peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added prowlarr from unstable, moved hosts to wireguard file

Browse Source
This commit is contained in:
Giulio De Pasquale 2021-10-21 15:51:44 +02:00
parent f912e3d511
commit f58b776a3d
6 changed files with 63 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
flake.lock generated
View File

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1633596850, "lastModified": 1634544068,
"narHash": "sha256-5+qVLYvfOropjLAvpQs/APtD8eYnEIbAd9a36lGHZM0=", "narHash": "sha256-RlRQBaAHfdWqfRyHdWuDPMkplBTYwuyDQqDcNbP/Sog=",
"owner": "rycee", "owner": "rycee",
"repo": "home-manager", "repo": "home-manager",
"rev": "49695f33aac22358b59e49c94fe6472218e5d766", "rev": "ff2bed9dac84fb202bbb3c49fdcfe30c29d0b12f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,11 +23,11 @@
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1633971123, "lastModified": 1634515797,
"narHash": "sha256-WmI4NbH1IPGFWVkuBkKoYgOnxgwSfWDgdZplJlQ93vA=", "narHash": "sha256-elgCUC2khtBkOSpE4gDymNvthTZAI4hGI2iNu3YEUkA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e4ef597edfd8a0ba5f12362932fc9b1dd01a0aef", "rev": "5f0194220f2402b06f7f79bba6351895facb5acb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,11 +39,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1634115022, "lastModified": 1634661806,
"narHash": "sha256-K9DZMQ47VRrg9gtTPwex5p0E8LnwM/dDkNe7AQW0qj0=", "narHash": "sha256-fBuR7EZ67UOdNt3gEwhoyWJ6zJtXh4kuupIALRcx/7I=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "564cb4d81d4f734dd068684adec5a60077397fe9", "rev": "8fe3b97ef4527ac88d03ea33e0789f3512e01adc",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
flake.nix
View File

@ -28,7 +28,7 @@
inherit (utils) user; inherit (utils) user;
in { in {
nixosConfigurations = { nixosConfigurations = {
architect = host.mkHost { name = "architect"; users = [ { user = "giulio"; roles = []; } ]; }; architect = host.mkHost { name = "architect"; users = [ { user = "giulio"; roles = [ "git" ]; } ]; };
gAluminum = host.mkHost { name = "gAluminum"; users = [ { user = "giulio"; roles = [ "desktop" "ssh" "git" ]; } ]; roles = [ "gnome" ]; }; gAluminum = host.mkHost { name = "gAluminum"; users = [ { user = "giulio"; roles = [ "desktop" "ssh" "git" ]; } ]; roles = [ "gnome" ]; };
proxy = host.mkHost { name = "proxy"; }; proxy = host.mkHost { name = "proxy"; };
}; };

38
hosts/architect/default.nix
View File

@ -17,7 +17,6 @@ in
./radarr.nix ./radarr.nix
./bazarr.nix ./bazarr.nix
./nzbget.nix ./nzbget.nix
# ./jellyfin.nix
./nextcloud.nix ./nextcloud.nix
./wireguard.nix ./wireguard.nix
./minio.nix ./minio.nix
@ -25,7 +24,7 @@ in
./fail2ban.nix ./fail2ban.nix
./dns.nix ./dns.nix
./minecraft.nix ./minecraft.nix
# ./prowlarr.nix ./prowlarr.nix
./plex.nix ./plex.nix
]; ];
@ -94,35 +93,6 @@ in
${nas-lan} nas.devs.giugl.io ${nas-lan} nas.devs.giugl.io
${giupi-lan} giupi.devs.giugl.io ${giupi-lan} giupi.devs.giugl.io
# Wireguard hosts
${architect-wg} ${hostname}.devs.giugl.io
${galuminum-wg} galuminum.devs.giugl.io
${oneplus-wg} oneplus.devs.giugl.io
${ipad-wg} ipad.devs.giugl.io
${manduria-wg} manduria.devs.giugl.io
${antonio-wg} antonio.devs.giugl.io
${gbeast-wg} gbeast.devs.giugl.io
${parisaphone-wg} parisa-phone.devs.giugl.io
${parisapc-wg} parisa-pc.devs.giugl.io
${peppiniell-wg} peppiniell.devs.giugl.io
${padulino-wg} padulino.devs.giugl.io
${shield-wg} shield.devs.giugl.io
${angelino-wg} angelino.devs.giugl.io
${pepos_two-wg} pepostwo.devs.giugl.io
${eleonora-wg} eleonora.devs.giugl.io
${angellane-wg} angellane.devs.giugl.io
${hotpottino-wg} hotpottino.devs.giugl.io
${salvatore-wg} salvatore.devs.giugl.io
${papa-wg} papa.devs.giugl.io
${defy-wg} defy.devs.giugl.io
${germano-wg} germano.devs.giugl.io
${dodino-wg} dodino.devs.giugl.io
${tommy-wg} tommy.devs.giugl.io
${alain-wg} alain.devs.giugl.io
${dima-wg} dima.devs.giugl.io
${boogino-wg} boogino.devs.giugl.io
${mikey-wg} mikey.devs.giugl.io
# Blacklist # Blacklist
0.0.0.0 metrics.plex.tv 0.0.0.0 metrics.plex.tv
0.0.0.0 analytics.plex.tv 0.0.0.0 analytics.plex.tv
@ -143,11 +113,7 @@ in
''; '';
}; };
environment.systemPackages = with pkgs; environment.systemPackages = with pkgs; [ cudatoolkit ];
[
wireguard
cudatoolkit
];
hardware = { hardware = {
cpu.amd.updateMicrocode = true; cpu.amd.updateMicrocode = true;

2
hosts/architect/prowlarr.nix
View File

@ -1,3 +1,5 @@
{ pkgs, ...}:
with import ./network.nix; with import ./network.nix;
{ {
services = { services = {

55
hosts/architect/wireguard.nix
View File

@ -1,7 +1,38 @@
with import ./network.nix; with import ./network.nix;
{ {
networking.wireguard = { networking = {
interfaces.${proxy-if} = { extraHosts = ''
${architect-wg} architect.devs.giugl.io
${galuminum-wg} galuminum.devs.giugl.io
${oneplus-wg} oneplus.devs.giugl.io
${ipad-wg} ipad.devs.giugl.io
${manduria-wg} manduria.devs.giugl.io
${antonio-wg} antonio.devs.giugl.io
${gbeast-wg} gbeast.devs.giugl.io
${parisaphone-wg} parisa-phone.devs.giugl.io
${parisapc-wg} parisa-pc.devs.giugl.io
${peppiniell-wg} peppiniell.devs.giugl.io
${padulino-wg} padulino.devs.giugl.io
${shield-wg} shield.devs.giugl.io
${angelino-wg} angelino.devs.giugl.io
${pepos_two-wg} pepostwo.devs.giugl.io
${eleonora-wg} eleonora.devs.giugl.io
${angellane-wg} angellane.devs.giugl.io
${hotpottino-wg} hotpottino.devs.giugl.io
${salvatore-wg} salvatore.devs.giugl.io
${papa-wg} papa.devs.giugl.io
${defy-wg} defy.devs.giugl.io
${germano-wg} germano.devs.giugl.io
${dodino-wg} dodino.devs.giugl.io
${tommy-wg} tommy.devs.giugl.io
${alain-wg} alain.devs.giugl.io
${dima-wg} dima.devs.giugl.io
${boogino-wg} boogino.devs.giugl.io
${mikey-wg} mikey.devs.giugl.io
'';
wireguard = {
interfaces.${proxy-if} = {
ips = ["10.4.0.2/32"]; ips = ["10.4.0.2/32"];
privateKeyFile = "/secrets/wireguard/proxy.key"; privateKeyFile = "/secrets/wireguard/proxy.key";
peers = [ peers = [
@ -12,29 +43,26 @@ with import ./network.nix;
persistentKeepalive = 21; persistentKeepalive = 21;
} }
]; ];
}; };
interfaces.${vpn-if} = { interfaces.${vpn-if} = {
listenPort = 1194; listenPort = 1194;
ips = ["10.3.0.1/24"]; ips = ["10.3.0.1/24"];
privateKeyFile = "/secrets/wireguard/server.key"; privateKeyFile = "/secrets/wireguard/server.key";
peers = [ peers = [
{ {
# gAluminum # gAluminum
allowedIPs = [galuminum-wg]; allowedIPs = [galuminum-wg];
publicKey = "pEEgSs7xmO0cfyvoQlU8lfwqdYM1ISgmPAunPtF+0xw="; publicKey = "pEEgSs7xmO0cfyvoQlU8lfwqdYM1ISgmPAunPtF+0xw=";
} }
{ {
# OnePlus # OnePlus
allowedIPs = [oneplus-wg]; allowedIPs = [oneplus-wg];
# publicKey = "uOQUJo+AfhTAFq50Pt80rdX4PmO28WUARngE2AtwdXU=";
publicKey = "zynSERy6VhxN5zBf1ih3BOAHxvigDixHB9YKnSBgYFs="; publicKey = "zynSERy6VhxN5zBf1ih3BOAHxvigDixHB9YKnSBgYFs=";
} }
{ {
# iPad # iPad
allowedIPs = [ipad-wg]; allowedIPs = [ipad-wg];
@ -132,12 +160,12 @@ with import ./network.nix;
publicKey = "HcIqulGahsHJeuq6zAt5EJieWhDSKX4tFlUOEr2U1gA="; publicKey = "HcIqulGahsHJeuq6zAt5EJieWhDSKX4tFlUOEr2U1gA=";
} }
{ {
# pepos_two # pepos_two
allowedIPs = [pepos_two-wg]; allowedIPs = [pepos_two-wg];
publicKey = "mb1VaMLML5J24oCMBuhqvBrT6S4tAqWERn30z+h/LwM="; publicKey = "mb1VaMLML5J24oCMBuhqvBrT6S4tAqWERn30z+h/LwM=";
} }
{ {
# salvatore # salvatore
allowedIPs = [salvatore-wg]; allowedIPs = [salvatore-wg];
@ -206,4 +234,5 @@ with import ./network.nix;
]; ];
}; };
}; };
};
} }

8
lib/host.nix
View File

@ -14,9 +14,13 @@
modules = [ modules = [
{ {
imports = users_mod ++ roles_mod; imports = users_mod ++ roles_mod ++ [(nixos-unstable + "/nixos/modules/services/misc/prowlarr.nix")];
nixpkgs = {
pkgs = pkgs;
overlays = [ (self: super: {prowlarr = pkgs.unstable.prowlarr;}) ];
};
nixpkgs.pkgs = pkgs;
nix.nixPath = [ nix.nixPath = [
"nixpkgs=${nixpkgs}" "nixpkgs=${nixpkgs}"
"unstable=${nixos-unstable}" "unstable=${nixos-unstable}"