tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity
nix/hardware/alpine.nix
Tristan 123e7088f5 alpine: many changes 
- updates
- snapserver
- graphana dashboards
- loki
- ddclient
- arr suite, jellyseer
- mautrix fixes
2025-01-18 00:18:11 +00:00

174 lines
4.3 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
modulesPath,
...
}: let
user = config.user;
in {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
networking.domain = "tristans.cloud";
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/979fe496-10e8-41be-97d1-3d000cd2b384";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/D8AA-8602";
fsType = "vfat";
};
fileSystems."/mnt/disk1" = {
device = "/dev/disk/by-uuid/caba0b6c-00d2-495a-8c04-67ea584f1a63";
fsType = "ext4";
};
fileSystems."/mnt/disk2" = {
device = "/dev/disk/by-uuid/e3828580-625e-4f93-974f-9c7fed99dee2";
fsType = "ext4";
};
fileSystems."/mnt/disk3" = {
device = "/dev/disk/by-uuid/28f15a05-d550-4a41-a951-244af6140831";
fsType = "ext4";
};
fileSystems."/mnt/parity1" = {
device = "/dev/disk/by-uuid/09fc062c-1a61-4e1b-802c-60f7178bc713";
fsType = "ext4";
};
environment.systemPackages = with pkgs; [
mergerfs
mergerfs-tools
python3
];
fileSystems."/mnt/storage" = {
device = "/mnt/disk1:/mnt/disk2:/mnt/disk3";
fsType = "fuse.mergerfs";
depends = ["/mnt/disk1" "/mnt/disk2" "/mnt/disk3"];
options = [
"minfreespace=50G"
"fsname=mergerfs"
"category.create=mfs"
"cache.files=auto-all"
"dropcacheonclose=true"
];
};
swapDevices = [
{device = "/dev/disk/by-uuid/27ad4809-211f-4ae9-90da-d17d9c1df271";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
# networking.interfaces.tailscale0.useDHCP = lib.mkDefault true;
networking.firewall.allowedTCPPorts = [53 80 443];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
system.stateVersion = "24.05"; # don't change.
home-manager.users.${user}.imports = [
{
home.stateVersion = "24.05";
}
];
networking.hostName = "alpine";
networking.networkmanager.insertNameservers = ["1.1.1.1" "1.0.0.1"];
services.snapraid = {
enable = true;
contentFiles = [
"/mnt/disk1/SnapRAID.content"
"/mnt/disk2/SnapRAID.content"
"/mnt/disk3/SnapRAID.content"
];
dataDisks = {
d1 = "/mnt/disk1";
d2 = "/mnt/disk2";
d3 = "/mnt/disk3";
};
exclude = ["/lost+found"];
parityFiles = [
"/mnt/parity1/SnapRAID.parity"
];
};
virtualisation.oci-containers.backend = "podman";
virtualisation = {
podman = {
enable = true;
autoPrune.enable = true;
defaultNetwork.settings.dns_enabled = true;
};
};
services.openssh = {
enable = true;
openFirewall = true;
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts = {
"cerysb.art".globalRedirect = "instagram.com/cerys.bcreates";
"*.tristans.cloud" = {
globalRedirect = "tristans.cloud";
};
"tristans.cloud" = {
default = true;
forceSSL = true;
enableACME = true;
root = "/srv/www/tristans.cloud";
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "tristan@tristans.cloud";
};
sops.secrets."namecheap" = {};
services.ddclient = {
enable = true;
protocol = "namecheap";
usev4 = "webv4, webv4=ipify-ipv4";
usev6 = "";
username = "tristans.cloud";
passwordFile = config.sops.secrets."namecheap".path;
domains = ["@" "*"];
};
services.mpd = {
musicDirectory = "/mnt/storage/media/Music";
};
services.grafana.settings.server = {
http_port = 3001; # forgejo and grafana default to 3000
};
systemd.services.NetworkManager-wait-online.enable = false;
}
View git blame Copy permalink