Jimbo/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Generalize ddclient, generalize root reset, fix nextcloud, impermanence is fully working on Kitty.

Browse source
This commit is contained in:
Jimbo 2025-01-19 15:31:02 -05:00
parent 3477841a82
commit 2784173155
12 changed files with 93 additions and 82 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
hosts/kitty/filesystems/default.nix
View file

@ -4,31 +4,31 @@
"/" = { "/" = {
device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287"; device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=root" ]; options = [ "subvol=root" "compress=zstd" "noatime" "ssd" ];
}; };
"/prev" = { "/prev" = {
device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287"; device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=prev" ]; options = [ "subvol=prev" "compress=zstd" "noatime" "ssd" "noexec" ];
};
"/persist" = {
device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
fsType = "btrfs";
neededForBoot = true;
options = [ "subvol=persist" "compress=zstd" ];
}; };
"/nix" = { "/nix" = {
device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287"; device = "/dev/disk/by-uuid/b8b7ed47-c98c-4a49-af01-b2832dde1287";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nix" ]; options = [ "subvol=nix" "compress=zstd" "noatime" "ssd" ];
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-uuid/CD94-1D3F"; device = "/dev/disk/by-uuid/CD94-1D3F";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = [ "umask=0077" ];
}; };
# Subvols and bindmounts # Impermanence and subvols
"/persist" = {
device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
fsType = "btrfs";
neededForBoot = true;
options = [ "subvol=persist" "compress=zstd" "noatime" ];
};
"/export/KittyNFS" = { "/export/KittyNFS" = {
depends = [ "/persist" ]; depends = [ "/persist" ];
device = "/persist/export/KittyNFS"; device = "/persist/export/KittyNFS";

2
modules/system/accounts/users/system/nextcloud/default.nix
View file

@ -5,7 +5,7 @@
group = "nextcloud"; group = "nextcloud";
extraGroups = [ "nfsShare" ]; extraGroups = [ "nfsShare" ];
isSystemUser = true; isSystemUser = true;
uid = 995; uid = 218;
}; };
groups.nextcloud = {}; groups.nextcloud = {};
}; };

6
modules/system/devices/boot/services/root-reset/default.nix
View file

@ -2,15 +2,15 @@
{ {
boot.initrd.systemd.services.root-reset = { boot.initrd.systemd.services.root-reset = {
enable = true; enable = true;
description = "Reset root and snapshot last boot"; description = "Create new and snapshot previous root";
wantedBy = [ "initrd.target" ]; wantedBy = [ "initrd.target" ];
before = [ "sysroot.mount" ]; before = [ "sysroot.mount" ];
after = [ "dev-${config.networking.hostName}-root.device" ]; after = [ "initrd-root-device.target" ];
unitConfig.DefaultDependencies = "no"; unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
script = '' script = ''
mkdir -p /mnt mkdir -p /mnt
mount /dev/${config.networking.hostName}/root /mnt mount -t btrfs /dev/${config.networking.hostName}/root /mnt
if [[ -e /mnt/prev ]]; then if [[ -e /mnt/prev ]]; then
btrfs subvolume delete /mnt/prev btrfs subvolume delete /mnt/prev

2
modules/system/services/server/forgejo/default.nix
View file

@ -31,6 +31,8 @@
networking.firewall.allowedTCPPorts = [ 2299 ]; networking.firewall.allowedTCPPorts = [ 2299 ];
services.ddclient.domains = [ "git.${config.domains.p2}" ];
environment.persistence."/persist".directories = [ environment.persistence."/persist".directories = [
"/var/lib/forgejo" "/var/lib/forgejo"
]; ];

3
modules/system/services/server/mailserver/simplenix/default.nix
View file

@ -1,4 +1,4 @@
{ mailserver, pkgs, config, ... }: { mailserver, config, lib, pkgs, ... }:
{ {
imports = [ imports = [
./nginx ./nginx
@ -52,4 +52,5 @@
# Rspamd port from earlier to avoid overlap # Rspamd port from earlier to avoid overlap
services.redis.servers.rspamd.port = 1515; services.redis.servers.rspamd.port = 1515;
services.ddclient.domains = lib.mkIf config.mailserver.enable [ "mx.${config.domains.p1}" ];
} }

7
modules/system/services/server/minecraft/servers/blockworld/default.nix
View file

@ -1,8 +1,9 @@
{ pkgs, ... }: { config, lib, pkgs, ... }:
let let
common = import ../../common { inherit pkgs; }; common = import ../../common { inherit pkgs; };
in { in {
services.minecraft-servers.servers.blockworld = { services = {
minecraft-servers.servers.blockworld = {
autoStart = false; autoStart = false;
package = pkgs.paperServers.paper-1_21_1; package = pkgs.paperServers.paper-1_21_1;
jvmOpts = "-Xmx3072M"; jvmOpts = "-Xmx3072M";
@ -15,4 +16,6 @@ in {
symlinks = common.paperSymlinks; symlinks = common.paperSymlinks;
files = common.configFiles; files = common.configFiles;
}; };
ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.blockworld.enable [ "bloxel.${config.domains.p2}" ];
};
} }

7
modules/system/services/server/minecraft/servers/dewdemolisher/default.nix
View file

@ -1,8 +1,9 @@
{ pkgs, ... }: { config, lib, pkgs, ... }:
let let
common = import ../../common { inherit pkgs; }; common = import ../../common { inherit pkgs; };
in { in {
services.minecraft-servers.servers.dewdemolisher = { services = {
minecraft-servers.servers.dewdemolisher = {
package = pkgs.paperServers.paper-1_21_1; package = pkgs.paperServers.paper-1_21_1;
jvmOpts = "-Xmx2000M"; jvmOpts = "-Xmx2000M";
serverProperties = common.serverProperties // { serverProperties = common.serverProperties // {
@ -14,4 +15,6 @@ in {
symlinks = common.paperSymlinks; symlinks = common.paperSymlinks;
files = common.configFiles; files = common.configFiles;
}; };
ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "dew.${config.domains.p2}" ];
};
} }

7
modules/system/services/server/minecraft/servers/johnside/default.nix
View file

@ -1,8 +1,9 @@
{ pkgs, config, ... }: { config, lib, pkgs, ... }:
let let
common = import ../../common { inherit pkgs; }; common = import ../../common { inherit pkgs; };
in { in {
services.minecraft-servers.servers.johnside = { services = {
minecraft-servers.servers.johnside = {
package = pkgs.paperServers.paper-1_20_6; package = pkgs.paperServers.paper-1_20_6;
jvmOpts = "-Xmx2500M"; jvmOpts = "-Xmx2500M";
serverProperties = common.serverProperties // { serverProperties = common.serverProperties // {
@ -27,4 +28,6 @@ in {
}; };
files = common.configFiles; files = common.configFiles;
}; };
ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.johnside.enable [ "john.${config.domains.p2}" ];
};
} }

7
modules/system/services/server/minecraft/servers/roguecraft/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, config, ... }: { config, lib, pkgs, ... }:
let let
common = import ../../common { inherit pkgs; }; common = import ../../common { inherit pkgs; };
in { in {
@ -23,7 +23,10 @@ in {
}; };
}; };
}; };
nginx.virtualHosts."${config.domains.p1}".locations = {
ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable [ "rogue.${config.domains.p2}" ];
nginx.virtualHosts."${config.domains.p1}".locations = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable {
"/roguecraftdatapackredir" = { "/roguecraftdatapackredir" = {
return = "301 https://cdn.modrinth.com/data/HtKjVijx/versions/Rme4c23R/Roguecraft%201.2.6%20-%20Data%20Pack.zip"; return = "301 https://cdn.modrinth.com/data/HtKjVijx/versions/Rme4c23R/Roguecraft%201.2.6%20-%20Data%20Pack.zip";
}; };

7
modules/system/services/server/minecraft/servers/uberbeta/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { config, lib, pkgs, ... }:
let let
common = import ../../common { inherit pkgs; }; common = import ../../common { inherit pkgs; };
uberBukkitZip = pkgs.fetchzip { uberBukkitZip = pkgs.fetchzip {
@ -10,7 +10,8 @@ let
src = "${uberBukkitZip}/uberbukkit-2.0.0.jar"; src = "${uberBukkitZip}/uberbukkit-2.0.0.jar";
}); });
in { in {
services.minecraft-servers.servers.uberbeta = { services = {
minecraft-servers.servers.uberbeta = {
package = uberBukkit; package = uberBukkit;
jvmOpts = "-Xmx512M"; jvmOpts = "-Xmx512M";
serverProperties = common.serverProperties // { serverProperties = common.serverProperties // {
@ -18,4 +19,6 @@ in {
server-port = 30005; server-port = 30005;
}; };
}; };
ddclient.domains = lib.mkIf config.services.minecraft-servers.servers.uberbeta.enable [ "beta.${config.domains.p2}" ];
};
} }

3
modules/system/services/server/socialserver/matrix/coturn/default.nix
View file

@ -26,6 +26,9 @@
turn_shared_secret = config.secrets.coturnSecret; turn_shared_secret = config.secrets.coturnSecret;
turn_user_lifetime = "1h"; turn_user_lifetime = "1h";
}; };
# Sync the IP to Cloudflare
ddclient.domains = [ "git.${config.domains.p2}" ];
}; };
# Open coturn ports # Open coturn ports

10
modules/system/services/server/webserver/ddclient/default.nix
View file

@ -8,16 +8,6 @@
usev6 = ""; usev6 = "";
username = "token"; username = "token";
passwordFile = "${pkgs.writeText "cloudflareapikey" config.secrets.flareApiKey}"; passwordFile = "${pkgs.writeText "cloudflareapikey" config.secrets.flareApiKey}";
domains = [
"${config.domains.p2}"
"*.${config.domains.p2}"
"sv.${config.domains.p2}"
"git.${config.domains.p2}"
"turn.${config.domains.p2}"
"dew.${config.domains.p2}"
"john.${config.domains.p2}"
"rogue.${config.domains.p2}"
];
}; };
environment.persistence."/persist".directories = [ environment.persistence."/persist".directories = [
"/var/lib/private/ddclient" "/var/lib/private/ddclient"