mirror of
https://git.gay/xqtc/nixos-config
synced 2024-12-29 15:23:44 +01:00
Compare commits
2 commits
8781412520
...
2b5a6f0416
Author | SHA1 | Date | |
---|---|---|---|
xqtc161 | 2b5a6f0416 | ||
xqtc161 | 3678a3f2b6 |
|
@ -26,7 +26,11 @@
|
||||||
networking.firewall.allowedTCPPorts = [8384 22000];
|
networking.firewall.allowedTCPPorts = [8384 22000];
|
||||||
networking.firewall.allowedUDPPorts = [22000 21027];
|
networking.firewall.allowedUDPPorts = [22000 21027];
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [sops];
|
environment.systemPackages = with pkgs; [
|
||||||
|
sops
|
||||||
|
tldr
|
||||||
|
inputs.compose2nix.packages.${pkgs.system}.default
|
||||||
|
];
|
||||||
|
|
||||||
programs.nix-ld = {
|
programs.nix-ld = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -37,9 +41,11 @@
|
||||||
trusted-users = ["xqtc"];
|
trusted-users = ["xqtc"];
|
||||||
substituters = [
|
substituters = [
|
||||||
"https://nix-community.cachix.org"
|
"https://nix-community.cachix.org"
|
||||||
|
"https://cache.saumon.network/proxmox-nixoshttps://cache.saumon.network/proxmox-nixos"
|
||||||
];
|
];
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
|
"proxmox-nixos:nveXDuVVhFDRFx8Dn19f1WDEaNRJjPrF2CPD2D+m1ys="
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
78
flake.lock
78
flake.lock
|
@ -20,6 +20,26 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
"compose2nix": {
|
||||||
|
"inputs": {
|
||||||
|
"nixpkgs": [
|
||||||
|
"nixpkgs"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1720032541,
|
||||||
|
"narHash": "sha256-PqBjivVCJS3qUXVBMeTLj03OlY2E5/TfJssd/p2m8js=",
|
||||||
|
"owner": "aksiksi",
|
||||||
|
"repo": "compose2nix",
|
||||||
|
"rev": "923f6bc058118f76e69ed96332e40a472d8fd702",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "aksiksi",
|
||||||
|
"repo": "compose2nix",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
"devshell": {
|
"devshell": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"flake-utils": "flake-utils_4",
|
"flake-utils": "flake-utils_4",
|
||||||
|
@ -49,11 +69,11 @@
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"dir": "pkgs/firefox-addons",
|
"dir": "pkgs/firefox-addons",
|
||||||
"lastModified": 1720065790,
|
"lastModified": 1720238603,
|
||||||
"narHash": "sha256-zZH4PDvXP0yR2b9WN4t1odiP2l/5vhrQHDb1lNLrVbA=",
|
"narHash": "sha256-XWcTKM/uVy7GP7QT8skZ9ywPqIPLhb9Sw7qBH+ZF5YM=",
|
||||||
"owner": "rycee",
|
"owner": "rycee",
|
||||||
"repo": "nur-expressions",
|
"repo": "nur-expressions",
|
||||||
"rev": "b359c6cd1a96f9c0c1325d375ffc7c0ffd8fb31c",
|
"rev": "c8799be7f004121f87ad702d61980d738405a51a",
|
||||||
"type": "gitlab"
|
"type": "gitlab"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -287,11 +307,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720045378,
|
"lastModified": 1720188602,
|
||||||
"narHash": "sha256-lmE7B+QXw7lWdBu5GQlUABSpzPk3YBb9VbV+IYK5djk=",
|
"narHash": "sha256-lC3byBmhVZFzWl/dCic8+cKUEEAXAswWOYjq4paFmbo=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "0a30138c694ab3b048ac300794c2eb599dc40266",
|
"rev": "e3582e5151498bc4d757e8361431ace8529e7bb7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -446,13 +466,29 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nixpkgs-master": {
|
"nixpkgs-2405": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720112438,
|
"lastModified": 1720110830,
|
||||||
"narHash": "sha256-oALk4w8/wxwriVLUiAVef2h2rMw8Vzsc3IJmxeY4KgE=",
|
"narHash": "sha256-E5dN9GDV4LwMEduhBLSkyEz51zM17XkWZ3/9luvNOPs=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "225b5d75242add18ffaf67579acb6549510ca2f7",
|
"rev": "c0d0be00d4ecc4b51d2d6948e37466194c1e6c51",
|
||||||
|
"type": "github"
|
||||||
|
},
|
||||||
|
"original": {
|
||||||
|
"owner": "NixOS",
|
||||||
|
"ref": "nixos-24.05",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"nixpkgs-master": {
|
||||||
|
"locked": {
|
||||||
|
"lastModified": 1720263701,
|
||||||
|
"narHash": "sha256-fKYOxXAXAv7zgfPVC1jWPJH6QrJ650IdJpFD9Mm5j0Y=",
|
||||||
|
"owner": "NixOS",
|
||||||
|
"repo": "nixpkgs",
|
||||||
|
"rev": "731dc15f156f9d28a60bf6b4629994d6bf883975",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -464,16 +500,16 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-stable": {
|
"nixpkgs-stable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719663039,
|
"lastModified": 1719720450,
|
||||||
"narHash": "sha256-tXlrgAQygNIy49LDVFuPXlWD2zTQV9/F8pfoqwwPJyo=",
|
"narHash": "sha256-57+R2Uj3wPeDeq8p8un19tzFFlgWiXJ8PbzgKtBgBX8=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "4a1e673523344f6ccc84b37f4413ad74ea19a119",
|
"rev": "78f8641796edff3bfabbf1ef5029deadfe4a21d0",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"ref": "release-23.11",
|
"ref": "release-24.05",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
|
@ -572,11 +608,11 @@
|
||||||
"treefmt-nix": "treefmt-nix"
|
"treefmt-nix": "treefmt-nix"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1720021470,
|
"lastModified": 1720222362,
|
||||||
"narHash": "sha256-wJ8NGzPRkwDao4Om9/P+RLxussLGvtGGH2XdjDgJqRE=",
|
"narHash": "sha256-3chuZmpQDhod758MzQJQQnoa08NalySx6gyv/T6LEIQ=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "nixvim",
|
"repo": "nixvim",
|
||||||
"rev": "9b25eaaa6f64a584ffccdd90b23d0962d9138352",
|
"rev": "edc8602d4723e172405ae00e778c7b407885d6c8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -588,6 +624,7 @@
|
||||||
"root": {
|
"root": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"apple-silicon": "apple-silicon",
|
"apple-silicon": "apple-silicon",
|
||||||
|
"compose2nix": "compose2nix",
|
||||||
"firefox-addons": "firefox-addons",
|
"firefox-addons": "firefox-addons",
|
||||||
"flake-utils": "flake-utils_2",
|
"flake-utils": "flake-utils_2",
|
||||||
"home-manager": "home-manager",
|
"home-manager": "home-manager",
|
||||||
|
@ -596,6 +633,7 @@
|
||||||
"nixos-aarch64-widevine": "nixos-aarch64-widevine",
|
"nixos-aarch64-widevine": "nixos-aarch64-widevine",
|
||||||
"nixos-hardware": "nixos-hardware",
|
"nixos-hardware": "nixos-hardware",
|
||||||
"nixpkgs": "nixpkgs_5",
|
"nixpkgs": "nixpkgs_5",
|
||||||
|
"nixpkgs-2405": "nixpkgs-2405",
|
||||||
"nixpkgs-master": "nixpkgs-master",
|
"nixpkgs-master": "nixpkgs-master",
|
||||||
"nixvim": "nixvim",
|
"nixvim": "nixvim",
|
||||||
"sops-nix": "sops-nix",
|
"sops-nix": "sops-nix",
|
||||||
|
@ -626,11 +664,11 @@
|
||||||
"nixpkgs-stable": "nixpkgs-stable"
|
"nixpkgs-stable": "nixpkgs-stable"
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1719873517,
|
"lastModified": 1720187017,
|
||||||
"narHash": "sha256-D1dxZmXf6M2h5lNE1m6orojuUawVPjogbGRsqSBX+1g=",
|
"narHash": "sha256-Zq+T1Bvd0ShZB9XM+bP0VJK3HjsSVQBLolkaCLBQnfQ=",
|
||||||
"owner": "Mic92",
|
"owner": "Mic92",
|
||||||
"repo": "sops-nix",
|
"repo": "sops-nix",
|
||||||
"rev": "a11224af8d824935f363928074b4717ca2e280db",
|
"rev": "1b11e208cee97c47677439625dc22e5289dcdead",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
16
flake.nix
16
flake.nix
|
@ -1,10 +1,15 @@
|
||||||
{
|
{
|
||||||
inputs = {
|
inputs = {
|
||||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
|
nixpkgs-2405.url = "github:NixOS/nixpkgs/nixos-24.05";
|
||||||
flake-utils.url = "github:numtide/flake-utils";
|
flake-utils.url = "github:numtide/flake-utils";
|
||||||
nixos-aarch64-widevine.url = "github:epetousis/nixos-aarch64-widevine";
|
nixos-aarch64-widevine.url = "github:epetousis/nixos-aarch64-widevine";
|
||||||
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
|
nixpkgs-master.url = "github:NixOS/nixpkgs/master";
|
||||||
apple-silicon.url = "github:tpwrules/nixos-apple-silicon";
|
apple-silicon.url = "github:tpwrules/nixos-apple-silicon";
|
||||||
|
compose2nix = {
|
||||||
|
url = "github:aksiksi/compose2nix";
|
||||||
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
};
|
||||||
home-manager = {
|
home-manager = {
|
||||||
url = "github:nix-community/home-manager/master";
|
url = "github:nix-community/home-manager/master";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
@ -53,15 +58,12 @@
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
nixosConfigurations = {
|
nixosConfigurations = {
|
||||||
#pkgs.util.mapHostAttrs (host: host) (host:
|
|
||||||
# lib.nixosSystem {
|
|
||||||
# system = "x86_64-linux";
|
|
||||||
# modules = [./hosts/x86_64-linux/${host}];
|
|
||||||
# specialArgs = {inherit inputs;};
|
|
||||||
# });
|
|
||||||
"asmodeus" = lib.nixosSystem {
|
"asmodeus" = lib.nixosSystem {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
modules = [./hosts/x86_64-linux/asmodeus lix-module.nixosModules.default];
|
modules = [
|
||||||
|
./hosts/x86_64-linux/asmodeus
|
||||||
|
lix-module.nixosModules.default
|
||||||
|
];
|
||||||
specialArgs = {inherit inputs;};
|
specialArgs = {inherit inputs;};
|
||||||
};
|
};
|
||||||
"seraphim" = lib.nixosSystem {
|
"seraphim" = lib.nixosSystem {
|
||||||
|
|
|
@ -26,7 +26,7 @@ with inputs; {
|
||||||
sidebery
|
sidebery
|
||||||
leechblock-ng
|
leechblock-ng
|
||||||
darkreader
|
darkreader
|
||||||
ipvfoo
|
ipvfoo
|
||||||
stylus
|
stylus
|
||||||
shinigami-eyes
|
shinigami-eyes
|
||||||
violentmonkey
|
violentmonkey
|
||||||
|
|
|
@ -8,5 +8,10 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
userName = "xqtc161";
|
userName = "xqtc161";
|
||||||
userEmail = "xqtc@tutanota.com";
|
userEmail = "xqtc@tutanota.com";
|
||||||
|
extraConfig = {
|
||||||
|
init = {
|
||||||
|
defaultBranch = "main";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -42,6 +42,7 @@
|
||||||
lsp = {
|
lsp = {
|
||||||
enable = true;
|
enable = true;
|
||||||
servers = {
|
servers = {
|
||||||
|
docker-compose-language-service.enable = true;
|
||||||
pylsp.enable = true;
|
pylsp.enable = true;
|
||||||
bashls.enable = true;
|
bashls.enable = true;
|
||||||
lua-ls.enable = true;
|
lua-ls.enable = true;
|
||||||
|
|
|
@ -27,9 +27,9 @@
|
||||||
"[u410986-sub2.your-storagebox.de]:23"
|
"[u410986-sub2.your-storagebox.de]:23"
|
||||||
];
|
];
|
||||||
publicKey = ''
|
publicKey = ''
|
||||||
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5EB5p/5Hp3hGW1oHok+PIOH9Pbn7cnUiGmUEBrCVjnAw+HrKyN8bYVV0dIGllswYXwkG/+bgiBlE6IVIBAq+JwVWu1Sss3KarHY3OvFJUXZoZyRRg/Gc/+LRCE7lyKpwWQ70dbelGRyyJFH36eNv6ySXoUYtGkwlU5IVaHPApOxe4LHPZa/qhSRbPo2hwoh0orCtgejRebNtW5nlx00DNFgsvn8Svz2cIYLxsPVzKgUxs8Zxsxgn+Q/UvR7uq4AbAhyBMLxv7DjJ1pc7PJocuTno2Rw9uMZi1gkjbnmiOh6TTXIEWbnroyIhwc8555uto9melEUmWNQ+C+PwAK+MPw==
|
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA5EB5p/5Hp3hGW1oHok+PIOH9Pbn7cnUiGmUEBrCVjnAw+HrKyN8bYVV0dIGllswYXwkG/+bgiBlE6IVIBAq+JwVWu1Sss3KarHY3OvFJUXZoZyRRg/Gc/+LRCE7lyKpwWQ70dbelGRyyJFH36eNv6ySXoUYtGkwlU5IVaHPApOxe4LHPZa/qhSRbPo2hwoh0orCtgejRebNtW5nlx00DNFgsvn8Svz2cIYLxsPVzKgUxs8Zxsxgn+Q/UvR7uq4AbAhyBMLxv7DjJ1pc7PJocuTno2Rw9uMZi1gkjbnmiOh6TTXIEWbnroyIhwc8555uto9melEUmWNQ+C+PwAK+MPw==
|
||||||
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGK0po6usux4Qv2d8zKZN1dDvbWjxKkGsx7XwFdSUCnF19Q8psHEUWR7C/LtSQ5crU/g+tQVRBtSgoUcE8T+FWp5wBxKvWG2X9gD+s9/4zRmDeSJR77W6gSA/+hpOZoSE+4KgNdnbYSNtbZH/dN74EG7GLb/gcIpbUUzPNXpfKl7mQitw==
|
ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGK0po6usux4Qv2d8zKZN1dDvbWjxKkGsx7XwFdSUCnF19Q8psHEUWR7C/LtSQ5crU/g+tQVRBtSgoUcE8T+FWp5wBxKvWG2X9gD+s9/4zRmDeSJR77W6gSA/+hpOZoSE+4KgNdnbYSNtbZH/dN74EG7GLb/gcIpbUUzPNXpfKl7mQitw==
|
||||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -97,8 +97,8 @@ with lib; {
|
||||||
};
|
};
|
||||||
"jellyfin.heroin.trade" = {
|
"jellyfin.heroin.trade" = {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
reverse_proxy http://127.0.0.1:8096
|
reverse_proxy http://127.0.0.1:8096
|
||||||
redir /metrics* /
|
redir /metrics* /
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
"calibre.heroin.trade" = {
|
"calibre.heroin.trade" = {
|
||||||
|
@ -122,9 +122,9 @@ with lib; {
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
"servers" = {
|
"servers" = {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
metrics
|
metrics
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
211
hosts/x86_64-linux/beleth/docker-compose-crime.nix
Normal file
211
hosts/x86_64-linux/beleth/docker-compose-crime.nix
Normal file
|
@ -0,0 +1,211 @@
|
||||||
|
# Auto-generated using compose2nix v0.2.0-pre.
|
||||||
|
{
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
|
# Runtime
|
||||||
|
virtualisation.podman = {
|
||||||
|
enable = true;
|
||||||
|
autoPrune.enable = true;
|
||||||
|
dockerCompat = true;
|
||||||
|
defaultNetwork.settings = {
|
||||||
|
# Required for container networking to be able to use names.
|
||||||
|
dns_enabled = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
virtualisation.oci-containers.backend = "podman";
|
||||||
|
|
||||||
|
# Containers
|
||||||
|
virtualisation.oci-containers.containers."crime-gluetun" = {
|
||||||
|
image = "qmcgaw/gluetun";
|
||||||
|
environment = {
|
||||||
|
SERVER_CITIES = "Frankfurt";
|
||||||
|
VPN_SERVICE_PROVIDER = "mullvad";
|
||||||
|
VPN_TYPE = "wireguard";
|
||||||
|
WIREGUARD_ADDRESSES = "10.71.178.75/32";
|
||||||
|
WIREGUARD_PRIVATE_KEY = "";
|
||||||
|
};
|
||||||
|
ports = [
|
||||||
|
"6881:6881/tcp"
|
||||||
|
"6881:6881/udp"
|
||||||
|
"8085:8085/tcp"
|
||||||
|
"7878:7878/tcp"
|
||||||
|
"8989:8989/tcp"
|
||||||
|
"9696:9696/tcp"
|
||||||
|
];
|
||||||
|
log-driver = "journald";
|
||||||
|
extraOptions = [
|
||||||
|
"--cap-add=NET_ADMIN"
|
||||||
|
"--network-alias=gluetun"
|
||||||
|
"--network=crime_default"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
systemd.services."podman-crime-gluetun" = {
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = lib.mkOverride 500 "\"no\"";
|
||||||
|
};
|
||||||
|
after = [
|
||||||
|
"podman-network-crime_default.service"
|
||||||
|
];
|
||||||
|
requires = [
|
||||||
|
"podman-network-crime_default.service"
|
||||||
|
];
|
||||||
|
partOf = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
wantedBy = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
virtualisation.oci-containers.containers."prowlarr" = {
|
||||||
|
image = "lscr.io/linuxserver/prowlarr:latest";
|
||||||
|
environment = {
|
||||||
|
PGID = "1000";
|
||||||
|
PUID = "1000";
|
||||||
|
TZ = "Etc/UTC";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"/home/crime/prowlarr/data:/config:rw"
|
||||||
|
];
|
||||||
|
dependsOn = [
|
||||||
|
"crime-gluetun"
|
||||||
|
];
|
||||||
|
log-driver = "journald";
|
||||||
|
extraOptions = [
|
||||||
|
"--network=container:crime-gluetun"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
systemd.services."podman-prowlarr" = {
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = lib.mkOverride 500 "always";
|
||||||
|
};
|
||||||
|
partOf = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
wantedBy = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
virtualisation.oci-containers.containers."qbittorrent" = {
|
||||||
|
image = "lscr.io/linuxserver/qbittorrent";
|
||||||
|
environment = {
|
||||||
|
PGID = "1000";
|
||||||
|
PUID = "1000";
|
||||||
|
TZ = "Europe/Berlin";
|
||||||
|
WEBUI_PORT = "8085";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"/home/crime/qbittorrent:/config:rw"
|
||||||
|
"/home/crime/qbittorrent/downloads:/downloads:rw"
|
||||||
|
];
|
||||||
|
dependsOn = [
|
||||||
|
"crime-gluetun"
|
||||||
|
];
|
||||||
|
log-driver = "journald";
|
||||||
|
extraOptions = [
|
||||||
|
"--network=container:crime-gluetun"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
systemd.services."podman-qbittorrent" = {
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = lib.mkOverride 500 "always";
|
||||||
|
};
|
||||||
|
partOf = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
wantedBy = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
virtualisation.oci-containers.containers."radarr" = {
|
||||||
|
image = "lscr.io/linuxserver/radarr:latest";
|
||||||
|
environment = {
|
||||||
|
PGID = "1000";
|
||||||
|
PUID = "1000";
|
||||||
|
TZ = "Etc/UTC";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"/home/crime/radarr/data:/config:rw"
|
||||||
|
"/home/crime/radarr/downloadclient-downloads:/downloads:rw"
|
||||||
|
"/home/crime/radarr/movies:/movies:rw"
|
||||||
|
];
|
||||||
|
dependsOn = [
|
||||||
|
"crime-gluetun"
|
||||||
|
];
|
||||||
|
log-driver = "journald";
|
||||||
|
extraOptions = [
|
||||||
|
"--network=container:crime-gluetun"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
systemd.services."podman-radarr" = {
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = lib.mkOverride 500 "always";
|
||||||
|
};
|
||||||
|
partOf = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
wantedBy = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
virtualisation.oci-containers.containers."sonarr" = {
|
||||||
|
image = "lscr.io/linuxserver/sonarr:latest";
|
||||||
|
environment = {
|
||||||
|
PGID = "1000";
|
||||||
|
PUID = "1000";
|
||||||
|
TZ = "Etc/UTC";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"/home/crime/sonarr/data:/config:rw"
|
||||||
|
"/home/crime/sonarr/downloadclient-downloads:/downloads:rw"
|
||||||
|
"/home/crime/sonarr/tvseries:/tv:rw"
|
||||||
|
];
|
||||||
|
dependsOn = [
|
||||||
|
"crime-gluetun"
|
||||||
|
];
|
||||||
|
log-driver = "journald";
|
||||||
|
extraOptions = [
|
||||||
|
"--network=container:crime-gluetun"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
systemd.services."podman-sonarr" = {
|
||||||
|
serviceConfig = {
|
||||||
|
Restart = lib.mkOverride 500 "always";
|
||||||
|
};
|
||||||
|
partOf = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
wantedBy = [
|
||||||
|
"podman-compose-crime-root.target"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Networks
|
||||||
|
systemd.services."podman-network-crime_default" = {
|
||||||
|
path = [pkgs.podman];
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
ExecStop = "${pkgs.podman}/bin/podman network rm -f crime_default";
|
||||||
|
};
|
||||||
|
script = ''
|
||||||
|
podman network inspect crime_default || podman network create crime_default
|
||||||
|
'';
|
||||||
|
partOf = ["podman-compose-crime-root.target"];
|
||||||
|
wantedBy = ["podman-compose-crime-root.target"];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Root service
|
||||||
|
# When started, this will automatically create all resources and start
|
||||||
|
# the containers. When stopped, this will teardown all resources.
|
||||||
|
systemd.targets."podman-compose-crime-root" = {
|
||||||
|
unitConfig = {
|
||||||
|
Description = "Root target generated by compose2nix.";
|
||||||
|
};
|
||||||
|
wantedBy = ["multi-user.target"];
|
||||||
|
};
|
||||||
|
}
|
|
@ -46,11 +46,11 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
nextcloud = {
|
nextcloud = {
|
||||||
enable = true;
|
enable = true;
|
||||||
user = "nextcloud";
|
user = "nextcloud";
|
||||||
username = "xqtc";
|
username = "xqtc";
|
||||||
passwordFile = config.sops.secrets.nextcloud_user_password.path;
|
passwordFile = config.sops.secrets.nextcloud_user_password.path;
|
||||||
url = "https://${toString config.services.nextcloud.hostName}";
|
url = "https://${toString config.services.nextcloud.hostName}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
scrapeConfigs = [
|
scrapeConfigs = [
|
||||||
|
|
|
@ -5,6 +5,7 @@ public_keys:
|
||||||
nextcloud_password: ENC[AES256_GCM,data:lwqQio1I1xTv07bLRyrvig1HRyCxcueSPgDpPRhXBqCi8d42OJt7rA==,iv:R0JxpCJz9zycph9p7Ewwt4QTEXQxaxJ691aWCXfEsFE=,tag:Qz3dD2cOkmneEWP7tI54Dg==,type:str]
|
nextcloud_password: ENC[AES256_GCM,data:lwqQio1I1xTv07bLRyrvig1HRyCxcueSPgDpPRhXBqCi8d42OJt7rA==,iv:R0JxpCJz9zycph9p7Ewwt4QTEXQxaxJ691aWCXfEsFE=,tag:Qz3dD2cOkmneEWP7tI54Dg==,type:str]
|
||||||
nextcloud_user_password: ENC[AES256_GCM,data:fkX/1pOgRLvhHTtoK9i5F0kO+mRKj40BH2s7VD7ifPEnyJhWqy5mvg==,iv:iEnW4Z8vCY9oapOpVZNuLMa50SXT01clYaScUN+q/k8=,tag:0G0Y8XCSj+dBAy6Cw8YOHg==,type:str]
|
nextcloud_user_password: ENC[AES256_GCM,data:fkX/1pOgRLvhHTtoK9i5F0kO+mRKj40BH2s7VD7ifPEnyJhWqy5mvg==,iv:iEnW4Z8vCY9oapOpVZNuLMa50SXT01clYaScUN+q/k8=,tag:0G0Y8XCSj+dBAy6Cw8YOHg==,type:str]
|
||||||
paperless_password: ENC[AES256_GCM,data:OCrc00vUb+lgel8TmFm+9Ee4QJZZV7W6+Jl9+R7AfjfDh6v590ibvw==,iv:emM7g0JRcEH4xuYdvZN64drOhduXyQy6HwF1xByaLvE=,tag:D2O1qAeKtYWGf+Zd3RuBTQ==,type:str]
|
paperless_password: ENC[AES256_GCM,data:OCrc00vUb+lgel8TmFm+9Ee4QJZZV7W6+Jl9+R7AfjfDh6v590ibvw==,iv:emM7g0JRcEH4xuYdvZN64drOhduXyQy6HwF1xByaLvE=,tag:D2O1qAeKtYWGf+Zd3RuBTQ==,type:str]
|
||||||
|
#ENC[AES256_GCM,data:UmGDAz/qalmP6Z2r4VSH802m9ddAoCQ8IaAtAmyQV+Psg0rNpLF7du5ykDepTyHAb6YAG1k2k9ziqfV8P9SUNMvLC7D3TmFk9oZtW8HLrN84tcbp9i4HDFfQ+Q==,iv:PzHlSFj0H4/eSab9j3y9lYAFUPMEb+G74M2/2cmv70A=,tag:GFstk6NgtJCNm207zO1fjQ==,type:comment]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -56,8 +57,8 @@ sops:
|
||||||
a2ZHZmQ0dEVMZFlJRENmU2lGejFuMzAKOO3kTP/VWRYn5CrwPyjUIGS7kjxPvNYZ
|
a2ZHZmQ0dEVMZFlJRENmU2lGejFuMzAKOO3kTP/VWRYn5CrwPyjUIGS7kjxPvNYZ
|
||||||
HMt+cCG9FYeJdqPpHWiM0TeHYUG0h7XlltIMg7KhE4Qj/GARegmuZQ==
|
HMt+cCG9FYeJdqPpHWiM0TeHYUG0h7XlltIMg7KhE4Qj/GARegmuZQ==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-07-05T15:42:51Z"
|
lastmodified: "2024-07-06T14:20:40Z"
|
||||||
mac: ENC[AES256_GCM,data:HKjqJxfseQcrP/hViiY933NQdZQpTYS+wHigWlIOKDUhW4HOjVcRPc/lcbtb/41RBXl5xPKJyYSNzj3AdSM6kMznE0USEmYU9+XHFDd845n1YVg6qRHYUH/fFKsdDF2L5tEZ9DPEZQ6mW2EpxW+9AVVlU1L7wNsm7rtpcPTPcb4=,iv:arNw7DvxMfMBALJjp63bwNrsBedohhVWRJZFboXaZpI=,tag:OKQNf28nm/LrgUueOtwDsg==,type:str]
|
mac: ENC[AES256_GCM,data:tiYyfsKlYF4j5YqIezO34L8nkGmHTWQeR7y6e3M2PFFujCqw87Q/WdAdKiyErvPmPwMbkyfXQZgIs2fAKx/C6t5lh5TFFQYZyvCV9A17y4vn8f5SK1HFDePQTfaCqQ4IlSXAXZYpBMMFJn+WBVJQUCb3xM5meuVYTTZpqE8dmso=,iv:NwLsBzVa/Kf9YS6lfS+4VpWkYxpqxPEbRHquuNJ0klY=,tag:LgsV5KBk0Dwij4jEbB99xA==,type:str]
|
||||||
pgp: []
|
pgp: []
|
||||||
unencrypted_suffix: _unencrypted
|
unencrypted_suffix: _unencrypted
|
||||||
version: 3.8.1
|
version: 3.8.1
|
||||||
|
|
Loading…
Reference in a new issue