sin_serhao/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: sin_serhao:master
Branches Tags
sin_serhao:master
sin_serhao:test-deploy
..
compare: sin_serhao:test-deploy
Branches Tags
sin_serhao:master
sin_serhao:test-deploy

No commits in common. "master" and "test-deploy" have entirely different histories.
master ... test-deplo

5 changed files with 131 additions and 155 deletions
Show Stats Expand all files Collapse all files

20
.gitea/workflows/deploy.yaml
View File

@ -11,8 +11,26 @@ jobs:
name: build hive configuration name: build hive configuration
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
steps: steps:
- uses: cachix/install-nix-action@v31
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main
- name: Restore and save Nix store
uses: nix-community/cache-nix-action@v6
with:
# restore and save a cache using this key
primary-key: nix-${{ runner.os }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
# if there's no cache hit, restore a cache by this prefix
restore-prefixes-first-match: nix-${{ runner.os }}-
# collect garbage until the Nix store size (in bytes) is at most this number
# before trying to save a new cache
# 1G = 1073741824
gc-max-store-size-linux: 1G
# do purge caches
purge: true
# purge all versions of the cache
purge-prefixes: nix-${{ runner.os }}-
# created more than this number of seconds ago
purge-created: 60000
purge-primary-key: never
- name: Install SSH key - name: Install SSH key
uses: shimataro/ssh-key-action@v2 uses: shimataro/ssh-key-action@v2
with: with:

36
hosts/sin/configuration.nix
View File

@ -2,7 +2,6 @@
modulesPath, modulesPath,
lib, lib,
pkgs, pkgs,
config,
... ...
}: }:
{ {
@ -52,25 +51,18 @@
time.timeZone = "Europe/Paris"; time.timeZone = "Europe/Paris";
nix.settings.experimental-features = [ nix.settings.experimental-features = [ "nix-command" "flakes" ];
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
users.users = { users.users = {
zimablade = { zimablade = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKsu+4S+BHmypQTq2IR9y+ihvbF7sXbBznKtIjVAeHJ1 shobu@nixos" ];
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKsu+4S+BHmypQTq2IR9y+ihvbF7sXbBznKtIjVAeHJ1 shobu@nixos"
];
}; };
shobu = { shobu = {
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKsu+4S+BHmypQTq2IR9y+ihvbF7sXbBznKtIjVAeHJ1 shobu@nixos" ];
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKsu+4S+BHmypQTq2IR9y+ihvbF7sXbBznKtIjVAeHJ1 shobu@nixos"
];
}; };
}; };
@ -79,18 +71,16 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKsu+4S+BHmypQTq2IR9y+ihvbF7sXbBznKtIjVAeHJ1 shobu@nixos" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKsu+4S+BHmypQTq2IR9y+ihvbF7sXbBznKtIjVAeHJ1 shobu@nixos"
]; ];
environment.systemPackages = environment.systemPackages = map lib.lowPrio [
map lib.lowPrio [ pkgs.curl
pkgs.curl pkgs.gitMinimal
pkgs.gitMinimal ] ++ (with pkgs; [
] helix
++ (with pkgs; [ httpie
helix btop
httpie tmux
btop # firefox
tmux ]);
# firefox
]);
services = { services = {
openssh = { openssh = {

5
hosts/sin/copyparty.nix
View File

@ -1,5 +1,4 @@
{ inputs, pkgs, ... }: {inputs, pkgs, ...}: {
{
imports = [ inputs.copyparty.nixosModules.default ]; imports = [ inputs.copyparty.nixosModules.default ];
nixpkgs.overlays = [ inputs.copyparty.overlays.default ]; nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
environment.systemPackages = [ pkgs.copyparty ]; environment.systemPackages = [ pkgs.copyparty ];
@ -12,9 +11,7 @@
e2ts = true; e2ts = true;
z = true; z = true;
qr = true; qr = true;
xff-hdr = "X-Real-IP";
xff-src = "lan"; xff-src = "lan";
rproxy = 1;
http-only = true; http-only = true;
og = true; og = true;
shr = "/shares"; shr = "/shares";

21
hosts/sin/ollama.nix
View File

@ -1,21 +0,0 @@
{ inputs, ... }:
{
# virtualisation.docker = {
# enable = true;
# storageDriver = "btrfs";
# };
services.ollama = {
enable = true;
openFirewall = true;
loadModels = [ ];
acceleration = "cuda";
};
services.open-webui = {
enable = true;
openFirewall = true;
host = "0.0.0.0";
port = 8050;
};
}

196
hosts/thea/nginx.nix
View File

@ -1,16 +1,11 @@
{ inputs, ... }: {inputs, ...}:
let let
# striped-front = inputs.striped-front; # striped-front = inputs.striped-front;
sin-address = "192.168.1.14"; sin-address = "192.168.1.14";
in in {
{
networking.firewall.allowedTCPPorts = [ networking.firewall.allowedTCPPorts = [ 80 443 8448 ];
80
443
8448
];
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -18,115 +13,112 @@ in
recommendedTlsSettings = true; recommendedTlsSettings = true;
virtualHosts = virtualHosts =
let let
mkStarr = host: port: { mkStarr = host: port: {
"${host}" = { "${host}" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://${sin-address}:${port}"; proxyPass = "http://${sin-address}:${port}";
proxyWebsockets = true; proxyWebsockets = true;
extraConfig = '' extraConfig = ''
proxy_ssl_server_name on; proxy_ssl_server_name on;
proxy_read_timeout 4800s; proxy_read_timeout 4800s;
''; '';
};
}; };
}; };
in };
( in
mkStarr "jellyfin.shobu.fr" "8096" (
// mkStarr "radarr.shobu.fr" "7878" mkStarr "jellyfin.shobu.fr" "8096"
// mkStarr "sonarr.shobu.fr" "8989" // mkStarr "radarr.shobu.fr" "7878"
// mkStarr "prowlarr.shobu.fr" "9696" // mkStarr "sonarr.shobu.fr" "8989"
// mkStarr "bazarr.shobu.fr" "6767" // mkStarr "prowlarr.shobu.fr" "9696"
// mkStarr "jellyseerr.shobu.fr" "5055" // mkStarr "bazarr.shobu.fr" "6767"
// mkStarr "fileshelter.shobu.fr" "5091" // mkStarr "jellyseerr.shobu.fr" "5055"
// mkStarr "lidarr.shobu.fr" "8686" // mkStarr "fileshelter.shobu.fr" "5091"
// mkStarr "transmission.shobu.fr" "9091" // mkStarr "lidarr.shobu.fr" "8686"
// mkStarr "zimablade-admin.shobu.fr" "61208" // mkStarr "transmission.shobu.fr" "9091"
// { // mkStarr "zimablade-admin.shobu.fr" "61208"
"shobu.fr" = { // {
enableACME = true; "shobu.fr" = {
forceSSL = true; enableACME = true;
forceSSL = true;
root = "${inputs.shoblog-front.packages.x86_64-linux.default}/dist"; root = "${inputs.shoblog-front.packages.x86_64-linux.default}/dist";
};
"data.shobu.fr" = {
enableACME = true;
forceSSL = true;
root = "/mnt/shares/data";
};
"bddtrans.shobu.fr" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://${sin-address}:8001";
extraConfig = ''
proxy_ssl_server_name on;
'';
}; };
"data.shobu.fr" = { };
enableACME = true; "bddtrans-api.shobu.fr" = {
forceSSL = true; enableACME = true;
forceSSL = true;
root = "/mnt/shares/data"; locations."/" = {
};
"bddtrans.shobu.fr" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://${sin-address}:8001";
extraConfig = ''
proxy_ssl_server_name on;
'';
};
};
"bddtrans-api.shobu.fr" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://${sin-address}:8000"; proxyPass = "http://${sin-address}:8000";
proxyWebsockets = true; proxyWebsockets = true;
extraConfig = '' extraConfig = ''
proxy_ssl_server_name on; proxy_ssl_server_name on;
''; '';
};
}; };
# "striped.shobu.fr" = { };
# enableACME = true; # "striped.shobu.fr" = {
# forceSSL = true; # enableACME = true;
# forceSSL = true;
# root = "${striped-front.packages.x86_64-linux.default}/dist"; # root = "${striped-front.packages.x86_64-linux.default}/dist";
# }; # };
"dashboard.shobu.fr" = { "dashboard.shobu.fr" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://${sin-address}:8082"; proxyPass = "http://${sin-address}:8082";
};
}; };
"git.shobu.fr" = { };
enableACME = true; "git.shobu.fr" = {
forceSSL = true; enableACME = true;
forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://${sin-address}:3000"; proxyPass = "http://${sin-address}:3000";
};
}; };
"files.shobu.fr" = { };
enableACME = true; "files.shobu.fr" = {
forceSSL = true; enableACME = true;
forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://${sin-address}:8086"; proxyPass = "http://${sin-address}:8086";
extraConfig = ''
proxy_set_header X-Real-IP $remote_addr;
'';
};
}; };
# "matrix.shobu.fr" = { };
# forceSSL = true; # "matrix.shobu.fr" = {
# enableACME = true; # forceSSL = true;
# locations."/".extraConfig = '' # enableACME = true;
# return 404; # locations."/".extraConfig = ''
# ''; # return 404;
# locations."/_matrix".proxyPass = "http://${sin-address}:8008"; # '';
# locations."/_synapse/client".proxyPass = "http://${sin-address}:8008"; # locations."/_matrix".proxyPass = "http://${sin-address}:8008";
# locations."/.well-known/matrix/server".proxyPass = "http://${sin-address}:8008/.well-known/matrix/server"; # locations."/_synapse/client".proxyPass = "http://${sin-address}:8008";
# }; # locations."/.well-known/matrix/server".proxyPass = "http://${sin-address}:8008/.well-known/matrix/server";
} # };
); }
);
}; };
security.acme = { security.acme = {