peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

nixos 21.11, added nitter, invidious and libreddit. modified umask transmission

Browse Source
This commit is contained in:
Giulio De Pasquale 2021-12-01 15:47:50 +01:00
parent 583688ca70
commit 853ee74826
9 changed files with 47 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
flake.lock generated
View File

@ -7,27 +7,27 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1637917894, "lastModified": 1638267006,
"narHash": "sha256-mzkyjq+OW1K5XHG43zrnjJX/K1ehahVWlKjMzWX/Vvg=", "narHash": "sha256-heZdDlD09rnoeEiZ4wKfbXNDkO5I9qVFvX9d790h/XE=",
"owner": "rycee", "owner": "rycee",
"repo": "home-manager", "repo": "home-manager",
"rev": "7efd99ef876c220848553ae10218685d5e5d79cb", "rev": "3e93c4e8b2b479c712b7c20a428993b459118842",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "rycee", "owner": "rycee",
"ref": "release-21.05", "ref": "release-21.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1637841632, "lastModified": 1638286143,
"narHash": "sha256-QYqiKHdda0EOnLGQCHE+GluD/Lq2EJj4hVTooPM55Ic=", "narHash": "sha256-A+rgjbIpz3uPRKHPXwdmouVcVn5pZqLnaZHymjkraG4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "73369f8d0864854d1acfa7f1e6217f7d6b6e3fa1", "rev": "29d1f6e1f625d246dcf84a78ef97b4da3cafc6ea",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,16 +39,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1637875414, "lastModified": 1638279546,
"narHash": "sha256-Ica++SXFuLyxX9Q7YxhfZulUif6/gwM8AEQYlUxqSgE=", "narHash": "sha256-1KCwN7twjp1dBdp0jPgVdYFztDkCR8+roo0B34J9oBY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3bea86e918d8b54aa49780505d2d4cd9261413be", "rev": "96b4157790fc96e70d6e6c115e3f34bba7be490f",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-21.05", "ref": "nixos-21.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

4
flake.nix
View File

@ -1,9 +1,9 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11";
nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = { home-manager = {
url = "github:rycee/home-manager/release-21.05"; url = "github:rycee/home-manager/release-21.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };

23
hosts/architect/default.nix
View File

@ -23,28 +23,25 @@ in {
./matrix.nix ./matrix.nix
./fail2ban.nix ./fail2ban.nix
./dns.nix ./dns.nix
./minecraft.nix # ./minecraft.nix
./prowlarr.nix ./prowlarr.nix
./plex.nix ./plex.nix
./transmission.nix ./transmission.nix
./githubrunner.nix ./githubrunner.nix
./libreddit.nix
./invidious.nix
./nitter.nix
]; ];
time.timeZone = "Europe/Rome"; time.timeZone = "Europe/Rome";
system.stateVersion = "21.05"; # Did you read the comment? system.stateVersion = "21.11"; # Did you read the comment?
users.users.giulio.openssh.authorizedKeys.keys = pubkeys; users.users.giulio.openssh.authorizedKeys.keys = pubkeys;
fileSystems."/tmp" = { services.fwupd.enable = true;
device = "tmpfs";
fsType = "tmpfs";
options = [ "size=20G" ];
};
boot = { boot = {
kernelParams = kernelParams =
[ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" ]; [ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" "nvme_core.default_ps_max_latency_us=5500" ];
kernel.sysctl."net.ipv4.ip_forward" = 1; kernel.sysctl."net.ipv4.ip_forward" = 1;
initrd = { initrd = {
availableKernelModules = [ "igc" "r8169" ]; availableKernelModules = [ "igc" "r8169" ];
network = { network = {
@ -72,7 +69,6 @@ in {
}; };
supportedFilesystems = [ "zfs" ]; supportedFilesystems = [ "zfs" ];
zfs.enableUnstable = true;
zfs.requestEncryptionCredentials = true; zfs.requestEncryptionCredentials = true;
}; };
@ -119,10 +115,9 @@ in {
''; '';
}; };
environment.systemPackages = with pkgs; [ cudatoolkit ]; environment.systemPackages = with pkgs; [ cudatoolkit cachix ];
hardware = { hardware = {
cpu.amd.updateMicrocode = true;
opengl.enable = true; opengl.enable = true;
opengl.extraPackages = with pkgs; [ vaapiVdpau ]; opengl.extraPackages = with pkgs; [ vaapiVdpau ];
opengl.driSupport = true; opengl.driSupport = true;

10
hosts/architect/hardware.nix
View File

@ -42,9 +42,15 @@
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/tmp" = {
fsType = "tmpfs";
device = "tmpfs";
options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=29G" ];
};
swapDevices = [{ swapDevices = [{
device = "/dev/zpool/data/swap"; device = "/dev/sdc1";
size = 40000; size = 100000;
}]; }];
} }

4
hosts/architect/invidious.nix
View File

@ -7,14 +7,14 @@ in {
services = { services = {
invidious = { invidious = {
enable = true; enable = true;
port = 9091; port = 9092;
}; };
nginx.virtualHosts.${domain} = { nginx.virtualHosts.${domain} = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:9091"; proxyPass = "http://localhost:9092";
}; };
}; };
}; };

12
hosts/architect/libreddit.nix
View File

@ -5,18 +5,16 @@ with import ./network.nix;
let domain = "reddit.giugl.io"; let domain = "reddit.giugl.io";
in { in {
services = { services = {
libreddit.enable = true; libreddit = {
enable = true;
port = 9090;
};
nginx.virtualHosts.${domain} = { nginx.virtualHosts.${domain} = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://localhost:8080"; proxyPass = "http://localhost:9090";
extraConfig = ''
allow 10.0.0.0/24;
allow 10.3.0.0/24;
deny all;
'';
}; };
}; };
}; };

9
hosts/architect/nitter.nix
View File

@ -7,7 +7,14 @@ in {
services = { services = {
nitter = { nitter = {
enable = true; enable = true;
port = 9093; server = {
port = 9093;
hostname = domain;
};
preferences = {
replaceYouTube = "tube.giugl.io";
replaceTwitter = "tweet.giugl.io";
};
}; };
nginx.virtualHosts.${domain} = { nginx.virtualHosts.${domain} = {

1
hosts/architect/transmission.nix
View File

@ -13,6 +13,7 @@ in {
speed-limit-up = 10; speed-limit-up = 10;
speed-limit-up-enabled = true; speed-limit-up-enabled = true;
peer-port = 51413; peer-port = 51413;
umask = 2;
}; };
performanceNetParameters = true; performanceNetParameters = true;
}; };

4
lib/host.nix
View File

@ -14,11 +14,9 @@
modules = [ modules = [
{ {
imports = users_mod ++ roles_mod ++ [(nixos-unstable + "/nixos/modules/services/misc/prowlarr.nix")]; imports = users_mod ++ roles_mod;
nixpkgs = { nixpkgs = {
pkgs = pkgs; pkgs = pkgs;
overlays = [ (self: super: {prowlarr = pkgs.unstable.prowlarr;}) ];
}; };
nix.nixPath = [ nix.nixPath = [