bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

--wip-- [skip ci]

Browse source
This commit is contained in:
Filippo Berto 2024-06-01 09:16:26 +02:00
parent ff364a3009
commit fb0945a10e
4 changed files with 313 additions and 313 deletions
Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -209,6 +209,7 @@
system = "x86_64-linux";
modules = commonModules ++ [
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-pc-ssd
./modules/nixos/server

16
instances/baldur/configuration.nix
View file

@ -39,16 +39,6 @@
time.timeZone = "Europe/Rome";
services = {
grafana = {
enable = true;
settings = {
server = {
http_addr = "127.0.0.1";
domain = "bertof.net";
root_url = "https://grafana.bertof.net/";
};
};
};
fail2ban = {
enable = true;
bantime-increment.enable = true;
@ -116,9 +106,11 @@
};
"grafana.bertof.net" = ssl // {
locations."/" = {
proxyPass = "http://${toString config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}";
proxyPass = "http://heimdall.tsn:3000/";
proxyWebsockets = true;
recommendedProxySettings = true;
extraConfig = ''
client_max_body_size 5g;
'';
};
};
"radarr.bertof.net" = ssl // { locations."/" = { proxyPass = "http://heimdall.tsn:7878/"; proxyWebsockets = true; }; };

570
instances/heimdall/configuration.nix
View file

@ -1,4 +1,8 @@
{ pkgs, ... }: {
{ pkgs, config, ... }:
let
hosts = import ../../hosts.nix;
in
{
# age.secrets = {
# ntfy-freya = { file = ../../secrets/ntfy-freya.age; owner = "bertof"; };
# };
@ -57,6 +61,8 @@
'';
services = {
grafana = { enable = true; settings.server = { http_addr = "0.0.0.0"; domain = "bertof.net"; root_url = "https://grafana.bertof.net/"; }; };
# avahi = {
# enable = true;
# openFirewall = true;
@ -80,288 +86,288 @@
# # };
#
# fail2ban = { enable = true; bantime-increment.enable = true; };
# plex = { enable = true; openFirewall = true; group = "users"; };
# # jellyfin = { enable = true; openFirewall = true; group = "users"; };
#
# home-assistant = {
# enable = true;
# openFirewall = true;
# config = {
# default_config = { };
#
# homeassistant = {
# name = "Casa";
# latitude = "!secret home-latitude";
# longitude = "!secret home-longitude";
# country = "IT";
# elevation = 24;
# unit_system = "metric";
# time_zone = "Europe/Rome";
# external_url = "https://hass.bertof.net";
# allowlist_external_dirs = [ "/tmp" ];
# };
#
# http = {
# use_x_forwarded_for = true;
# trusted_proxies = [
# # hosts.zerotier.ipv4."baldur.zto"
# hosts.tailscale.ipv4."baldur.tsn"
# "::1"
# "127.0.0.1"
# ];
# };
#
# automation = "!include automations.yaml";
# scene = "!include scenes.yaml";
# alert = "!include alerts.yaml";
#
# # alarm_control_panel = {
# # platform = "manual";
# # code = "!secret alarm_code";
# # trigger_time = 60;
# # };
#
# assist_pipeline = { };
# # bluetooth = { };
# camera = [
# # { platform = "local_file"; file_path = "/tmp/doods_camera_camera_cancello.jpg"; name = "File DOODS2 Camera cancello"; }
# # { platform = "local_file"; file_path = "/tmp/doods_camera_camera_vialetto.jpg"; name = "File DOODS2 Camera vialetto"; }
# # { platform = "local_file"; file_path = "/tmp/doods_camera_camera_garage.jpg"; name = "File DOODS2 Camera garage"; }
# ];
# cloud = { };
# config = { };
# # device_tracker = [{
# # platform = "bluetooth_tracker";
# # request_rssi = true;
# # }];
# image_processing = [
# # {
# # platform = "doods";
# # url = "http://localhost:8080";
# # detector = "default";
# # source = [
# # { entity_id = "camera.camera_camera_cancello"; name = "DOODS2 Camera cancello"; }
# # { entity_id = "camera.camera_camera_vialetto"; name = "DOODS2 Camera vialetto"; }
# # { entity_id = "camera.camera_camera_garage"; name = "DOODS2 Camera garage"; }
# # ];
# # confidence = 60;
# # file_out = "/tmp/doods_{{ camera_entity.split('.')[1] }}.jpg";
# # scan_interval = 5;
# # labels = [ "bicycle" "car" "cat" "dog" "person" "truck" ];
# # }
# ];
# # esphome = { };
# frontend = { };
# google_assistant = {
# project_id = "home-assistant-390217";
# report_state = true;
# service_account = "!include google-service-account.json";
# exposed_domains = [
# "alarm_control_panel"
# "button"
# "camera"
# "climate"
# "cover"
# "fan"
# "group"
# "humidifier"
# "input_boolean"
# "input_button"
# "input_select"
# "light"
# "lock"
# "media_player"
# "scene"
# "script"
# "select"
# "sensor"
# "switch"
# "vacuum"
# ];
# };
# history = { };
# logbook = { };
# # logger.default = "debug";
# logger.default = "info";
# # "map" = { };
# mobile_app = { };
# notify = [
# # { platform = "telegram"; name = "t_filippo"; chat_id = "!secret filippo_t_chat_id"; }
# # { platform = "telegram"; name = "t_famiglia"; chat_id = "!secret famiglia_t_chat_id"; }
# ];
# recorder.purge_keep_days = 30;
# script = "!include scripts.yaml";
# sensor = [
# # {
# # platform = "systemmonitor";
# # resources = [
# # { type = "disk_use_percent"; }
# # { type = "disk_use"; }
# # { type = "disk_free"; }
# # { type = "memory_use_percent"; }
# # { type = "memory_use"; }
# # { type = "memory_free"; }
# # { type = "swap_use_percent"; }
# # { type = "swap_use"; }
# # { type = "swap_free"; }
# # { type = "load_1m"; }
# # { type = "load_5m"; }
# # { type = "load_15m"; }
# # { type = "network_in"; arg = "eno1"; }
# # { type = "network_out"; arg = "eno1"; }
# # { type = "throughput_network_in"; arg = "eno1"; }
# # { type = "throughput_network_out"; arg = "eno1"; }
# # { type = "packets_in"; arg = "eno1"; }
# # { type = "packets_out"; arg = "eno1"; }
# # { type = "ipv4_address"; arg = "eno1"; }
# # { type = "ipv6_address"; arg = "eno1"; }
# # { type = "network_in"; arg = "ztmjfdwjkp"; }
# # { type = "network_out"; arg = "ztmjfdwjkp"; }
# # { type = "throughput_network_in"; arg = "ztmjfdwjkp"; }
# # { type = "throughput_network_out"; arg = "ztmjfdwjkp"; }
# # { type = "packets_in"; arg = "ztmjfdwjkp"; }
# # { type = "packets_out"; arg = "ztmjfdwjkp"; }
# # { type = "ipv4_address"; arg = "ztmjfdwjkp"; }
# # { type = "ipv6_address"; arg = "ztmjfdwjkp"; }
# # { type = "processor_use"; }
# # { type = "processor_temperature"; }
# # # { type = "process"; arg = "octave-cli"; }
# # { type = "last_boot"; }
# # ];
# # }
# ];
# shopping_list = { };
# sun = { };
# system_health = { };
# # telegram_bot = [{
# # # platform = "polling";
# # platform = "webhooks";
# # api_key = "!secret telegram_api_key";
# # allowed_chat_ids = [
# # "!secret filippo_t_chat_id"
# # "!secret famiglia_t_chat_id"
# # ];
# # }];
# tts = [{
# platform = "google_translate";
# language = "it";
# # tld = "it";
# }];
# };
# configDir = "/var/lib/hass";
# configWritable = true;
# extraPackages = ps: with ps; [ securetar ];
# extraComponents = [
# "default_config"
#
# # "accuweather"
# "alert"
# "analytics"
# "androidtv"
# "androidtv_remote"
# "bayesian"
# "binary_sensor"
# "blueprint"
# "bluetooth_le_tracker"
# # "bluetooth_tracker"
# "button"
# "camera"
# "cast"
# "caldav"
# "calendar"
# "citybikes"
# "configurator"
# # "coronavirus"
# "cover"
# "default_config"
# "derivative"
# "device_automation"
# "device_sun_light_trigger"
# "device_tracker"
# "dlib_face_detect"
# "dlib_face_identify"
# "dlna_dmr"
# "dlna_dms"
# "esphome"
# "flux"
# "gdacs"
# "google"
# "google_translate"
# "group"
# "hassio"
# "jellyfin"
# "local_file"
# "media_player"
# "met"
# "meteoalarm"
# "network"
# # "nextcloud"
# "nmap_tracker"
# "open_meteo"
# "notify"
# "ping"
# "plex"
# "proximity"
# "radarr"
# "radio_browser"
# "random"
# "scene"
# "schedule"
# "script"
# "sonarr"
# "speedtestdotnet"
# "spotify"
# "tcp"
# # "telegram"
# # "telegram_bot"
# "template"
# "threshold"
# "transmission"
# "tod" # times of the day
# "trend"
# # "tuya"
# "upnp"
# "wake_on_lan"
# "wled"
# "workday"
# "zha"
# "zoneminder"
# ];
# };
#
# prometheus = {
# enable = true;
# exporters = {
# node = { enable = true; enabledCollectors = [ "systemd" ]; };
# process = {
# enable = true;
# settings.process_names = [
# # Remove nix store path from process name
# { name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
# ];
# };
# systemd.enable = true;
# };
# globalConfig = {
# scrape_interval = "5s";
# };
# scrapeConfigs = [
# {
# job_name = "node";
# static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }];
# }
# {
# job_name = "process";
# static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }];
# }
# {
# job_name = "systemd";
# static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }];
# }
# ];
# retentionTime = "15d";
# };
plex = { enable = true; openFirewall = true; group = "users"; };
# jellyfin = { enable = true; openFirewall = true; group = "users"; };
#
home-assistant = {
enable = true;
openFirewall = true;
config = {
default_config = { };
homeassistant = {
name = "Casa";
latitude = "!secret home-latitude";
longitude = "!secret home-longitude";
country = "IT";
elevation = 24;
unit_system = "metric";
time_zone = "Europe/Rome";
external_url = "https://hass.bertof.net";
allowlist_external_dirs = [ "/tmp" ];
};
http = {
use_x_forwarded_for = true;
trusted_proxies = [
# hosts.zerotier.ipv4."baldur.zto"
hosts.tailscale.ipv4."baldur.tsn"
"::1"
"127.0.0.1"
];
};
automation = "!include automations.yaml";
scene = "!include scenes.yaml";
alert = "!include alerts.yaml";
# alarm_control_panel = {
# platform = "manual";
# code = "!secret alarm_code";
# trigger_time = 60;
# };
assist_pipeline = { };
# bluetooth = { };
camera = [
# { platform = "local_file"; file_path = "/tmp/doods_camera_camera_cancello.jpg"; name = "File DOODS2 Camera cancello"; }
# { platform = "local_file"; file_path = "/tmp/doods_camera_camera_vialetto.jpg"; name = "File DOODS2 Camera vialetto"; }
# { platform = "local_file"; file_path = "/tmp/doods_camera_camera_garage.jpg"; name = "File DOODS2 Camera garage"; }
];
cloud = { };
config = { };
# device_tracker = [{
# platform = "bluetooth_tracker";
# request_rssi = true;
# }];
image_processing = [
# {
# platform = "doods";
# url = "http://localhost:8080";
# detector = "default";
# source = [
# { entity_id = "camera.camera_camera_cancello"; name = "DOODS2 Camera cancello"; }
# { entity_id = "camera.camera_camera_vialetto"; name = "DOODS2 Camera vialetto"; }
# { entity_id = "camera.camera_camera_garage"; name = "DOODS2 Camera garage"; }
# ];
# confidence = 60;
# file_out = "/tmp/doods_{{ camera_entity.split('.')[1] }}.jpg";
# scan_interval = 5;
# labels = [ "bicycle" "car" "cat" "dog" "person" "truck" ];
# }
];
# esphome = { };
frontend = { };
google_assistant = {
project_id = "home-assistant-390217";
report_state = true;
service_account = "!include google-service-account.json";
exposed_domains = [
"alarm_control_panel"
"button"
"camera"
"climate"
"cover"
"fan"
"group"
"humidifier"
"input_boolean"
"input_button"
"input_select"
"light"
"lock"
"media_player"
"scene"
"script"
"select"
"sensor"
"switch"
"vacuum"
];
};
history = { };
logbook = { };
# logger.default = "debug";
logger.default = "info";
# "map" = { };
mobile_app = { };
notify = [
# { platform = "telegram"; name = "t_filippo"; chat_id = "!secret filippo_t_chat_id"; }
# { platform = "telegram"; name = "t_famiglia"; chat_id = "!secret famiglia_t_chat_id"; }
];
recorder.purge_keep_days = 30;
script = "!include scripts.yaml";
sensor = [
# {
# platform = "systemmonitor";
# resources = [
# { type = "disk_use_percent"; }
# { type = "disk_use"; }
# { type = "disk_free"; }
# { type = "memory_use_percent"; }
# { type = "memory_use"; }
# { type = "memory_free"; }
# { type = "swap_use_percent"; }
# { type = "swap_use"; }
# { type = "swap_free"; }
# { type = "load_1m"; }
# { type = "load_5m"; }
# { type = "load_15m"; }
# { type = "network_in"; arg = "eno1"; }
# { type = "network_out"; arg = "eno1"; }
# { type = "throughput_network_in"; arg = "eno1"; }
# { type = "throughput_network_out"; arg = "eno1"; }
# { type = "packets_in"; arg = "eno1"; }
# { type = "packets_out"; arg = "eno1"; }
# { type = "ipv4_address"; arg = "eno1"; }
# { type = "ipv6_address"; arg = "eno1"; }
# { type = "network_in"; arg = "ztmjfdwjkp"; }
# { type = "network_out"; arg = "ztmjfdwjkp"; }
# { type = "throughput_network_in"; arg = "ztmjfdwjkp"; }
# { type = "throughput_network_out"; arg = "ztmjfdwjkp"; }
# { type = "packets_in"; arg = "ztmjfdwjkp"; }
# { type = "packets_out"; arg = "ztmjfdwjkp"; }
# { type = "ipv4_address"; arg = "ztmjfdwjkp"; }
# { type = "ipv6_address"; arg = "ztmjfdwjkp"; }
# { type = "processor_use"; }
# { type = "processor_temperature"; }
# # { type = "process"; arg = "octave-cli"; }
# { type = "last_boot"; }
# ];
# }
];
shopping_list = { };
sun = { };
system_health = { };
# telegram_bot = [{
# # platform = "polling";
# platform = "webhooks";
# api_key = "!secret telegram_api_key";
# allowed_chat_ids = [
# "!secret filippo_t_chat_id"
# "!secret famiglia_t_chat_id"
# ];
# }];
tts = [{
platform = "google_translate";
language = "it";
# tld = "it";
}];
};
configDir = "/var/lib/hass";
configWritable = true;
extraPackages = ps: with ps; [ securetar ];
extraComponents = [
"default_config"
# "accuweather"
"alert"
"analytics"
"androidtv"
"androidtv_remote"
"bayesian"
"binary_sensor"
"blueprint"
"bluetooth_le_tracker"
# "bluetooth_tracker"
"button"
"camera"
"cast"
"caldav"
"calendar"
"citybikes"
"configurator"
# "coronavirus"
"cover"
"default_config"
"derivative"
"device_automation"
"device_sun_light_trigger"
"device_tracker"
"dlib_face_detect"
"dlib_face_identify"
"dlna_dmr"
"dlna_dms"
"esphome"
"flux"
"gdacs"
"google"
"google_translate"
"group"
"hassio"
"jellyfin"
"local_file"
"media_player"
"met"
"meteoalarm"
"network"
# "nextcloud"
"nmap_tracker"
"open_meteo"
"notify"
"ping"
"plex"
"proximity"
"radarr"
"radio_browser"
"random"
"scene"
"schedule"
"script"
"sonarr"
"speedtestdotnet"
"spotify"
"tcp"
# "telegram"
# "telegram_bot"
"template"
"threshold"
"transmission"
"tod" # times of the day
"trend"
# "tuya"
"upnp"
"wake_on_lan"
"wled"
"workday"
"zha"
"zoneminder"
];
};
prometheus = {
enable = true;
exporters = {
node = { enable = true; enabledCollectors = [ "systemd" ]; };
process = {
enable = true;
settings.process_names = [
# Remove nix store path from process name
{ name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
];
};
systemd.enable = true;
};
globalConfig = {
scrape_interval = "5s";
};
scrapeConfigs = [
{
job_name = "node";
static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }];
}
{
job_name = "process";
static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }];
}
{
job_name = "systemd";
static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }];
}
];
retentionTime = "15d";
};
# snapper.configs =
# let
# common = { TIMELINE_CREATE = true; TIMELINE_CLEANUP = true; };

39
modules/nixos/nextcloud.nix
View file

@ -15,7 +15,7 @@ in
services.nextcloud = {
enable = true;
package = pkgs.nextcloud28;
package = pkgs.nextcloud29;
hostName = "my-nextcloud.bertof.net";
maxUploadSize = "24G";
@ -24,25 +24,26 @@ in
database.createLocally = true;
extraApps = {
inherit (pkgs.nextcloud28Packages.apps) mail calendar contact;
};
# extraApps = {
# inherit (pkgs.nextcloud28Packages.apps) mail calendar contacts;
# };
appstoreEnable = false;
autoUpdateApps.enable = true;
extraOptions.enabledPreviewProviders = [
"OC\\Preview\\BMP"
"OC\\Preview\\GIF"
"OC\\Preview\\JPEG"
"OC\\Preview\\Krita"
"OC\\Preview\\MarkDown"
"OC\\Preview\\MP3"
"OC\\Preview\\OpenDocument"
"OC\\Preview\\PNG"
"OC\\Preview\\TXT"
"OC\\Preview\\XBitmap"
"OC\\Preview\\HEIC" # Enable preview of HEIC/HEIF images (others are default)
"OC\\Preview\\EMF"
];
# autoUpdateApps.enable = true;
# extraOptions.enabledPreviewProviders = [
# "OC\\Preview\\BMP"
# "OC\\Preview\\GIF"
# "OC\\Preview\\JPEG"
# "OC\\Preview\\Krita"
# "OC\\Preview\\MarkDown"
# "OC\\Preview\\MP3"
# "OC\\Preview\\OpenDocument"
# "OC\\Preview\\PNG"
# "OC\\Preview\\TXT"
# "OC\\Preview\\XBitmap"
# "OC\\Preview\\HEIC" # Enable preview of HEIC/HEIF images (others are default)
# "OC\\Preview\\EMF"
# ];
config = {
trustedProxies = [