default
../../modules/vaultwarden
../../modules/uptime-kuma
../../modules/homepage
]; ];
# Secrets # Secrets
@ -63,7 +66,6 @@
]; ];
}; };
# My user account # My user account
users.users.dennis = { users.users.dennis = {
description = "dennis"; description = "dennis";
@ -117,145 +119,6 @@
# Tailscale # Tailscale
services.tailscale.enable = true; services.tailscale.enable = true;
# Vaultwarden
services.vaultwarden = {
enable = true;
environmentFile = config.age.secrets."vaultwarden/env".path;
};
# Uptime Kuma
services.uptime-kuma = {
enable = true;
settings = {
PORT = "9000";
};
};
# Homepage
services.homepage-dashboard = {
enable = true;
listenPort = 9001;
allowedHosts = "home.dnsc.io";
settings = {
theme = "dark";
background = {
image = "https://i.ibb.co/v6FjzW5V/winter.png";
opacity = 40;
brightness = 50;
};
};
services = [
{
"VPS" = [
{
"Vaultwarden" = {
href = "https://vault.dnsc.io";
icon = "vaultwarden.png";
};
}
{
"Uptime Kuma" = {
href = "https://uptime.dnsc.io";
icon = "uptime-kuma.png";
};
}
{
"Slides" = {
href = "https://uptime.dnsc.io";
icon = "slidev.png";
};
}
];
}
{
"Homelab" = [
{
"Jellyfin" = {
href = "http://100.103.199.4:8096";
icon = "jellyfin.png";
};
}
{
"Syncthing" = {
href = "http://100.103.199.4:8384";
icon = "syncthing.png";
};
}
];
}
];
bookmarks = [
{
Tools = [
{
Fastmail = [
{
abbr = "FM";
href = "https://app.fastmail.com";
}
];
}
{
YNAB = [
{
abbr = "YN";
href = "https://app.ynab.com";
}
];
}
];
}
{
Dev = [
{
Codeberg = [
{
abbr = "CB";
href = "https://codeberg.org";
}
];
}
{
Github = [
{
abbr = "GH";
href = "https://github.com/dennisschoepf";
}
];
}
];
}
{
Entertainment = [
{
YouTube = [
{
abbr = "YT";
href = "https://youtube.com";
}
];
}
{
Twitch = [
{
abbr = "TW";
href = "https://twitch.tv";
}
];
}
{
Overcast = [
{
abbr = "OC";
href = "https://overcast.fm";
}
];
}
];
}
];
};
# Caddy # Caddy
services.caddy = { services.caddy = {
enable = true; enable = true;

125
modules/homepage/default.nix Normal file
View file

@ -0,0 +1,125 @@
{
services.homepage-dashboard = {
enable = true;
listenPort = 9001;
allowedHosts = "home.dnsc.io";
settings = {
theme = "dark";
background = {
image = "https://i.ibb.co/v6FjzW5V/winter.png";
opacity = 40;
brightness = 50;
};
};
services = [
{
"VPS" = [
{
"Vaultwarden" = {
href = "https://vault.dnsc.io";
icon = "vaultwarden.png";
};
}
{
"Uptime Kuma" = {
href = "https://uptime.dnsc.io";
icon = "uptime-kuma.png";
};
}
{
"Slides" = {
href = "https://uptime.dnsc.io";
icon = "slidev.png";
};
}
];
}
{
"Homelab" = [
{
"Jellyfin" = {
href = "http://100.103.199.4:8096";
icon = "jellyfin.png";
};
}
{
"Syncthing" = {
href = "http://100.103.199.4:8384";
icon = "syncthing.png";
};
}
];
}
];
bookmarks = [
{
Tools = [
{
Fastmail = [
{
abbr = "FM";
href = "https://app.fastmail.com";
}
];
}
{
YNAB = [
{
abbr = "YN";
href = "https://app.ynab.com";
}
];
}
];
}
{
Dev = [
{
Codeberg = [
{
abbr = "CB";
href = "https://codeberg.org";
}
];
}
{
Github = [
{
abbr = "GH";
href = "https://github.com/dennisschoepf";
}
];
}
];
}
{
Entertainment = [
{
YouTube = [
{
abbr = "YT";
href = "https://youtube.com";
}
];
}
{
Twitch = [
{
abbr = "TW";
href = "https://twitch.tv";
}
];
}
{
Overcast = [
{
abbr = "OC";
href = "https://overcast.fm";
}
];
}
];
}
];
};
}

26
modules/jellyfin/default.nix Normal file
View file

@ -0,0 +1,26 @@
{
pkgs
}: {
services.jellyfin = {
enable = true;
openFirewall = true;
};
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver
vaapiVdpau
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
vpl-gpu-rt # QSV on 11th gen or newer
intel-media-sdk # QSV up to 11th gen
];
};
}

12
modules/openssh/default.nix Normal file
View file

@ -0,0 +1,12 @@
{
services.openssh = {
enable = true;
settings = {
X11Forwarding = false;
PermitRootLogin = "no";
PasswordAuthentication = false;
};
openFirewall = true;
};
}

20
modules/syncthing/default.nix Normal file
View file

@ -0,0 +1,20 @@
{
services.syncthing = {
enable = true;
group = "users";
guiAddress = "0.0.0.0:8384";
user = "dennis";
dataDir = "/home/dennis/sync";
configDir = "/home/dennis/sync/.config/syncthing";
overrideDevices = true;
overrideFolders = true;
settings = {
devices = {
"dnsc-pixel" = { id = "FD4XYVI-UZCBEXZ-OATLR3Y-7ZZPQOA-MFWP3Q7-OFNZY33-XH4TJAF-KVHW2AI"; };
"dnsc-air" = { id = "RYFO5XN-RRZZQI3-4W5DPHO-C7OKL5N-ZUQUBEI-ZKSWUHM-2BMTFRY-MDC7MA3"; };
};
};
};
systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
}

18
modules/ups/default.nix Normal file
View file

@ -0,0 +1,18 @@
{
power.ups = {
enable = true;
ups."eaton-ups" = {
driver = "usbhid-ups";
port = "auto";
};
users.upsmon = {
passwordFile = "/etc/upsmon.passwd";
upsmon = "primary";
};
upsmon.monitor."eaton-ups".user = "upsmon";
};
}

8
modules/uptime-kuma/default.nix Normal file
View file

@ -0,0 +1,8 @@
{
services.uptime-kuma = {
enable = true;
settings = {
PORT = "9000";
};
};
}

8
modules/vaultwarden/default.nix Normal file
View file

@ -0,0 +1,8 @@
{
config
}: {
services.vaultwarden = {
enable = true;
environmentFile = config.age.secrets."vaultwarden/env".path;
};
}