mirror of
https://gitlab.com/upRootNutrition/dotfiles.git
synced 2025-12-07 05:27:13 -06:00
feat: provisioned resources properly across microvms
This commit is contained in:
Nick
parent
857f2e39a8
commit
30593b866e
11 changed files with 42 additions and 91 deletions
|
|
@ -28,7 +28,6 @@ in
|
|||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
openssh = {
|
||||
enable = true;
|
||||
settings = {
|
||||
|
|
@ -37,24 +36,20 @@ in
|
|||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users.jellyfin = {
|
||||
isSystemUser = true;
|
||||
group = serviceCfg.name;
|
||||
uid = id;
|
||||
};
|
||||
|
||||
users.groups.jellyfin = {
|
||||
gid = id;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
22
|
||||
serviceCfg.ports.port0
|
||||
serviceCfg.ports.port1
|
||||
serviceCfg.ports.port2
|
||||
];
|
||||
|
||||
fileSystems."/tmp" = {
|
||||
device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
|
|
@ -63,7 +58,6 @@ in
|
|||
"mode=1777"
|
||||
];
|
||||
};
|
||||
|
||||
systemd = {
|
||||
network = {
|
||||
enable = true;
|
||||
|
|
@ -82,7 +76,6 @@ in
|
|||
];
|
||||
};
|
||||
};
|
||||
|
||||
tmpfiles.rules = [
|
||||
"Z ${serviceCfg.varPaths.path0} 0755 ${serviceCfg.name} ${serviceCfg.name} -"
|
||||
"Z ${serviceCfg.varPaths.path2} 0755 ${serviceCfg.name} ${serviceCfg.name} -"
|
||||
|
|
@ -90,11 +83,9 @@ in
|
|||
"Z ${serviceCfg.varPaths.path2} 0775 ${serviceCfg.name} ${serviceCfg.name} -"
|
||||
];
|
||||
};
|
||||
|
||||
systemd.services.systemd-networkd.wantedBy = [ "multi-user.target" ];
|
||||
|
||||
microvm = {
|
||||
vcpu = 2;
|
||||
vcpu = 4;
|
||||
mem = 1024 * 3;
|
||||
hypervisor = "qemu";
|
||||
interfaces = [
|
||||
|
|
@ -143,24 +134,14 @@ in
|
|||
}
|
||||
];
|
||||
};
|
||||
environment.systemPackages = builtins.attrValues {
|
||||
inherit (pkgs)
|
||||
yazi
|
||||
bottom
|
||||
trashy
|
||||
fastfetch
|
||||
;
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
security.acme.certs."${host}" = {
|
||||
dnsProvider = dns0;
|
||||
environmentFile = config.sops.secrets.${dns0Path}.path;
|
||||
group = "caddy";
|
||||
};
|
||||
|
||||
services = {
|
||||
caddy = {
|
||||
virtualHosts = {
|
||||
|
|
@ -182,7 +163,6 @@ in
|
|||
gid = id;
|
||||
members = [ user0 ];
|
||||
};
|
||||
|
||||
users = {
|
||||
jellyfin = {
|
||||
isSystemUser = true;
|
||||
|
|
@ -192,7 +172,6 @@ in
|
|||
caddy.extraGroups = [ "acme" ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${serviceCfg.mntPaths.path0} 0755 microvm wheel - -"
|
||||
"d ${serviceCfg.mntPaths.path0}/data 0755 microvm wheel - -"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue