jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/hosts/miniserver/configuration.nix

167 lines
4.2 KiB
Nix
Raw Blame History

{ pkgs, ... }: {
imports =
[ ./servers.nix ./docker.nix ./hardware-configuration.nix ../../base.nix ];
my = {
emacs.enable = true;
apps.dictionaries.enable = true;
shell.tools.enable = true;
services.network.enable = true;
dev = {
nix.enable = true;
python.enable = true;
sh.enable = true;
};
units = {
download.enable = true;
stream-dl.enable = true;
};
scripts = {
run.enable = true;
split-dir.enable = true;
download.enable = true;
ffmpreg.enable = true;
ffmpeg4discord.enable = true;
manage-library.enable = true;
pika-list.enable = true;
find-dup-episodes.enable = true;
update-dns.enable = true;
};
servers = {
jellyfin = {
enable = true;
enableCron = false;
};
nextcloud = {
enable = false;
enableCron = false;
};
collabora.enable = false;
go-vod.enable = false;
microbin.enable = true;
};
};
fonts.fontconfig.enable = true;
networking = {
hostName = "miniserver";
firewall = let
open_firewall_ports = [
51413 # torrent sedding
9091 # qbittorrent
2049 # nfs
];
in {
allowPing = true;
allowedTCPPorts = open_firewall_ports;
allowedUDPPorts = open_firewall_ports;
};
};
nix = let
featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
in {
distributedBuilds = true;
buildMachines = [{
hostName = "workstation";
system = "x86_64-linux";
sshUser = "nixremote";
maxJobs = 14;
speedFactor = 1;
supportedFeatures = featuresList;
}];
settings = {
cores = 3;
auto-optimise-store = true;
trusted-users = [ "nixremote" ];
system-features = featuresList;
};
};
nixpkgs.config = {
allowUnfree = true;
permittedInsecurePackages = [ "openssl-1.1.1w" ];
};
security = {
rtkit.enable = true;
acme = {
acceptTerms = true;
defaults.email = "CaptainJawZ@outlook.com";
};
};
users = {
groups.nixremote.gid = 555;
users.nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICiyTwryzw8CblPldplDpVUkXD9C1fXVgO8LeXdE5cuR root@workstation"
];
};
};
environment.systemPackages = with pkgs; [ wget ];
services = {
btrfs.autoScrub.fileSystems = [ "/mnt/pool" ];
# minidlna = {
# enable = true;
# openFirewall = true;
# settings = {
# inotify = "yes";
# media_dir = [
# "/mnt/pool/glue"
# ];
# };
# };
};
systemd = {
packages = [ pkgs.qbittorrent-nox ];
services = {
"qbittorrent-nox@jawz" = {
enable = true;
overrideStrategy = "asDropin";
wantedBy = [ "multi-user.target" ];
};
};
user = {
services = {
# unpackerr = {
# enable = true;
# restartIfChanged = true;
# description = "Run unpackerr";
# wantedBy = [ "default.target" ];
# serviceConfig = {
# Restart = "on-failure";
# RestartSec = 30;
# ExecStart = "${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
# };
# };
qbit_manage = let qbit_dir = "/home/jawz/Development/Git/qbit_manage";
in {
restartIfChanged = true;
description = "Tidy up my torrents";
wantedBy = [ "default.target" ];
path = [ pkgs.python3 pkgs.pipenv ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart =
"${qbit_dir}/venv/bin/python3 ${qbit_dir}/qbit_manage.py -r -c ${qbit_dir}/config.yml";
};
};
};
timers.qbit_manage = {
enable = true;
description = "Tidy up my torrents";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink