pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Removed old base image config

Browse source
This commit is contained in:
= 2025-02-04 21:24:49 +01:00
parent 0318489a9a
commit b4bb50ab6c
6 changed files with 0 additions and 347 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lxc-nix/buildLxcImage.sh
View file

@ -1,13 +0,0 @@
#! /usr/bin/env nix-shell
#! nix-shell -p nixos-generators
#! nix-shell -i bash
set -xe
CONFIGURATIONNIX=$1
ALIASNAME=$2
METAIMG=$(nixos-generate -f lxc-metadata)
# IMG_PROXMOX=`nixos-generate -c ${CONFIGURATIONNIX} -f proxmox-lxc`
IMG=$(nixos-generate -c "${CONFIGURATIONNIX}" -f lxc)
lxc image delete nixos || echo true
lxc image import --alias "${ALIASNAME}" "${METAIMG}" "${IMG}"

91
lxc-nix/configuration-empty.nix
View file

@ -1,91 +0,0 @@
{ config, pkgs, ... }:
let
parameters = import ./parameters.nix { };
# GID = 888;
# user = "rtorrent";
# passwordHash = "$y$j9T$dA94KVg1/jYLqclQQbTDk.$cnfxBWUN8P4shr8Kkipv5bU/RCtQNoAwYFDZ0X/BYs5";
timeZone = "Europe/Rome";
defaultLocale = "en_US.UTF-8";
in
{
imports = [
# Need to load some defaults for running in an lxc container.
# This is explained in:
# https://github.com/nix-community/nixos-generators/issues/79
# "${modulesPath}/virtualisation/lxc-container.nix"
];
# This doesn't do _everything_ we need, because `boot.isContainer` is
# specifically talking about light-weight NixOS containers, not LXC. But it
# does at least gives us something to start with.
boot.isContainer = true;
networking = {
hostName = parameters.containerName;
};
nixpkgs.config.allowUnfree = true;
# Extra packages
# environment.systemPackages = with pkgs; [ ];
services = {
openssh.enable = true;
};
time.timeZone = parameters.timeZone;
i18n = {
defaultLocale = defaultLocale;
extraLocaleSettings = {
LC_ADDRESS = defaultLocale;
LC_IDENTIFICATION = defaultLocale;
LC_MEASUREMENT = defaultLocale;
LC_MONETARY = defaultLocale;
LC_NAME = defaultLocale;
LC_PAPER = defaultLocale;
LC_TELEPHONE = defaultLocale;
# LC_NUMERIC = defaultLocale;
# LC_TIME = defaultLocale;
};
};
users = {
# If set to false, the contents of the user and group files will simply
# be replaced on system activation.
# This also holds for the user passwords.
# All changed passwords will be reset according
# to the `users.users` configuration on activation.
mutableUsers = false;
users.root = {
hashedPassword = "$6$gir1YD6tNdC9xAj0$zLr1yt/ea9PvwygjHfQVnPmeCd1.2zrAKWiN80duidwOkZF6hwm06ta6J3O9uw6F3uUHC0N7iiKYhCgXXR.Q7/";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILrVYJrU6Ys2o/QYfI6Es5yqVVyjUyDYj6Fglvz63ywP krzo@pazpi.top"
];
};
};
# Supress systemd units that don't work because of LXC.
# https://blog.xirion.net/posts/nixos-proxmox-lxc/#configurationnix-tweak
systemd.suppressedSystemUnits = [
"dev-mqueue.mount"
"sys-kernel-debug.mount"
"sys-fs-fuse-connections.mount"
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
system.stateVersion = "24.05";
}

134
lxc-nix/configuration.nix
View file

@ -1,134 +0,0 @@
{ config, pkgs, ... }:
let
parameters = import ./parameters.nix { };
# GID = 888;
# user = "rtorrent";
# passwordHash = "$y$j9T$dA94KVg1/jYLqclQQbTDk.$cnfxBWUN8P4shr8Kkipv5bU/RCtQNoAwYFDZ0X/BYs5";
timeZone = "Europe/Rome";
defaultLocale = "en_US.UTF-8";
in
{
imports = [
# Need to load some defaults for running in an lxc container.
# This is explained in:
# https://github.com/nix-community/nixos-generators/issues/79
# "${modulesPath}/virtualisation/lxc-container.nix"
# ./modules/qbittorrent.nix
./modules/rutorrent.nix
# ./services/qbittorrent.nix
./services/rutorrent.nix
./services/networking.nix
];
# This doesn't do _everything_ we need, because `boot.isContainer` is
# specifically talking about light-weight NixOS containers, not LXC. But it
# does at least gives us something to start with.
boot.isContainer = true;
networking = {
hostName = parameters.containerName;
};
nixpkgs.config.allowUnfree = true;
# Extra packages
# environment.systemPackages = with pkgs; [ ];
services = {
openssh.enable = true;
tailscale = {
enable = false;
useRoutingFeatures = "both";
extraUpFlags = [ "--exit-node=${parameters.tailscaleExitNodeIP}" ];
authKeyFile = builtins.toFile "authKey" ''${parameters.tailscaleAuthKey}'';
};
};
time.timeZone = parameters.timeZone;
i18n = {
defaultLocale = defaultLocale;
extraLocaleSettings = {
LC_ADDRESS = defaultLocale;
LC_IDENTIFICATION = defaultLocale;
LC_MEASUREMENT = defaultLocale;
LC_MONETARY = defaultLocale;
LC_NAME = defaultLocale;
LC_PAPER = defaultLocale;
LC_TELEPHONE = defaultLocale;
# LC_NUMERIC = defaultLocale;
# LC_TIME = defaultLocale;
};
};
users = {
# If set to false, the contents of the user and group files will simply
# be replaced on system activation.
# This also holds for the user passwords.
# All changed passwords will be reset according
# to the `users.users` configuration on activation.
mutableUsers = false;
users.root = {
hashedPassword = "$6$gir1YD6tNdC9xAj0$zLr1yt/ea9PvwygjHfQVnPmeCd1.2zrAKWiN80duidwOkZF6hwm06ta6J3O9uw6F3uUHC0N7iiKYhCgXXR.Q7/";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
];
};
users.pazpi = {
isNormalUser = true;
shell = pkgs.bash;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
];
};
# groups = {
# qbittorrent = { gid = GID; };
# };
# users."${user}" = {
# isNormalUser = true;
# group = "qbittorrent";
# extraGroups = [ "user" "multimedia" ];
# # initialHashedPassword = passwordHash;
# };
};
# # Enable passwordless sudo.
# security.sudo.extraRules = [
# {
# users = [ user ];
# commands = [
# {
# command = "ALL";
# options = [ "NOPASSWD" ];
# }
# ];
# }
# ];
# Supress systemd units that don't work because of LXC.
# https://blog.xirion.net/posts/nixos-proxmox-lxc/#configurationnix-tweak
systemd.suppressedSystemUnits = [
"dev-mqueue.mount"
"sys-kernel-debug.mount"
"sys-fs-fuse-connections.mount"
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
system.stateVersion = "24.05";
}

10
lxc-nix/parameters.nix
View file

@ -1,10 +0,0 @@
{ ... }:
{
containerName = "nixos-test"; # Name of the container, used for nginx virtualhost and for tailscale machine name
timeZone = "Europe/Rome"; # TimeZone
downloadDir = "/data"; # Main download folder
tailscaleAuthKey = "tskey-auth-kmgDY87CNTRL-urQA7eRn235t8Sjs6hW3259wJHE63Kvd";
tailscaleExitNodeIP = "100.81.1.32"; # vps
}

31
lxc-nix/services/networking.nix
View file

@ -1,31 +0,0 @@
{ ... }:
{
networking = {
useDHCP = true;
# If you prefer DHCP
interfaces.eth0.useDHCP = true;
# We don't use DHCP, so we configure it statically.
# interfaces.eth0.ipv4.addresses = [{
# address = "10.42.135.101";
# prefixLength = 24;
# }];
# # We can access the internet through this interface.
# defaultGateway = {
# address = "10.42.135.1";
# interface = "eth0";
# };
# Since we don't use DHCP, we need to set our own nameservers.
nameservers = [
"1.1.1.1"
"1.0.0.1"
];
};
}

68
lxc-nix/services/rutorrent.nix
View file

@ -1,68 +0,0 @@
{ config, ... }:
let
parameters = import ../parameters.nix { };
in
{
services = {
rtorrent = {
enable = true;
openFirewall = true;
downloadDir = parameters.downloadDir;
};
rutorrent = {
enable = true;
hostName = parameters.containerName;
plugins = [
"_cloudflare"
"_getdir"
"_noty2"
"_task"
"autotools"
"check_port"
"chunks"
"cookies"
"cpuload"
# "сreate"
"data"
"datadir"
"diskspace"
"edit"
"erasedata"
"extratio"
"extsearch"
"feeds"
"filedrop"
"geoip"
"history"
"httprpc"
"ipad"
"loginmgr"
"lookat"
"mediainfo"
"ratio"
"retrackers"
"rss"
"rssurlrewrite"
"rutracker_check"
"scheduler"
"screenshots"
"seedingtime"
"show_peers_like_wtorrent"
"source"
"spectrogram"
"theme"
"throttle"
"tracklabels"
"trafic"
"unpack"
"uploadeta"
];
nginx = {
enable = true;
};
};
};
}