nixos-configs/machine/backyard/default.nix

125 lines
3.0 KiB
Nix
Raw Normal View History

{ pkgs, ... }:
2023-08-02 00:13:35 +00:00
{
imports = [
./hardware-configuration.nix
./filesystems.nix
./fileserver.nix
./immich.nix
2023-10-22 20:56:06 +00:00
./jellyfin.nix
2024-04-16 02:28:04 +00:00
./samba.nix
];
2023-08-02 00:13:35 +00:00
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
2023-08-02 00:13:35 +00:00
2024-04-16 03:02:23 +00:00
# ZFS support
boot.supportedFilesystems = [ "zfs" ];
networking.hostId = "64cc144d";
# https://old.reddit.com/r/zfs/comments/1826lgs/psa_its_not_block_cloning_its_a_data_corruption/
boot.kernelParams = [ "zfs.zfs_dmu_offset_next_sync=0" ];
2024-04-24 04:32:35 +00:00
boot.zfs.extraPools = [ "pool" ];
2024-04-16 03:02:23 +00:00
2023-08-02 01:59:06 +00:00
beatific.hostName = "backyard";
2023-08-02 00:13:35 +00:00
# Enable networking
networking.networkmanager.enable = true;
2023-08-02 15:39:25 +00:00
networking.firewall = {
enable = true;
allowedTCPPorts = [
7474 # mirror revproxy
7475 # http serve tvb pool
7476 # tvb catacomb host server
];
};
services.nginx = {
enable = true;
virtualHosts = {
default = {
default = true;
rejectSSL = true;
locations."/".return = "444";
};
"pool.backyard.home" = {
listen = [
{ addr = "10.22.20.8"; }
# Alternative port to ensure the right vhost connects
{ addr = "10.22.20.8"; port = 7475; }
];
root = "/pool/tvb";
locations."/".extraConfig = ''
autoindex on;
autoindex_exact_size off;
'';
};
"mirror.backyard.home" = {
listen = [
{ addr = "10.22.20.8"; }
# Alternative port to ensure the right vhost connects
{ addr = "10.22.20.8"; port = 7474; }
];
root = "/pool/tvb/doc/website/mirror";
};
"files.backyard.home" = {
listen = [
{ addr = "10.22.20.8"; port = 7476; }
];
locations."/" = {
root = "/pool/tvb";
tryFiles = "\$uri @indexer";
};
locations."@indexer".proxyPass = "http://localhost:5000";
};
};
2023-08-02 15:39:25 +00:00
};
2023-08-02 00:13:35 +00:00
2024-04-16 21:09:02 +00:00
environment.systemPackages = with pkgs; [
2024-04-24 06:22:32 +00:00
pv # zfs send progress meter
2024-04-16 21:09:02 +00:00
smartmontools # provides smartctl drive inspector
];
2024-08-09 13:42:28 +00:00
programs.screen.enable = true;
2024-04-16 21:09:02 +00:00
2024-04-23 20:43:59 +00:00
services.zfs = {
autoScrub = {
enable = true;
pools = [ "pool" ];
interval = "monthly";
};
};
2024-06-11 05:35:23 +00:00
services.cron.enable = true;
2024-04-24 04:32:01 +00:00
users.users = {
tvb = {
extraGroups = [ "networkmanager" ];
2024-05-10 14:26:09 +00:00
packages = [
(pkgs.writeShellScriptBin "yt-dlp" ''exec $HOME/.yt-dlp/bin/yt-dlp "$@"'')
];
2024-04-24 04:32:01 +00:00
};
katydid = {
uid = 1102;
isNormalUser = true;
group = "katydid";
initialPassword = "katydid";
};
};
users.groups = {
katydid.gid = 1102;
tvbpoolro = {
gid = 1201;
members = [ "tvb" "jellyfin" "nginx" ];
};
2024-04-24 04:32:01 +00:00
};
2023-08-02 15:39:25 +00:00
# This value governs how some stateful data, like databases, are handled
# across different versions of NixOS. This should not be changed to a new
# release unless the sysadmin has determined that no services would be
# adversely affected by changing this.
system.stateVersion = "23.05";
2023-08-02 00:13:35 +00:00
}