pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Add n8n service

Browse source
This commit is contained in:
pazpi 2025-12-03 15:48:10 +01:00
parent 81bee0a7b9
commit 54fc411e13
8 changed files with 186 additions and 223 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/caddy/default.nix
View file

@ -62,6 +62,12 @@ in
host = p.hosts.immich;
};
n8n.proxy = {
enable = true;
domain = p.domain.public;
host = p.hosts.n8n;
};
media-mgr.proxy = {
enable = true;
domain = p.domains.public;

278
hosts/default.nix
View file

@ -17,9 +17,9 @@ let
}
);
pkgs =
system:
import nixpkgs {
mkPkgs =
nixpkgsSrc: system:
import nixpkgsSrc {
inherit system;
overlays = [
agenixOverlay
@ -28,243 +28,85 @@ let
config.allowUnfree = true;
};
pkgs-unstable =
system:
import nixpkgs-unstable {
inherit system;
overlays = [
agenixOverlay
customOverlays
];
config.allowUnfree = true;
};
nodeBaseModules = {
imports = [
# lix-module.nixosModules.default
# Helper function to create a Proxmox LXC host
mkLXC =
{
hostModule,
unstable ? false,
system ? "x86_64-linux",
extraModules ? [ ],
specialArgs ? { },
}:
let
nixpkgsSrc = if unstable then nixpkgs-unstable else nixpkgs;
in
nixpkgsSrc.lib.nixosSystem {
pkgs = mkPkgs nixpkgsSrc system;
modules = [
# Base modules for all hosts
authentik-nix.nixosModules.default
../modules
];
};
proxmoxModule = {
imports = [
# Proxmox LXC support
"${nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
../modules/virtualisation/proxmox.nix
];
# Agenix for secrets
agenix.nixosModules.default
# Host-specific module
hostModule
]
++ extraModules;
inherit specialArgs;
};
in
{
# deadbeef = nixpkgs.lib.nixosSystem {
# pkgs = pkgs "x86_64-linux";
# pkgs = mkPkgs nixpkgs "x86_64-linux";
# modules = [
# nodeBaseModules
# ./deadbeef
# nixos-hardware.nixosModules.dell-xps-15-9560
# home-manager.nixosModules.home-manager
# agenix.nixosModules.default
# ];
# # specialArgs = { };
# };
# baseLXC = nixpkgs.lib.nixosSystem {
# pkgs = pkgs "x86_64-linux";
# modules = [
# nodeBaseModules
# proxmoxModule
# ./base-lxc.nix
# agenix.nixosModules.default
# ];
# specialArgs = {
# inherit self;
# };
# };
arr = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./arr
agenix.nixosModules.default
];
# specialArgs = { };
baseLXC = mkLXC {
hostModule = ./base-lxc.nix;
specialArgs = { inherit self; };
};
caddy = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./caddy
agenix.nixosModules.default
];
# specialArgs = { };
arr = mkLXC { hostModule = ./arr; };
caddy = mkLXC { hostModule = ./caddy; };
colmena = mkLXC { hostModule = ./colmena; };
dns01 = mkLXC { hostModule = ./dns/dns-01.nix; };
dns02 = mkLXC { hostModule = ./dns/dns-02.nix; };
firefly-iii = mkLXC { hostModule = ./firefly-iii; };
forgejo = mkLXC { hostModule = ./forgejo; };
immich = mkLXC { hostModule = ./immich; };
metrics = mkLXC { hostModule = ./metrics; };
n8n = mkLXC { hostModule = ./n8n; };
nextcloud = mkLXC { hostModule = ./nextcloud; };
plex = mkLXC { hostModule = ./plex; };
portainer = mkLXC { hostModule = ./portainer; };
shadowsocks = mkLXC { hostModule = ./shadowsocks; };
vaultwarden = mkLXC { hostModule = ./vaultwarden; };
# Hosts requiring nixpkgs-unstable
authentik = mkLXC {
hostModule = ./authentik;
unstable = true;
};
metrics = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./metrics
agenix.nixosModules.default
];
# specialArgs = { };
paperless = mkLXC {
hostModule = ./paperless;
unstable = true;
};
nextcloud = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./nextcloud
agenix.nixosModules.default
];
# specialArgs = { };
zigbee2mqtt = mkLXC {
hostModule = ./zigbee2mqtt;
unstable = true;
};
plex = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./plex
agenix.nixosModules.default
];
# specialArgs = { };
};
vaultwarden = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./vaultwarden
agenix.nixosModules.default
];
# specialArgs = { };
};
portainer = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./portainer
agenix.nixosModules.default
];
# specialArgs = { };
};
authentik = nixpkgs-unstable.lib.nixosSystem {
pkgs = pkgs-unstable "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./authentik
agenix.nixosModules.default
];
# specialArgs = { };
};
colmena = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./colmena
agenix.nixosModules.default
];
# specialArgs = { };
};
dns01 = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./dns/dns-01.nix
agenix.nixosModules.default
];
# specialArgs = { };
};
dns02 = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./dns/dns-02.nix
agenix.nixosModules.default
];
# specialArgs = { };
};
shadowsocks = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./shadowsocks
agenix.nixosModules.default
];
# specialArgs = { };
};
immich = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./immich
agenix.nixosModules.default
];
# specialArgs = { };
};
firefly-iii = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./firefly-iii
agenix.nixosModules.default
];
# specialArgs = { };
};
paperless = nixpkgs-unstable.lib.nixosSystem {
pkgs = pkgs-unstable "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./paperless
agenix.nixosModules.default
];
# specialArgs = { };
};
zigbee2mqtt = nixpkgs-unstable.lib.nixosSystem {
pkgs = pkgs-unstable "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./zigbee2mqtt
agenix.nixosModules.default
];
# specialArgs = { };
};
forgejo = nixpkgs.lib.nixosSystem {
pkgs = pkgs "x86_64-linux";
modules = [
nodeBaseModules
proxmoxModule
./forgejo
agenix.nixosModules.default
];
# specialArgs = { };
};
}

9
hosts/deployments.nix
View file

@ -175,6 +175,15 @@ in
];
};
n8n.deployment = {
targetHost = hosts.n8n;
tags = [
"lxc"
"bacco"
"n8n"
];
};
deadbeef.deployment = {
allowLocalDeployment = true;
targetHost = null;

23
hosts/n8n/default.nix Normal file
View file

@ -0,0 +1,23 @@
{
config,
pkgs,
lib,
...
}:
{
my = {
services.n8n.enable = true;
utils = {
commons.enable = true;
commons.gc.enable = true;
lxc-standard.enable = true;
};
virtualisation.proxmox.enable = true;
};
system.stateVersion = "25.11";
}

1
hosts/parameters.nix
View file

@ -29,6 +29,7 @@ in
paperless = "paperless.${private-domain}";
zigbee2mqtt = "zigbee2mqtt.${private-domain}";
forgejo = "forgejo.${private-domain}";
n8n = "n8n.${private-domain}";
};
email = "davide@${public-domain}";
}

1
modules/services/default.nix
View file

@ -6,6 +6,7 @@
./forgejo.nix
./immich.nix
./media-mgr.nix
./n8n.nix
./nextcloud.nix
./paperless-ngx.nix
./plex.nix

80
modules/services/n8n.nix Normal file
View file

@ -0,0 +1,80 @@
{
lib,
config,
pkgs,
...
}:
let
cfg = config.my.services.n8n;
in
{
options.my.services.n8n = {
enable = lib.mkEnableOption "Enable n8n module";
environment = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
default = { };
description = "Extra environment variables for n8n";
example = {
N8N_PROTOCOL = "https";
WEBHOOK_URL = "https://n8n.example.com/";
};
};
proxy = {
enable = lib.mkEnableOption "Set the proxy entry for this service";
domain = lib.mkOption {
default = "example.com";
type = lib.types.str;
description = ''
The domain where Caddy is reachable
'';
};
subdomain = lib.mkOption {
default = "n8n";
type = lib.types.str;
description = ''
n8n subdomain
'';
};
host = lib.mkOption {
default = "localhost";
type = lib.types.str;
description = ''
host name where the service is running
'';
};
};
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
services.n8n = {
enable = true;
openFirewall = true;
environment = {
GENERIC_TIMEZONE = "Europe/Rome";
N8N_PROTOCOL = "https";
WEBHOOK_URL = "https://${cfg.proxy.subdomain}.${cfg.proxy.domain}/";
} // cfg.environment;
};
})
(lib.mkIf cfg.proxy.enable {
services.caddy = with cfg.proxy; {
virtualHosts."${subdomain}.${domain}".extraConfig = ''
reverse_proxy http://${host}:${services.n8n.environment.N8N_PORT}
import cloudflare_${domain}
'';
};
})
];
}

1
ssh-keys.nix
View file

@ -22,6 +22,7 @@ rec {
paperless = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRNgDyk3TuMooG4ZCv7SOgXh0ql1/1hhhng7uSnsLeK";
zigbee2mqtt = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINN0z+RxfAIARVMFgtF9olJrL5lt95IoC0Mtzg0MKd3g";
forgejo = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO0MTOCgMoAFjYDEq1gU+XBSUNNcJenoHXagOgFuP1ZN";
n8n = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP18IdsIxK7EdIOLSONJ4NA6AfLnM/3NkR3+OCDvJWXJ";
};
# Machines able to provisioning other machines