upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-08-09 21:34:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: expanded all lists

Browse source
This commit is contained in:
Nick 2025-01-08 19:06:14 -06:00
parent 59cc199722
commit bb0b55b011
144 changed files with 1798 additions and 507 deletions
Download patch file Download diff file Expand all files Collapse all files

19
nixos/modules/services/acme.nix
View file

@ -3,9 +3,18 @@
flake,
...
}: let
inherit (flake.config.people) user0;
inherit (flake.config.people.users.${user0}) email;
inherit (flake.config.services) instances;
inherit
(flake.config.people)
user0
;
inherit
(flake.config.people.users.${user0})
email
;
inherit
(flake.config.services)
instances
;
domain0 = instances.web.domains.url0;
domain1 = instances.web.domains.url1;
domain3 = instances.web.domains.url3;
@ -65,7 +74,9 @@ in {
);
};
sops = let
sopsSecrets = ["pass"];
sopsSecrets = [
"pass"
];
sopsPath = secret: {
path = "/var/lib/secrets/${instances.acme.name}/${dns}-${secret}";
owner = "root";

12
nixos/modules/services/caddy.nix
View file

@ -1,5 +1,9 @@
{flake, ...}: let
inherit (flake.config.services.instances) caddy web;
inherit
(flake.config.services.instances)
caddy
web
;
domain0 = web.domains.url0;
@ -17,7 +21,11 @@ in {
};
};
users.users.${service.name}.extraGroups = ["acme" "nextcloud" "mastodon"];
users.users.${service.name}.extraGroups = [
"acme"
"nextcloud"
"mastodon"
];
networking = {
firewall = {

20
nixos/modules/services/forgejo.nix
View file

@ -3,8 +3,15 @@
config,
...
}: let
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) forgejo web;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
forgejo
web
;
service = forgejo;
localhost = web.localhost.address0;
host = "${service.subdomain}.${web.domains.url1}";
@ -86,7 +93,9 @@ in {
fileSystems."/var/lib/${service.name}" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
options = [
"bind"
];
depends = [server.storage0.mount];
};
@ -95,7 +104,10 @@ in {
"Z ${service.sops.path0} 755 ${service.name} ${service.name} -"
];
users.users.${service.name}.extraGroups = ["caddy" "postgres"];
users.users.${service.name}.extraGroups = [
"caddy"
"postgres"
];
networking = {
firewall = {

20
nixos/modules/services/jellyfin.nix
View file

@ -1,7 +1,17 @@
{flake, ...}: let
inherit (flake.config.people) user0;
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) jellyfin web;
inherit
(flake.config.people)
user0
;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
jellyfin
web
;
service = jellyfin;
localhost = web.localhost.address0;
host = "${service.subdomain}.${web.domains.url0}";
@ -35,7 +45,9 @@ in {
fileSystems = let
settings = {
fsType = "none";
options = ["bind"];
options = [
"bind"
];
depends = [server.storage0.mount];
};
in {

42
nixos/modules/services/mastodon/default.nix
View file

@ -5,8 +5,15 @@
lib,
...
}: let
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) mastodon web;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
mastodon
web
;
service = mastodon;
host = web.domains.url1;
localhost = web.localhost.address0;
@ -68,23 +75,33 @@ in {
sidekiqThreads = 25;
sidekiqProcesses = {
all = {
jobClasses = [];
jobClasses = [
];
threads = null;
};
default = {
jobClasses = ["default"];
jobClasses = [
"default"
];
threads = 5;
};
ingress = {
jobClasses = ["ingress"];
jobClasses = [
"ingress"
];
threads = 5;
};
push-pull = {
jobClasses = ["push" "pull"];
jobClasses = [
"push"
"pull"
];
threads = 5;
};
mailers = {
jobClasses = ["mailers"];
jobClasses = [
"mailers"
];
threads = 5;
};
};
@ -169,7 +186,9 @@ in {
fileSystems."/var/lib/${service.name}" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
options = [
"bind"
];
depends = [server.storage0.mount];
};
@ -178,11 +197,14 @@ in {
"Z ${service.sops.path0} 0755 ${service.name} ${service.name} -"
];
users.users.${service.name}.extraGroups = ["postgres"];
users.users.${service.name}.extraGroups = [
"postgres"
];
networking = {
firewall = {
allowedTCPPorts = [];
allowedTCPPorts = [
];
};
};
}

18
nixos/modules/services/minecraft.nix
View file

@ -3,8 +3,14 @@
flake,
...
}: let
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) minecraft;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
minecraft
;
service = minecraft;
in {
services = {
@ -71,8 +77,12 @@ in {
fileSystems."/var/lib/${service.name}" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
depends = [server.storage0.mount];
options = [
"bind"
];
depends = [
server.storage0.mount
];
};
systemd.tmpfiles.rules = [

32
nixos/modules/services/nextcloud.nix
View file

@ -4,10 +4,24 @@
pkgs,
...
}: let
inherit (flake.config.people) user0;
inherit (flake.config.people.users.${user0}) name;
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) nextcloud nginx web;
inherit
(flake.config.people)
user0
;
inherit
(flake.config.people.users.${user0})
name
;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
nextcloud
nginx
web
;
service = nextcloud;
localhost = web.localhost.address0;
host = "${service.subdomain}.${web.domains.url1}";
@ -96,7 +110,9 @@ in {
fileSystems."/var/lib/${service.name}" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
options = [
"bind"
];
depends = [server.storage0.mount];
};
@ -105,7 +121,11 @@ in {
"Z ${service.sops.path0} 750 ${service.name} ${service.name} -"
];
users.users.${service.name}.extraGroups = ["caddy" "nginx" "postgres"];
users.users.${service.name}.extraGroups = [
"caddy"
"nginx"
"postgres"
];
networking = {
firewall = {

19
nixos/modules/services/ollama.nix
View file

@ -1,6 +1,13 @@
{flake, ...}: let
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) ollama web;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
ollama
web
;
service = ollama;
localhost = web.localhost.address0;
host = "${service.subdomain}.${web.domains.url0}";
@ -45,11 +52,15 @@ in {
fileSystems."/var/lib/${service.name}" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
options = [
"bind"
];
depends = [server.storage0.mount];
};
systemd.tmpfiles.rules = ["Z ${service.paths.path0} 0755 ${service.name} ${service.name} -"];
systemd.tmpfiles.rules = [
"Z ${service.paths.path0} 0755 ${service.name} ${service.name} -"
];
networking = {
firewall = {

6
nixos/modules/services/owncast.nix
View file

@ -1,5 +1,9 @@
{flake, ...}: let
inherit (flake.config.services.instances) owncast web;
inherit
(flake.config.services.instances)
owncast
web
;
service = owncast;
localhost = web.localhost.address1;
host = "${service.subdomain}.${web.domains.url1}";

16
nixos/modules/services/peertube.nix
View file

@ -4,8 +4,16 @@
pkgs,
...
}: let
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) caddy peertube web;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
caddy
peertube
web
;
service = peertube;
localhost = web.localhost.address0;
host = "${service.subdomain}.${web.domains.url3}";
@ -109,7 +117,9 @@ in {
fileSystems."/var/lib/${service.name}" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
options = [
"bind"
];
depends = [server.storage0.mount];
};

36
nixos/modules/services/postgresql.nix
View file

@ -1,6 +1,12 @@
{flake, ...}: let
inherit (flake.config.machines.devices) server;
inherit (flake.config.services.instances) postgresql;
inherit
(flake.config.machines.devices)
server
;
inherit
(flake.config.services.instances)
postgresql
;
service = postgresql;
in {
@ -8,7 +14,13 @@ in {
postgresqlBackup = {
enable = true;
location = service.paths.path0;
databases = ["mastodon" "nextcloud" "peertube" "forgejo" "wiki"];
databases = [
"mastodon"
"nextcloud"
"peertube"
"forgejo"
"wiki"
];
};
postgresql = {
enable = true;
@ -25,13 +37,23 @@ in {
fileSystems."/var/lib/postgresql" = {
device = service.paths.path0;
fsType = "none";
options = ["bind"];
depends = [server.storage0.mount];
options = [
"bind"
];
depends = [
server.storage0.mount
];
};
systemd.tmpfiles.rules = ["Z ${service.paths.path0} 700 ${service.name} ${service.name} -"];
systemd.tmpfiles.rules = [
"Z ${service.paths.path0} 700 ${service.name} ${service.name} -"
];
users.users.${service.name}.extraGroups = ["nextcloud" "mastodon" "forgejo"];
users.users.${service.name}.extraGroups = [
"nextcloud"
"mastodon"
"forgejo"
];
system.activationScripts.postgresCommands = ''
chown -R ${service.name}:${service.name} ${service.paths.path0}

6
nixos/modules/services/samba.nix
View file

@ -3,7 +3,11 @@
flake,
...
}: let
inherit (flake.config.services.instances) samba jellyfin;
inherit
(flake.config.services.instances)
samba
jellyfin
;
service = samba;
in {
# If you ever need to start fresh, you need to add yourself to the Samba users database:

6
nixos/modules/services/upRootNutrition.nix
View file

@ -1,5 +1,9 @@
{flake, ...}: let
inherit (flake.config.services.instances) upRootNutrition web;
inherit
(flake.config.services.instances)
upRootNutrition
web
;
service = upRootNutrition;
host = web.domains.url3;
in {

6
nixos/modules/services/vaultwarden.nix
View file

@ -3,7 +3,11 @@
config,
...
}: let
inherit (flake.config.services.instances) vaultwarden web;
inherit
(flake.config.services.instances)
vaultwarden
web
;
service = vaultwarden;
localhost = web.localhost.address0;
host = "${service.subdomain}.${web.domains.url0}";