upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-06-17 02:25:12 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: init

Browse source
This commit is contained in:
Nick 2024-10-06 15:25:05 -05:00
commit c19ea940bd
320 changed files with 23845 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

168
config/default.nix Executable file
View file

@ -0,0 +1,168 @@
{lib, ...}: let
deviceNames = [
"desktop"
"fallaryn"
"laptop"
"nas"
"phone"
"server"
"tablet"
"wildcard"
];
instanceNames = [
"acme"
"caddy"
"castopod"
"forgejo"
"jellyfin"
"mastodon"
"matrix"
"minecraft"
"nextcloud"
"nginx"
"ollama"
"peertube"
"postgresql"
"samba"
"syncthing"
"synology"
"vaultwarden"
"writefreely"
];
userNames = [
"user0"
"user1"
"user2"
"user3"
];
stringType = lib.mkOption {
type = lib.types.str;
};
intType = lib.mkOption {
type = lib.types.int;
};
listType = lib.mkOption {
type = lib.types.listOf lib.types.str;
};
numOptions = 20;
genOptions = config: prefix:
builtins.listToAttrs (
map
(i: {
name = "${prefix}${toString i}";
value = config;
})
(builtins.genList (i: i) numOptions)
);
in let
peopleSubmodule = lib.types.submodule {
options =
builtins.listToAttrs (map (name: {
inherit name;
value = stringType;
})
userNames)
// {
user = lib.mkOption {
type = lib.types.attrsOf userSubmodule;
};
};
};
userSubmodule = lib.types.submodule {
options = {
name = stringType;
sshKeys = listType;
group = stringType;
email = genOptions stringType "address";
domain = genOptions stringType "url";
dns = genOptions stringType "provider";
git = genOptions stringType "path";
};
};
serviceSubmodule = lib.types.submodule {
options =
builtins.listToAttrs (
map
(name: {
inherit name;
value = stringType;
})
instanceNames
)
// {
instance = lib.mkOption {
type = lib.types.attrsOf instanceSubmodule;
};
};
};
instanceSubmodule = lib.types.submodule {
options = {
subdomain = stringType;
label = stringType;
name = stringType;
sops = genOptions stringType "path";
paths = genOptions stringType "path";
ports = genOptions intType "port";
ssl = {
cert = stringType;
key = stringType;
};
};
};
systemSubmodule = lib.types.submodule {
options =
builtins.listToAttrs (
map
(name: {
inherit name;
value = stringType;
})
deviceNames
)
// {
device = lib.mkOption {
type = lib.types.attrsOf deviceSubmodule;
};
};
};
deviceSubmodule = let
mountConfig = {
mount = stringType;
device = stringType;
options = listType;
};
in
lib.types.submodule {
options =
{
boot = mountConfig;
ip = genOptions stringType "address";
label = stringType;
name = stringType;
sync = stringType;
}
// genOptions mountConfig "folder"
// genOptions mountConfig "samba"
// genOptions mountConfig "storage";
};
in {
options = {
service = lib.mkOption {
type = serviceSubmodule;
};
system = lib.mkOption {
type = systemSubmodule;
};
people = lib.mkOption {
type = peopleSubmodule;
};
};
config = {
people = import ./user.nix;
service = import ./instance.nix;
system = import ./device.nix;
};
}

184
config/device.nix Executable file
View file

@ -0,0 +1,184 @@
let
perms22 = ["fmask=0022" "dmask=0022"];
perms77 = ["fmask=0077" "dmask=0077"];
permsRW = ["rw"];
permsSmb = ["rw" "gid=100" "vers=3.0" "x-systemd.automount" "x-systemd.requires=network-online.target"];
permsFm = ["file_mode=0644" "dir_mode=0755"];
uid0 = ["uid=1000"];
uid1 = ["uid=1001"];
in {
device = {
# Desktop
desktop = {
label = "Desktop";
name = "desktop";
sync = "";
ip = {
address0 = "192.168.50.196";
};
boot = {
options = perms22;
};
storage0 = {
mount = "/mnt/media/games";
device = "/dev/disk/by-label/Games";
options = permsRW;
};
storage1 = {
mount = "/mnt/media/storage";
device = "/dev/disk/by-label/Storage";
options = permsRW;
};
};
# Laptop
laptop = {
label = "Laptop";
name = "laptop";
sync = "";
ip = {
address0 = "192.168.50.142";
};
boot = {
options = perms22;
};
};
# Server
server = let
serverName = "server";
serverIP = "192.168.50.140";
in {
label = "Server";
name = serverName;
ip = {
address0 = serverIP;
};
boot = {
options = perms77;
};
storage0 = let
nasPath = "NAS1";
in {
mount = "/mnt/media/${nasPath}";
device = "/dev/disk/by-label/${nasPath}";
options = permsRW;
};
samba0 = let
share0Name = "media";
in {
mount = "/mnt/media/${serverName}/${share0Name}";
device = "//${serverIP}/${share0Name}";
options = permsSmb ++ permsFm ++ uid0;
};
};
# Synology
nas = let
user0 = "nick";
user1 = "garnet";
user2 = "fallaryn";
user3 = "denise";
user0Name = "Nick";
user1Name = "Garnet";
user2Name = "Fallaryn";
user3Name = "Denise";
nasName = "synology";
nasIP = "192.168.50.209";
in {
label = "Synology";
sync = "MWRGX2V-F5XKE5E-REP6ECT-OOPFBMF-22NHSMW-YFBU6MB-PLFUN63-R3MW2QX";
name = nasName;
ip = {
address0 = nasIP;
};
# Nick Home Folder
folder0 = {
mount = "/mnt/media/${nasName}/${user0}";
device = "//${nasIP}/homes/${user0Name}";
options = permsSmb ++ uid0;
};
# Garnet Home Folder
folder1 = {
mount = "/mnt/media/${nasName}/${user1}";
device = "//${nasIP}/homes/${user1Name}";
options = permsSmb ++ uid1;
};
# Fallaryn Home Folder
folder2 = {
mount = "/mnt/media/${nasName}/${user2}";
device = "//${nasIP}/homes/${user2Name}";
options = permsSmb ++ uid0;
};
# Denise Home Folder
folder3 = {
mount = "/mnt/media/${nasName}/${user3}";
device = "//${nasIP}/homes/${user3Name}";
options = permsSmb ++ uid0;
};
# Minecraft Worlds
folder4 = {
mount = "/home/${user1}/.local/share/PrismLauncher/instances/1.21/.minecraft/saves";
device = "//${nasIP}/homes/${user1Name}/Minecraft";
options = permsSmb ++ uid1;
};
};
# Fallaryn Desktop
fallaryn = {
label = "fallaryn";
name = "fallaryn";
ip = {
address0 = "";
};
boot = {
options = perms22;
};
storage0 = {
mount = "/run/media/games";
device = "/dev/disk/by-label/Games";
options = permsRW;
};
storage1 = {
mount = "/run/media/entertainment";
device = "/dev/disk/by-label/Entertainment";
options = permsRW;
};
};
# Pixel 7 Pro
phone = {
name = "pixel";
sync = "AE65XCK-4FYDDBB-SMPCDQO-U3CZUHA-LAWTKZY-ZBUGVNI-ZRYACB2-FFNFVQF";
ip = {
address0 = "192.168.50.243";
};
};
# Samsung S7 FE
tablet = {
name = "tablet";
sync = "I2ZSCZU-T4JMUJJ-XCUQ3MY-G5EUFZ5-KRG2DRY-XIBJZZM-FQW3UMY-CBCTUQU";
ip = {
address0 = "192.168.50.189";
};
};
# No particular system
wildcard = {
ip = {
address0 = "127.0.0.1"; # Local
address1 = "0.0.0.0"; # All
address2 = "192.168.50.1"; # Router
address3 = "192.168.50.0"; # Router
};
};
};
}

336
config/instance.nix Executable file
View file

@ -0,0 +1,336 @@
let
acmeLabel = "Acme";
caddyLabel = "Caddy";
castLabel = "Castopod";
forgejoLabel = "Forgejo";
jellyfinLabel = "Jellyfin";
mastodonLabel = "Mastodon";
matrixLabel = "Matrix";
minecraftLabel = "Minecraft";
nextcloudLabel = "Nextcloud";
ollamaLabel = "Ollama";
peertubeLabel = "PeerTube";
postgresLabel = "PostgreSQL";
sambaLabel = "Samba";
syncthingLabel = "Syncthing";
synologyLabel = "Synology";
vaultwardenLabel = "Vaultwarden";
writefreelyLabel = "WriteFreely";
acmeName = "acme";
caddyName = "caddy";
castName = "castopod";
forgejoName = "forgejo";
jellyfinName = "jellyfin";
mastodonName = "mastodon";
matrixName = "matrix";
minecraftName = "minecraft";
nextcloudName = "nextcloud";
ollamaName = "ollama";
peertubeName = "peertube";
postgresName = "postgres";
sambaName = "samba";
syncthingName = "syncthing";
synologyName = "synology";
vaultwardenName = "vaultwarden";
writefreelyName = "writefreely";
domain0 = "cloudbert.fun";
domain1 = "the-nutrivore.social";
servicePath = "/mnt/media/NAS1";
sops = "/var/lib/secrets";
sslPath = "/var/lib/acme";
in {
instance = {
acme = {
label = acmeLabel;
name = acmeName;
paths = {
path0 = sslPath;
};
sops = {
path0 = "${sops}/${acmeName}";
};
};
caddy = {
label = caddyLabel;
name = caddyName;
sops = {
path0 = "${sops}/${caddyName}";
};
ports = {
port0 = 80;
port1 = 443;
};
};
castopod = let
castDomain = "podcast";
in {
label = castLabel;
name = castName;
sops = {
path0 = "${sops}/${castName}";
};
subdomain = castDomain;
paths = {
path0 = "${servicePath}/${castLabel}";
};
ports = {
port0 = 8000;
};
ssl = {
cert = "${sslPath}/${castDomain}.${domain1}/fullchain.pem";
key = "${sslPath}/${castDomain}.${domain1}/key.pem";
};
};
forgejo = let
forgejoDomain = "source";
in {
label = forgejoLabel;
name = forgejoName;
sops = {
path0 = "${sops}/${forgejoName}";
};
subdomain = forgejoDomain;
paths = {
path0 = "${servicePath}/${forgejoLabel}";
};
ports = {
port0 = 3000;
};
ssl = {
cert = "${sslPath}/${forgejoDomain}.${domain1}/fullchain.pem";
key = "${sslPath}/${forgejoDomain}.${domain1}/key.pem";
};
};
jellyfin = {
label = jellyfinLabel;
name = jellyfinName;
sops = {
path0 = "${sops}/${jellyfinName}";
};
subdomain = jellyfinName;
paths = {
path0 = "${servicePath}/${jellyfinLabel}";
};
ports = {
port0 = 5055; # Jellyseer
port1 = 8096; # Jellyfin HTTP
port2 = 8920; # Jellyfin HTTPS
};
ssl = {
cert = "${sslPath}/${jellyfinName}.${domain0}/fullchain.pem";
key = "${sslPath}/${jellyfinName}.${domain0}/key.pem";
};
};
matrix = {
label = matrixLabel;
name = matrixName;
sops = {
path0 = "${sops}/${matrixName}";
};
subdomain = matrixName;
paths = {
path0 = "${servicePath}/${matrixLabel}";
path1 = "";
path2 = "";
};
};
mastodon = {
label = mastodonLabel;
name = mastodonName;
sops = {
path0 = "${sops}/${mastodonName}";
};
paths = {
path0 = "${servicePath}/${mastodonLabel}";
path1 = "";
path2 = "";
};
ssl = {
cert = "${sslPath}/${domain1}/fullchain.pem";
key = "${sslPath}/${domain1}/key.pem";
};
};
minecraft = {
label = minecraftLabel;
name = minecraftName;
sops = {
path0 = "${sops}/${minecraftName}";
};
subdomain = minecraftName;
paths = {
path0 = "${servicePath}/${minecraftLabel}";
};
ports = {
port0 = 43000; # Minecraft (Brix on Nix)
};
ssl = {
cert = "${sslPath}/${minecraftName}.${domain0}/fullchain.pem";
key = "${sslPath}/${minecraftName}.${domain0}/key.pem";
};
};
nextcloud = {
label = nextcloudLabel;
name = nextcloudName;
sops = {
path0 = "${sops}/${nextcloudName}";
};
subdomain = nextcloudName;
paths = {
path0 = "${servicePath}/${nextcloudLabel}";
};
ports = {
port0 = 8354; # Nextcloud
};
ssl = {
cert = "${sslPath}/${nextcloudName}.${domain0}/fullchain.pem";
key = "${sslPath}/${nextcloudName}.${domain0}/key.pem";
};
};
nginx = {
ports = {
port0 = 8080; # HTTP
port1 = 8443; # HTTPS
};
};
ollama = {
label = ollamaLabel;
name = ollamaName;
sops = {
path0 = "${sops}/${ollamaName}";
};
subdomain = ollamaName;
paths = {
path0 = "${servicePath}/${ollamaLabel}";
path1 = "/mnt/media/storage/${ollamaName}";
};
ports = {
port0 = 8088; # Open-WebUI (Ollama Front End)
port1 = 11434; # Ollama API
};
ssl = {
cert = "${sslPath}/${ollamaName}.${domain0}/fullchain.pem";
key = "${sslPath}/${ollamaName}.${domain0}/key.pem";
};
};
peertube = {
label = peertubeLabel;
name = peertubeName;
sops = {
path0 = "${sops}/${peertubeName}";
};
subdomain = "video";
paths = {
path0 = "${servicePath}/${peertubeLabel}";
};
ports = {
port0 = 9000; # HTTP
port1 = 1935;
port2 = 1936;
port3 = 5432;
port4 = 52800;
};
ssl = {
cert = "${sslPath}/video.${domain1}/fullchain.pem";
key = "${sslPath}/video.${domain1}/key.pem";
};
};
postgresql = {
label = postgresLabel;
name = postgresName;
sops = {
path0 = "${sops}/${postgresName}";
};
paths = {
path0 = "${servicePath}/${postgresLabel}";
};
ports = {
port0 = 5432;
};
};
samba = {
label = sambaLabel;
name = sambaName;
sops = {
path0 = "${sops}/${sambaName}";
};
paths = {
path0 = "${servicePath}/${jellyfinLabel}";
path1 = "";
path2 = "";
};
ports = {
port0 = 445; # Samba
};
};
synology = {
label = synologyLabel;
name = synologyName;
sops = {
path0 = "${sops}/${synologyName}";
};
ports = {
port0 = 5001; # Synology HTTPS
};
};
syncthing = {
label = syncthingLabel;
name = syncthingName;
sops = {
path0 = "${sops}/${syncthingName}";
};
subdomain = syncthingName;
ports = {
port0 = 8388; # Syncthing (WebUI)
port1 = 21027; # Syncthing (Discovery)
port2 = 22000; # Syncthing (Transfer)
};
ssl = {
cert = "${sslPath}/${syncthingName}.${domain0}/fullchain.pem";
key = "${sslPath}/${syncthingName}.${domain0}/key.pem";
};
};
vaultwarden = {
label = vaultwardenLabel;
name = vaultwardenName;
sops = {
path0 = "${sops}/${vaultwardenName}";
};
subdomain = vaultwardenName;
paths = {
path0 = "${servicePath}/${vaultwardenLabel}/BackupDir";
};
ports = {
port0 = 8085; # Vaultwarden WebUI
};
ssl = {
cert = "${sslPath}/${vaultwardenName}.${domain0}/fullchain.pem";
key = "${sslPath}/${vaultwardenName}.${domain0}/key.pem";
};
};
writefreely = let
writefreelyDomain = "blog";
in {
label = writefreelyLabel;
name = writefreelyName;
sops = {
path0 = "${sops}/${writefreelyName}";
};
subdomain = writefreelyDomain;
paths = {
path0 = "${servicePath}/${writefreelyLabel}/BackupDir";
};
ports = {
port0 = 8093;
};
ssl = {
cert = "${sslPath}/${writefreelyDomain}.${domain0}/fullchain.pem";
key = "${sslPath}/${writefreelyDomain}.${domain0}/key.pem";
};
};
};
}

62
config/user.nix Executable file
View file

@ -0,0 +1,62 @@
let
user0 = "nick";
user1 = "garnet";
user2 = "fallaryn";
user3 = "denise";
in {
inherit
user0
user1
user2
user3
;
user = {
"${user0}" = {
name = "Nick";
email = {
address0 = "nickjhiebert@proton.me";
address1 = "thenutrivore@proton.me";
address2 = "thenutrivore@the-nutrivore.social";
address3 = "noreply@vaultwarden.cloudbert.fun";
address4 = "noreply@video.the-nutrivore.social";
address5 = "noreply@source.the-nutrivore.social";
address6 = "noreply@podcast.the-nutrivore.social";
};
domain = {
url0 = "cloudbert.fun";
url1 = "the-nutrivore.social";
};
git = {
path0 = "/home/${user0}/Files/Projects";
};
dns = {
provider0 = "namecheap";
};
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBF9TmImDoYDpsW5VMFbOcuK3aH4TWRtx/xGxT3yUtEN nick@desktop"
];
};
"${user1}" = {
name = "Garnet";
email = {
address0 = "ninaeffler@gmail.com";
};
};
"${user2}" = {
name = "Fallaryn";
email = {
address0 = "staciesimonson@gmail.com";
};
sshKeys = [
];
};
"${user3}" = {
name = "Denise";
email = {
address0 = "denisehiebert@shaw.ca";
};
sshKeys = [
];
};
};
}