pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Various updates

Browse source
This commit is contained in:
pazpi 2025-03-16 17:54:42 +01:00
parent 26165af972
commit 375a85e0e7
25 changed files with 291 additions and 167 deletions
Download patch file Download diff file Expand all files Collapse all files

26
hosts/arr/default.nix
View file

@ -4,13 +4,39 @@
lib,
...
}:
let
tailscaleMagicDNS = "neon-dory.ts.net";
in
{
age.secrets = {
tailscale-authKey.file = ../../secrets/tailscale-authKey.age;
};
my = {
utils = {
commons.enable = true;
lxc-standard.enable = true;
};
networking = {
nas-samba-share = {
enable = true;
allowUsers = with config.services; [
sonarr.user
radarr.user
lidarr.user
readarr.user
bazarr.user
];
};
tailscale = {
enable = true;
magicDNSDomain = tailscaleMagicDNS;
authKeyFile = config.age.secrets.tailscale-authKey.path;
};
};
services.media-mgr = {
programs.enable = true;
};

14
hosts/authentik/default.nix
View file

@ -6,11 +6,15 @@
...
}:
let
tailscaleMagicDNS = "neon-dory.ts.net";
p = import ../parameters.nix;
in
{
age.secrets.authentik-env.file = ../../secrets/authentik-env.age;
age.secrets = {
authentik-env.file = ../../secrets/authentik-env.age;
tailscale-authKey.file = ../../secrets/tailscale-authKey.age;
};
my = {
utils = {
@ -18,6 +22,14 @@ in
lxc-standard.enable = true;
};
networking = {
tailscale = {
enable = true;
magicDNSDomain = tailscaleMagicDNS;
authKeyFile = config.age.secrets.tailscale-authKey.path;
};
};
services.authentik = {
enable = true;
envFile = config.age.secrets.authentik-env.path;

110
hosts/caddy/dashy-settings.nix
View file

@ -37,51 +37,36 @@ in
sections = [
{
name = "Widget";
displayData = {
collapsed = true;
cols = 2;
customStyles = "border: 2px dashed red;";
itemSize = "large";
cols = 3;
collapsed = false;
};
items = [
widgets = [
{
backgroundColor = "#0079ff";
color = "#00ffc9";
description = "Source code and documentation on GitHub";
icon = "fab fa-github";
target = "sametab";
title = "Source";
url = "https://github.com/Lissy93/dashy";
type = "clock";
options = {
timeZone = "Europe/Rome";
hideSeconds = true;
customCityName = "Borgo Valsugana";
};
}
{ type = "public-ip"; }
# {
# type = "HealthChecks";
# apiKey = "";
# }
# { type = "system-info"; }
{
description = "View currently open issues, or raise a new one";
icon = "fas fa-bug";
title = "Issues";
url = "https://github.com/Lissy93/dashy/issues";
}
{
description = "Live Demo #1";
icon = "fas fa-rocket";
target = "iframe";
title = "Demo 1";
url = "https://dashy-demo-1.as93.net";
}
{
description = "Live Demo #2";
icon = "favicon";
target = "newtab";
title = "Demo 2";
url = "https://dashy-demo-2.as93.net";
}
{
description = "Proxmox";
icon = "fab fa-linux";
target = "newtab";
title = "Proxmox";
url = "https://192.168.1.177:8006";
type = "proxmox-lists";
options = {
cluster_url = "https://bacco.${p.domains.public}";
user_name = "root@pam";
token_name = "dashy2";
token_uuid = "2e63b0df-6be7-46b4-be13-6558ad0be647";
};
}
];
name = "Getting Started";
}
{
name = "Public Services";
@ -90,6 +75,11 @@ in
collapsed = false;
};
items = [
{
title = "Authentik";
url = "https://auth.${p.domains.public}";
icon = "hl-authentik";
}
{
title = "Nextcloud";
url = "https://cloud.${p.domains.public}";
@ -114,6 +104,30 @@ in
url = "https://search.${p.domains.ts}";
icon = "hl-searxng";
}
{
title = "Portainer";
url = "https://portainer.${p.domains.public}";
icon = "hl-portainer";
}
];
}
{
name = "Network Services";
displayData = {
cols = 1;
collapsed = false;
};
items = [
{
title = "Primary DNS";
url = "https://${p.hosts.dns01}";
icon = "hl-technitium";
}
{
title = "Seconday DNS";
url = "https://${p.hosts.dns02}";
icon = "hl-technitium";
}
];
}
{
@ -135,6 +149,24 @@ in
}
];
}
{
name = "Devices";
displayData = {
cols = 1;
collapsed = false;
};
items = [
{
title = "Bacco";
url = "https://bacco.internal:8006";
icon = "hl-proxmox";
}
{
title = "Node";
url = "https://node.internal:8006";
icon = "hl-proxmox";
}
];
}
];
}

5
hosts/caddy/default.nix
View file

@ -146,6 +146,11 @@ in
host = "http://${p.hosts.homeassistant}:8123";
domain = p.domains.public;
}
{
subdomain = "torrent";
host = "http://qbittorrent.${p.domains.tsDns}:8080";
domain = p.domains.ts;
}
];
};

2
hosts/dns/dns-02.nix
View file

@ -15,7 +15,7 @@
networking.technitium-dns-server = {
enable = true;
dnsOverHttps = false;
dnsOverHttps = true;
adminPasswordFile = config.age.secrets.dns02-admin-password.path;
};

4
hosts/parameters.nix
View file

@ -10,6 +10,8 @@
plex = "plex.internal";
portainer = "portainer.internal";
colmena = "colmena.internal";
pve01 = "bacco.internal";
pve02 = "node.internal";
dns01 = "192.168.1.2";
dns02 = "192.168.1.3";
shadowshocks = "shadowshocks.internal";
@ -17,5 +19,7 @@
domains = {
public = "pasetto.me";
ts = "tegola.pro";
tsDns = "bison-altair.ts.net";
internal = "internal";
};
}

22
hosts/shadowshocks/default.nix
View file

@ -4,12 +4,27 @@
lib,
...
}:
let
shadowshocks-port = 8388;
p = import ../parameters.nix;
in
{
age.secrets.shadowshocks-password.file = ../../secrets/shadowshocks-password.age;
age.secrets = {
shadowshocks-password.file = ../../secrets/shadowshocks-password.age;
tailscale-authKey.file = ../../secrets/tailscale-authKey.age;
};
my = {
networking = {
tailscale = {
enable = true;
magicDNSDomain = p.domains.tsDns;
authKeyFile = config.age.secrets.tailscale-authKey.path;
};
};
utils = {
commons.enable = true;
commons.gc.enable = true;
@ -22,8 +37,11 @@
services.shadowsocks = {
enable = true;
passwordFile = config.age.secrets.shadowshocks-password.path;
port = 8388;
port = shadowshocks-port;
};
# open shadownsocks port
networking.firewall.allowedTCPPorts = [ shadowshocks-port ];
system.stateVersion = "24.11";
}