xeovalyte/nix
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix

Browse Source
This commit is contained in:
Timo Boomers 2025-06-11 13:14:22 +02:00
commit 95235d5ad5
Signed by: xeovalyte
SSH Key Fingerprint: SHA256:GWI1hq+MNKR2UOcvk7n9tekASXT8vyazK7vDF9Xyciw
21 changed files with 159 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/ti-clt-lpt01/configuration.nix
View File

@ -10,7 +10,7 @@
];
settings = {
hostname = "ti-clt-dsk01";
hostname = "ti-clt-lpt01";
display-manager = "cosmic-greeter";
desktop-environments = {
cosmic.enable = true;
@ -55,6 +55,7 @@
configurationLimit = 32;
};
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.supportedFilesystems = [ "nfs" ];
# Networking
networking.hosts = {

5
hosts/ti-clt-lpt01/home.nix
View File

@ -48,7 +48,6 @@
home.packages = with pkgs; [
# Desktop Applications
kdenlive
prismlauncher
unstable.prusa-slicer
signal-desktop
@ -62,7 +61,6 @@
unstable.hoppscotch
unstable.apostrophe
unstable.surfer # waveform viewer
unstable.drawio
# Office
libreoffice
@ -72,9 +70,6 @@
inkscape
unstable.obs-studio
# Development
unstable.drawio
unstable.moonlight-qt
# Scripts

4
hosts/v-th-ctr-01/configuration.nix
View File

@ -2,7 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ modulesPath, ... }:
{ modulesPath, lib, ... }:
{
imports = [
@ -12,6 +12,8 @@
../../modules/system/default.nix
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
settings = {
hostname = "v-th-ctr-01";
display-manager = "none";

1
hosts/v-th-ctr-01/home.nix
View File

@ -57,6 +57,7 @@
vikunja.enable = true;
stalwart.enable = true;
linkding.enable = true;
jellyfin.enable = true;
};
};

5
modules/home/containers/beszel.nix
View File

@ -49,6 +49,11 @@ in {
};
};
settings.containers.caddy.routes.tbmrs-local.routes.beszel = {
host = "monitor";
url = "beszel:8090";
};
sops.secrets = {
"containers/beszel/key" = { };
};

117
modules/home/containers/caddy.nix
View File

@ -5,19 +5,22 @@ with lib;
let
cfg = config.settings.containers.caddy;
generateRoutes = entries: lib.concatMapStrings (route: ''
@${route.name} host ${route.host}
toInternal = name: routesDef: {
name = name;
host = routesDef.host;
url = routesDef.url;
};
generateRoutes = domain: entries: lib.concatMapStrings (route: ''
@${route.name} host ${route.host}.${domain}
handle @${route.name} {
reverse_proxy ${route.url}
}
'') entries;
routesOption = lib.mkOption {
type = types.listOf (types.submodule {
type = types.attrsOf (types.submodule {
options = {
name = mkOption {
type = types.str;
};
url = mkOption {
type = types.str;
};
@ -29,7 +32,7 @@ let
};
in {
options = {
settings.containers.caddy.enable = lib.mkOption {
settings.containers.caddy.enable = mkOption {
type = lib.types.bool;
default = false;
description = ''
@ -37,8 +40,16 @@ in {
'';
};
settings.containers.caddy.routes.tbmrs = routesOption;
settings.containers.caddy.routes.tbmrs-local = routesOption;
settings.containers.caddy.routes = mkOption {
type = lib.types.attrsOf (types.submodule {
options = {
routes = routesOption;
domain = mkOption {
type = types.str;
};
};
});
};
};
config = mkIf cfg.enable {
@ -59,48 +70,10 @@ in {
];
};
settings.containers.caddy.routes.tbmrs = [
{
name = "kanidm";
host = "auth";
url = "https://auth.tbmrs.nl";
}
{
name = "forgejo";
host = "git";
url = "forgejo:3000";
}
{
name = "immich";
host = "photos";
url = "immich-server:2283";
}
{
name = "homepage";
host = "home";
url = "homepage:3000";
}
{
name = "uptime-kuma";
host = "uptime";
url = "uptime-kuma:3001";
}
{
name = "pingvin-share";
host = "share";
url = "pingvin-share:3000";
}
{
name = "dufs";
host = "files";
url = "dufs:5000";
}
{
name = "stalwart";
host = "mail";
url = "stalwart:8000";
}
];
settings.containers.caddy.routes = {
tbmrs.domain = "tbmrs.nl";
tbmrs-local.domain = "local.tbmrs.nl";
};
home.file."containers/caddy/Caddyfile".text = ''
*.tbmrs.nl, tbmrs.nl {
@ -109,7 +82,7 @@ in {
resolvers 1.1.1.1
}
${generateRoutes cfg.routes.tbmrs}
${generateRoutes cfg.routes.tbmrs.domain (mapAttrsToList toInternal cfg.routes.tbmrs.routes)}
}
*.local.tbmrs.nl {
@ -118,45 +91,7 @@ in {
resolvers 1.1.1.1
}
@vaultwarden host vault.local.tbmrs.nl
handle @vaultwarden {
reverse_proxy vaultwarden:80
}
@paperless-ngx host paperless.local.tbmrs.nl
handle @paperless-ngx {
reverse_proxy paperless-ngx:8000
}
@beszel host monitor.local.tbmrs.nl
handle @beszel {
reverse_proxy beszel:8090
}
@syncthing host syncthing.local.tbmrs.nl
handle @syncthing {
reverse_proxy syncthing:8384
}
@homeassistant host home-assistant.local.tbmrs.nl
handle @homeassistant {
reverse_proxy homeassistant:8123
}
@karakeep host karakeep.local.tbmrs.nl
handle @karakeep {
reverse_proxy karakeep:3000
}
@vikunja host vikunja.local.tbmrs.nl
handle @vikunja {
reverse_proxy vikunja:3456
}
@linkding host linkding.local.tbmrs.nl
handle @linkding {
reverse_proxy linkding:9090
}
${generateRoutes cfg.routes.tbmrs-local.domain (mapAttrsToList toInternal cfg.routes.tbmrs-local.routes)}
}
'';
};

5
modules/home/containers/forgejo.nix
View File

@ -28,5 +28,10 @@ in {
FORGEJO__service__ENABLE_PASSWORD_SIGNIN_FORM = false;
};
};
settings.containers.caddy.routes.tbmrs.routes.forgejo = {
host = "git";
url = "forgejo:3000";
};
};
}

5
modules/home/containers/homeassistant.nix
View File

@ -27,5 +27,10 @@ in {
TZ = "Europe/Amsterdam";
};
};
settings.containers.caddy.routes.tbmrs-local.routes.home-assistant = {
host = "home-assistant";
url = "homeassistant:8123";
};
};
}

24
modules/home/containers/homepage.nix
View File

@ -32,6 +32,11 @@ in {
};
};
settings.containers.caddy.routes.tbmrs.routes.homepage = {
host = "home";
url = "homepage:3000";
};
home.file."containers/homepage/config/settings.yaml".source = (pkgs.formats.yaml { }).generate "settings" {
title = "Timo's Server";
description = "server from Timo";
@ -125,12 +130,21 @@ in {
};
}
{
"Karakeep" = {
href = "https://karakeep.local.tbmrs.nl";
description = "Data hoarder";
icon = "karakeep";
"Linkding" = {
href = "https://links.local.tbmrs.nl";
description = "Bookmarks";
icon = "linkding";
server = "podman";
container = "karakeep";
container = "linkding";
};
}
{
"Stalwart" = {
href = "https://mail.tbmrs.nl";
description = "Mailserver";
icon = "stalwart";
server = "podman";
container = "stalwart";
};
}
];

5
modules/home/containers/immich.nix
View File

@ -71,5 +71,10 @@ in {
};
exec = ''postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on'';
};
settings.containers.caddy.routes.tbmrs.routes.immich = {
host = "photos";
url = "immich-server:2283";
};
};
}

35
modules/home/containers/jellyfin.nix Normal file
View File

@ -0,0 +1,35 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.jellyfin;
in {
options = {
settings.containers.jellyfin.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable jellyfin container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.jellyfin = {
image = "jellyfin/jellyfin";
network = "proxy";
volumes = [
"%h/containers/jellyfin/config:/config"
"%h/containers/jellyfin/cache:/cache"
"%h/media:/media"
];
userNS = "keep-id";
};
settings.containers.caddy.routes.tbmrs-local.routes.jellyfin = {
host = "stream";
url = "jellyfin:8096";
};
};
}

5
modules/home/containers/kanidm.nix
View File

@ -36,5 +36,10 @@ in {
KANIDM_ORIGIN = "https://auth.tbmrs.nl";
};
};
settings.containers.caddy.routes.tbmrs.routes.kanidm = {
host = "auth";
url = "https://auth.tbmrs.nl";
};
};
}

5
modules/home/containers/linkding.nix
View File

@ -36,6 +36,11 @@ in {
];
};
settings.containers.caddy.routes.tbmrs-local.routes.linkding = {
host = "links";
url = "linkding:9090";
};
settings.services.sops.enable = true;
sops.templates = {

5
modules/home/containers/paperless-ngx.nix
View File

@ -88,6 +88,11 @@ in {
];
};
settings.containers.caddy.routes.tbmrs-local.routes.paperless-ngx = {
host = "paperless";
url = "paperless-ngx:8000";
};
sops.secrets = {
"containers/paperless-ngx/db-password" = { };
"containers/paperless-ngx/secret" = { };

5
modules/home/containers/pingvin-share.nix
View File

@ -39,6 +39,11 @@ in {
};
};
settings.containers.caddy.routes.tbmrs.routes.pingvin = {
host = "share";
url = "pingvin-share:3000";
};
sops.templates = {
"container-pingvin.yaml" = {
content = /*yaml*/ ''

5
modules/home/containers/stalwart.nix
View File

@ -33,5 +33,10 @@ in {
"%h/containers/stalwart/data:/opt/stalwart-mail"
];
};
settings.containers.caddy.routes.tbmrs.routes.stalwart = {
host = "mail";
url = "stalwart:8080";
};
};
}

10
modules/home/containers/storage.nix
View File

@ -43,5 +43,15 @@ in {
"22000:22000/udp"
];
};
settings.containers.caddy.routes.tbmrs-local.routes.sycnthing = {
host = "syncthing";
url = "syncthing:8384";
};
settings.containers.caddy.routes.tbmrs.routes.dufs = {
host = "files";
url = "dufs:5000";
};
};
}

7
modules/home/containers/uptime-kuma.nix
View File

@ -17,11 +17,16 @@ in {
config = mkIf cfg.enable {
services.podman.containers.uptime-kuma = {
image = "louislam/uptime-kuma:1";
image = "louislam/uptime-kuma:beta";
network = "proxy";
volumes = [
"%h/containers/uptime-kuma/data:/app/data"
];
};
settings.containers.caddy.routes.tbmrs.routes.uptime-kuma = {
host = "uptime";
url = "uptime-kuma:3001";
};
};
}

6
modules/home/containers/vaultwarden.nix
View File

@ -27,5 +27,11 @@ in {
SIGNUPS_ALLOWED = true;
};
};
settings.containers.caddy.routes.tbmrs-local.routes.vaultwarden = {
host = "vault";
url = "vaultwarden:80";
};
};
}

5
modules/home/containers/vikunja.nix
View File

@ -25,5 +25,10 @@ in {
"%h/containers/vikunja/db:/db"
];
};
settings.containers.caddy.routes.tbmrs-local.routes.vikunja = {
host = "tasks";
url = "vikunja:3456";
};
};
}

1
modules/home/default.nix
View File

@ -46,6 +46,7 @@
./containers/stalwart.nix
./containers/static.nix
./containers/linkding.nix
./containers/jellyfin.nix
];
config = {