Adapt franz to real installation
This commit is contained in:
parent
d0ae7b1f22
commit
d271bd977e
16 changed files with 105 additions and 82 deletions
|
@ -18,8 +18,8 @@
|
||||||
"traefik.http.routers.homarr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.homarr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/dashboard/homarr_data:/app/data/configs"
|
"/drives/hdd/docker/dashboard/homarr_data:/app/data/configs"
|
||||||
"/home/ghoscht/.docker/dashboard/homarr_icons:/app/public/imgs"
|
"/drives/hdd/docker/dashboard/homarr_icons:/app/public/imgs"
|
||||||
];
|
];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = [
|
networks = [
|
||||||
|
|
|
@ -16,6 +16,8 @@
|
||||||
./media
|
./media
|
||||||
./dashboard
|
./dashboard
|
||||||
./smarthome
|
./smarthome
|
||||||
|
./signal
|
||||||
|
./feed
|
||||||
];
|
];
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [arion];
|
environment.systemPackages = with pkgs; [arion];
|
||||||
|
|
|
@ -22,6 +22,7 @@
|
||||||
pihole.service = {
|
pihole.service = {
|
||||||
image = "pihole/pihole:latest";
|
image = "pihole/pihole:latest";
|
||||||
container_name = "pihole";
|
container_name = "pihole";
|
||||||
|
hostname = "pihole";
|
||||||
environment = {
|
environment = {
|
||||||
IPv6 = "True";
|
IPv6 = "True";
|
||||||
TZ = "Europe/Berlin";
|
TZ = "Europe/Berlin";
|
||||||
|
@ -29,8 +30,8 @@
|
||||||
VIRTUAL_HOST = "pihole.ghoscht.com";
|
VIRTUAL_HOST = "pihole.ghoscht.com";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/dns/pihole_data:/etc/pihole"
|
"/drives/hdd/docker/dns/pihole_data:/etc/pihole"
|
||||||
"/home/ghoscht/.docker/dns/pihole_dnsmasq:/etc/dnsmasq.d"
|
"/drives/hdd/docker/dns/pihole_dnsmasq:/etc/dnsmasq.d"
|
||||||
];
|
];
|
||||||
labels = {
|
labels = {
|
||||||
"traefik.enable" = "true";
|
"traefik.enable" = "true";
|
||||||
|
@ -65,7 +66,7 @@
|
||||||
container_name = "unbound";
|
container_name = "unbound";
|
||||||
useHostStore = true;
|
useHostStore = true;
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/dns/unbound_data:/opt/unbound/etc/unbound"
|
"/drives/hdd/docker/dns/unbound_data:/opt/unbound/etc/unbound"
|
||||||
];
|
];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = {
|
networks = {
|
||||||
|
|
|
@ -18,27 +18,29 @@
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
PGID = 1000;
|
PGID = 1000;
|
||||||
DB_HOST = "db";
|
DB_HOST = "feed-db";
|
||||||
};
|
};
|
||||||
env_file = [
|
env_file = [
|
||||||
"/home/ghoscht/.docker/feed/ttrss.env"
|
"/home/ghoscht/.docker/feed/ttrss.env"
|
||||||
];
|
];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"dmz"
|
||||||
|
"transport"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
db.service = {
|
feed-db.service = {
|
||||||
image = "postgres:13-alpine";
|
image = "postgres:13-alpine";
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/feed/ttrss_db:/var/lib/postgresql/data"
|
"/drives/hdd/docker/feed/ttrss_db:/var/lib/postgresql/data"
|
||||||
];
|
];
|
||||||
env_file = [
|
env_file = [
|
||||||
"/home/ghoscht/.docker/feed/ttrss.env"
|
"/home/ghoscht/.docker/feed/ttrss.env"
|
||||||
];
|
];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"transport"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -7,7 +7,7 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets."ttrs/db_password" = {
|
sops.secrets."ttrss/db_password" = {
|
||||||
owner = vars.user;
|
owner = vars.user;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -23,17 +23,18 @@
|
||||||
"traefik.http.routers.forgejo.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.forgejo.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/git/forgejo_data:/data"
|
"/drives/hdd/docker/git/forgejo_data:/data"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
ports = [
|
ports = [
|
||||||
"2222:22"
|
"2222:22"
|
||||||
];
|
];
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
environment = {
|
environment = {
|
||||||
USER_UID = 1000;
|
USER_UID = 1000;
|
||||||
USER_GID = 1000;
|
USER_GID = 1000;
|
||||||
GITEA__database__DB_TYPE = "postgres";
|
GITEA__database__DB_TYPE = "postgres";
|
||||||
GITEA__database__HOST = "db:5432";
|
GITEA__database__HOST = "git-db:5432";
|
||||||
};
|
};
|
||||||
env_file = [
|
env_file = [
|
||||||
"/home/ghoscht/.docker/git/forgejo.env"
|
"/home/ghoscht/.docker/git/forgejo.env"
|
||||||
|
@ -44,12 +45,12 @@
|
||||||
"transport"
|
"transport"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
db.service = {
|
git-db.service = {
|
||||||
image = "postgres:15.3-bullseye";
|
image = "postgres:15.3-bullseye";
|
||||||
env_file = [
|
env_file = [
|
||||||
"/home/ghoscht/.docker/git/forgejo-db.env"
|
"/home/ghoscht/.docker/git/forgejo-db.env"
|
||||||
];
|
];
|
||||||
volumes = ["/home/ghoscht/.docker/git/forgejo_db:/var/lib/postgresql/data"];
|
volumes = ["/drives/hdd/docker/git/forgejo_db:/var/lib/postgresql/data"];
|
||||||
restart = "unless-stopped";
|
restart = "unless-stopped";
|
||||||
networks = [
|
networks = [
|
||||||
"transport"
|
"transport"
|
||||||
|
|
|
@ -43,18 +43,18 @@
|
||||||
"dmz"
|
"dmz"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# cloudflared.service = {
|
cloudflared.service = {
|
||||||
# image = "cloudflare/cloudflared:latest";
|
image = "cloudflare/cloudflared:latest";
|
||||||
# container_name = "cloudflared";
|
container_name = "cloudflared";
|
||||||
# env_file = [
|
env_file = [
|
||||||
# "/home/ghoscht/.docker/infrastructure/cloudflared.env"
|
"/home/ghoscht/.docker/infrastructure/cloudflared.env"
|
||||||
# ];
|
];
|
||||||
# restart = "always";
|
restart = "always";
|
||||||
# command = "tunnel --no-autoupdate --protocol http2 run";
|
command = "tunnel --no-autoupdate --protocol http2 run";
|
||||||
# networks = [
|
networks = [
|
||||||
# "dmz"
|
"dmz"
|
||||||
# ];
|
];
|
||||||
# };
|
};
|
||||||
scrutiny.service = {
|
scrutiny.service = {
|
||||||
image = "ghcr.io/analogj/scrutiny:master-omnibus";
|
image = "ghcr.io/analogj/scrutiny:master-omnibus";
|
||||||
container_name = "scrutiny";
|
container_name = "scrutiny";
|
||||||
|
@ -75,7 +75,10 @@
|
||||||
"scrutiny_data:/opt/scrutiny/config"
|
"scrutiny_data:/opt/scrutiny/config"
|
||||||
"scrutiny_db:/opt/scrutiny/influxdb"
|
"scrutiny_db:/opt/scrutiny/influxdb"
|
||||||
];
|
];
|
||||||
devices = [];
|
devices = [
|
||||||
|
"/dev/sda"
|
||||||
|
"/dev/nvme0n1"
|
||||||
|
];
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"dmz"
|
||||||
];
|
];
|
||||||
|
|
|
@ -28,16 +28,17 @@
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"jellyfin_cache:/cache"
|
"jellyfin_cache:/cache"
|
||||||
"/home/ghoscht/.docker/media/jellyfin_data:/config"
|
"/drives/hdd/docker/media/jellyfin_data:/config"
|
||||||
"/home/ghoscht/.docker/media/data/tv:/tv"
|
"/drives/hdd/data/media/tv:/tv"
|
||||||
"/home/ghoscht/.docker/media/data/anime:/anime"
|
"/drives/hdd/data/media/anime:/anime"
|
||||||
"/home/ghoscht/.docker/media/data/movies:/movies"
|
"/drives/hdd/data/media/movies:/movies"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
PGID = 1000;
|
PGID = 1000;
|
||||||
TZ = "Europe/Berlin";
|
TZ = "Europe/Berlin";
|
||||||
};
|
};
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"dmz"
|
||||||
|
@ -55,8 +56,8 @@
|
||||||
"traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.navidrome.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/navidrome_data:/data"
|
"/drives/hdd/docker/media/navidrome_data:/data"
|
||||||
"/home/ghoscht/.docker/media/data/music:/music"
|
"/drives/hdd/data/media/music:/music"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
ND_SESSIONTIMEOUT = "336h";
|
ND_SESSIONTIMEOUT = "336h";
|
||||||
|
@ -64,6 +65,7 @@
|
||||||
env_file = [
|
env_file = [
|
||||||
"/home/ghoscht/.docker/media/navidrome.env"
|
"/home/ghoscht/.docker/media/navidrome.env"
|
||||||
];
|
];
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"dmz"
|
||||||
|
@ -82,8 +84,8 @@
|
||||||
"traefik.http.routers.transmission.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.transmission.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/transmission_data:/config"
|
"/drives/hdd/docker/media/transmission_data:/config"
|
||||||
"/home/ghoscht/.docker/media/data:/data"
|
"/drives/hdd/data/:/data"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -104,6 +106,7 @@
|
||||||
capabilities = {
|
capabilities = {
|
||||||
NET_ADMIN = true;
|
NET_ADMIN = true;
|
||||||
};
|
};
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"dmz"
|
||||||
|
@ -122,7 +125,7 @@
|
||||||
"traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.prowlarr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/prowlarr_data:/config"
|
"/drives/hdd/docker/media/prowlarr_data:/config"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -148,8 +151,8 @@
|
||||||
"traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.sonarr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/sonarr_data:/config"
|
"/drives/hdd/docker/media/sonarr_data:/config"
|
||||||
"/home/ghoscht/.docker/media/data:/data"
|
"/drives/hdd/data/:/data"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -176,8 +179,8 @@
|
||||||
"traefik.http.routers.radarr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.radarr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/radarr_data:/config"
|
"/drives/hdd/docker/media/radarr_data:/config"
|
||||||
"/home/ghoscht/.docker/media/data:/data"
|
"/drives/hdd/data/:/data"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -205,10 +208,10 @@
|
||||||
"traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.lidarr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/lidarr_data:/config"
|
"/drives/hdd/docker/media/lidarr_data:/config"
|
||||||
"/home/ghoscht/.docker/media/data:/data"
|
"/drives/hdd/data/:/data"
|
||||||
"/home/ghoscht/.docker/media/lidarr_addons/custom-services.d:/custom-services.d"
|
"/drives/hdd/docker/media/lidarr_addons/custom-services.d:/custom-services.d"
|
||||||
"/home/ghoscht/.docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d"
|
"/drives/hdd/docker/media/lidarr_addons/custom-cont-init.d:/custom-cont-init.d"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -235,9 +238,10 @@
|
||||||
"traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.bazarr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/bazarr_data:/config"
|
"/drives/hdd/docker/media/bazarr_data:/config"
|
||||||
"/home/ghoscht/.docker/media/data:/data"
|
"/drives/hdd/data/:/data"
|
||||||
];
|
];
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
PGID = 1000;
|
PGID = 1000;
|
||||||
|
@ -259,13 +263,14 @@
|
||||||
"traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.jellyseerr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/jellyseerr_data:/app/config"
|
"/drives/hdd/docker/media/jellyseerr_data:/app/config"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
PGID = 1000;
|
PGID = 1000;
|
||||||
TZ = "Europe/Berlin";
|
TZ = "Europe/Berlin";
|
||||||
};
|
};
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
networks = ["dmz"];
|
networks = ["dmz"];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
};
|
};
|
||||||
|
@ -282,7 +287,7 @@
|
||||||
"traefik.http.routers.autobrr.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.autobrr.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/jellyseerr_data:/app/config"
|
"/drives/hdd/docker/media/autobrr_data:/config"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -311,7 +316,7 @@
|
||||||
"traefik.http.routers.deemix.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.deemix.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/jellyseerr_data:/app/config"
|
"/drives/hdd/data/deemix:/downloads"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
PUID = 1000;
|
PUID = 1000;
|
||||||
|
@ -329,7 +334,7 @@
|
||||||
image = "golift/unpackerr";
|
image = "golift/unpackerr";
|
||||||
container_name = "unpackerr";
|
container_name = "unpackerr";
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/media/data:/data"
|
"/drives/hdd/data/:/data"
|
||||||
];
|
];
|
||||||
user = "1000:1000";
|
user = "1000:1000";
|
||||||
env_file = [
|
env_file = [
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
};
|
};
|
||||||
command = "-s 'public;/mount;yes;no;yes' -p";
|
command = "-s 'public;/mount;yes;no;yes' -p";
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht:/mount"
|
"/drives/hdd/nas:/mount"
|
||||||
];
|
];
|
||||||
restart = "always";
|
restart = "always";
|
||||||
networks = [
|
networks = [
|
||||||
|
|
|
@ -22,24 +22,22 @@
|
||||||
"traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.nextcloud.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/nextcloud/nextcloud_data:/var/www/html"
|
"/drives/hdd/docker/nextcloud/nextcloud_data:/var/www/html"
|
||||||
];
|
|
||||||
environment = {MYSQL_HOST = "nextcloud-db";};
|
|
||||||
env_file = [
|
|
||||||
"/home/ghoscht/.docker/nextcloud/nextcloud.env"
|
|
||||||
];
|
];
|
||||||
|
hostname = "nextcloud.ghoscht.com";
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
restart = "unless-stopped";
|
restart = "unless-stopped";
|
||||||
networks = [
|
networks = [
|
||||||
"dmz"
|
"dmz"
|
||||||
"transport"
|
"transport"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
db.service = {
|
nextcloud-db.service = {
|
||||||
image = "mariadb:10.5";
|
image = "mariadb:11.4.1-rc-jammy";
|
||||||
env_file = [
|
env_file = [
|
||||||
"/home/ghoscht/.docker/nextcloud/nextcloud.env"
|
"/home/ghoscht/.docker/nextcloud/nextcloud.env"
|
||||||
];
|
];
|
||||||
volumes = ["/home/ghoscht/.docker/nextcloud/nextcloud_db:/var/lib/mysql"];
|
volumes = ["/drives/hdd/docker/nextcloud/nextcloud_db:/var/lib/mysql"];
|
||||||
restart = "unless-stopped";
|
restart = "unless-stopped";
|
||||||
command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW";
|
command = "--transaction-isolation=READ-COMMITTED --binlog-format=ROW";
|
||||||
networks = [
|
networks = [
|
||||||
|
|
|
@ -17,8 +17,9 @@
|
||||||
"traefik.http.routers.vaultwarden.tls" = "true";
|
"traefik.http.routers.vaultwarden.tls" = "true";
|
||||||
"traefik.http.routers.vaultwarden.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.vaultwarden.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
|
dns = ["1.1.1.1"];
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/infrastructure/vaultwarden_data/:/data"
|
"/drives/hdd/docker/passwords/vaultwarden_data/:/data"
|
||||||
];
|
];
|
||||||
environment = {
|
environment = {
|
||||||
DOMAIN = "http://vaultwarden.ghoscht.com";
|
DOMAIN = "http://vaultwarden.ghoscht.com";
|
||||||
|
|
|
@ -24,13 +24,10 @@
|
||||||
"traefik.http.routers.mollysocket.tls" = "true";
|
"traefik.http.routers.mollysocket.tls" = "true";
|
||||||
"traefik.http.routers.mollysocket.tls.certresolver" = "letsencrypt";
|
"traefik.http.routers.mollysocket.tls.certresolver" = "letsencrypt";
|
||||||
};
|
};
|
||||||
volumes = [
|
|
||||||
"/home/ghoscht/.docker/signal/mollysocket_data:/data"
|
|
||||||
];
|
|
||||||
environment = {
|
environment = {
|
||||||
MOLLY_DB = "/data/mollysocket.db";
|
MOLLY_DB = "/data/mollysocket.db";
|
||||||
MOLLY_ALLOWED_ENDPOINTS = "['https://push.ghoscht.com','*]";
|
MOLLY_ALLOWED_ENDPOINTS = "[\"https://push.ghoscht.com\",\"*\"]";
|
||||||
MOLLY_ALLOWED_UUIDS = "['*']";
|
MOLLY_ALLOWED_UUIDS = "[\"*\"]";
|
||||||
MOLLY_HOST = "0.0.0.0";
|
MOLLY_HOST = "0.0.0.0";
|
||||||
MOLLY_PORT = 8020;
|
MOLLY_PORT = 8020;
|
||||||
RUST_LOG = "info";
|
RUST_LOG = "info";
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{config, ...}: {
|
{config, ...}: {
|
||||||
virtualisation.arion = {
|
virtualisation.arion = {
|
||||||
projects.infrastructure.settings = {
|
projects.signal.settings = {
|
||||||
imports = [./arion-compose.nix];
|
imports = [./arion-compose.nix];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
"traefik.http.services.homeassistant.loadbalancer.server.port" = "8123";
|
"traefik.http.services.homeassistant.loadbalancer.server.port" = "8123";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"/home/ghoscht/.docker/smarthome/homeassistant_data:/config"
|
"/drives/hdd/docker/smarthome/homeassistant_data:/config"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
"/run/dbus:/run/dbus:ro"
|
"/run/dbus:/run/dbus:ro"
|
||||||
];
|
];
|
||||||
|
|
|
@ -26,11 +26,21 @@ in {
|
||||||
];
|
];
|
||||||
|
|
||||||
users.mutableUsers = true;
|
users.mutableUsers = true;
|
||||||
users.users.${vars.user}.password = "changeme";
|
users.users.${vars.user} = {
|
||||||
|
password = "changeme";
|
||||||
|
openssh.authorizedKeys.keys = [
|
||||||
|
#Desktop
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0"
|
||||||
|
|
||||||
nix.extraOptions = ''
|
#Convertible
|
||||||
download-speed = 4000
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5"
|
||||||
'';
|
];
|
||||||
|
};
|
||||||
|
security.pam.enableSSHAgentAuth = true;
|
||||||
|
|
||||||
|
fileSystems."/drives/hdd" = {
|
||||||
|
device = "/dev/disk/by-uuid/7d5eaff7-c17d-4fac-b7d7-7aa3c35b9a29";
|
||||||
|
};
|
||||||
|
|
||||||
nixpkgs = {
|
nixpkgs = {
|
||||||
overlays = [
|
overlays = [
|
||||||
|
|
|
@ -1,16 +1,20 @@
|
||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
# and may be overwritten by future invocations. Please make changes
|
# and may be overwritten by future invocations. Please make changes
|
||||||
# to /etc/nixos/configuration.nix instead.
|
# to /etc/nixos/configuration.nix instead.
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
config,
|
||||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
lib,
|
||||||
|
pkgs,
|
||||||
|
modulesPath,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
|
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "sd_mod"];
|
||||||
boot.initrd.kernelModules = ["dm-snapshot"];
|
boot.initrd.kernelModules = ["dm-snapshot"];
|
||||||
boot.kernelModules = [ "kvm-intel" ];
|
boot.kernelModules = ["kvm-amd"];
|
||||||
boot.extraModulePackages = [];
|
boot.extraModulePackages = [];
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
@ -18,8 +22,7 @@
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
networking.useDHCP = lib.mkDefault true;
|
networking.useDHCP = lib.mkDefault true;
|
||||||
# networking.interfaces.wlp166s0.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue