tulg/nixdots
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

up

Browse source
This commit is contained in:
tulg 2026-05-06 16:04:54 +03:00
parent 0875e05f71
commit 8c44e6e6cc
7 changed files with 284 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

107
flake.lock generated
View file

@ -367,6 +367,27 @@
"type": "github" "type": "github"
} }
}, },
"nixarr": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"treefmt-nix": "treefmt-nix",
"vpnconfinement": "vpnconfinement",
"website-builder": "website-builder"
},
"locked": {
"lastModified": 1777926760,
"narHash": "sha256-kt2MVO9p6OS+cRntlWemfLVTx2zB27epugXLHN+2uJA=",
"owner": "nix-media-server",
"repo": "nixarr",
"rev": "55ce80165e8c2509d4e200daeaa9c2bce039c867",
"type": "github"
},
"original": {
"owner": "nix-media-server",
"repo": "nixarr",
"type": "github"
}
},
"nixos-vfio": { "nixos-vfio": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
@ -452,6 +473,22 @@
} }
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": {
"lastModified": 1775595990,
"narHash": "sha256-OEf7YqhF9IjJFYZJyuhAypgU+VsRB5lD4DuiMws5Ltc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4e92bbcdb030f3b4782be4751dc08e6b6cb6ccf2",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1777578337, "lastModified": 1777578337,
"narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=", "narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=",
@ -467,7 +504,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1777578337, "lastModified": 1777578337,
"narHash": "sha256-fN6ynMvcdwPDB09LpWJNO5ogu+HFydrBWXJywoI/NNg=", "narHash": "sha256-fN6ynMvcdwPDB09LpWJNO5ogu+HFydrBWXJywoI/NNg=",
@ -480,7 +517,7 @@
"url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz"
} }
}, },
"nixpkgs_5": { "nixpkgs_6": {
"locked": { "locked": {
"lastModified": 1777578337, "lastModified": 1777578337,
"narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=", "narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=",
@ -524,7 +561,7 @@
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_3", "systems": "systems_3",
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix_2"
}, },
"locked": { "locked": {
"lastModified": 1777773024, "lastModified": 1777773024,
@ -592,8 +629,9 @@
"disko": "disko", "disko": "disko",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nix-colors": "nix-colors", "nix-colors": "nix-colors",
"nixarr": "nixarr",
"nixos-vfio": "nixos-vfio", "nixos-vfio": "nixos-vfio",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_4",
"noctalia": "noctalia", "noctalia": "noctalia",
"quickshell": "quickshell", "quickshell": "quickshell",
"spicetify-nix": "spicetify-nix", "spicetify-nix": "spicetify-nix",
@ -604,7 +642,7 @@
}, },
"spicetify-nix": { "spicetify-nix": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_5",
"systems": "systems_4" "systems": "systems_4"
}, },
"locked": { "locked": {
@ -794,6 +832,27 @@
} }
}, },
"treefmt-nix": { "treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixarr",
"nixpkgs"
]
},
"locked": {
"lastModified": 1775125835,
"narHash": "sha256-2qYcPgzFhnQWchHo0SlqLHrXpux5i6ay6UHA+v2iH4U=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "75925962939880974e3ab417879daffcba36c4a3",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"noctalia", "noctalia",
@ -833,9 +892,45 @@
"type": "github" "type": "github"
} }
}, },
"vpnconfinement": {
"locked": {
"lastModified": 1767604552,
"narHash": "sha256-FddhMxnc99KYOZ/S3YNqtDSoxisIhVtJ7L4s8XD2u0A=",
"owner": "Maroka-chan",
"repo": "VPN-Confinement",
"rev": "a6b2da727853886876fd1081d6bb2880752937f3",
"type": "github"
},
"original": {
"owner": "Maroka-chan",
"repo": "VPN-Confinement",
"type": "github"
}
},
"website-builder": {
"inputs": {
"nixpkgs": [
"nixarr",
"nixpkgs"
]
},
"locked": {
"lastModified": 1771957511,
"narHash": "sha256-MxpsyVQguwmeN40gblvcYLtL4xiriGYB6UyP+JergpQ=",
"owner": "rasmus-kirk",
"repo": "website-builder",
"rev": "896af41c1a01f934799356f1f51cfddff2abda82",
"type": "github"
},
"original": {
"owner": "rasmus-kirk",
"repo": "website-builder",
"type": "github"
}
},
"xray-3x-ui": { "xray-3x-ui": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_6"
}, },
"locked": { "locked": {
"lastModified": 1761047979, "lastModified": 1761047979,

20
flake.nix
View file

@ -5,6 +5,7 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
spicetify-nix.url = "github:Gerg-L/spicetify-nix"; spicetify-nix.url = "github:Gerg-L/spicetify-nix";
xray-3x-ui.url = "github:sunmeplz/xray-3x-ui"; xray-3x-ui.url = "github:sunmeplz/xray-3x-ui";
nixarr.url = "github:nix-media-server/nixarr";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -52,6 +53,7 @@
agenix, agenix,
xray-3x-ui, xray-3x-ui,
deploy-rs, deploy-rs,
nixarr,
... ...
} @ inputs: let } @ inputs: let
system = "x86_64-linux"; system = "x86_64-linux";
@ -152,6 +154,24 @@
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.kittykat; path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.kittykat;
}; };
}; };
nixosConfigurations.pirate = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = {inherit inputs;};
modules = [
./hosts/pirate/configuration.nix
nixarr.nixosModules.default
agenix.nixosModules.default
inputs.disko.nixosModules.disko
];
};
deploy.nodes.pirate = {
hostname = "pirate";
profiles.system = {
sshUser = "root";
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.pirate;
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
}; };
} }

35
hosts/pirate/configuration.nix Normal file
View file

@ -0,0 +1,35 @@
{
config,
lib,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./disko.nix
./nixarr.nix
../../modules/nixos/networking/ssh.nix
../../modules/nixos/users/tulg.nix
];
networking.hostName = "pirate";
environment.systemPackages = with pkgs; [
nano
fastfetch
kitty
];
services.openssh = {
settings = {
AllowTcpForwarding = true;
X11Forwarding = true;
GatewayPorts = "yes";
};
};
programs.bash.interactiveShellInit = ''
PS1="\[\e[38;5;177m\]\u\[\e[0m\]@\[\e[38;5;220m\]\h\[\e[0m\] \[\e[38;5;33m\]\w\[\e[0m\] \$ "
'';
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
system.stateVersion = "25.05";
}

37
hosts/pirate/disko.nix Normal file
View file

@ -0,0 +1,37 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02";
priority = 1;
};
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

17
hosts/pirate/hardware-configuration.nix Normal file
View file

@ -0,0 +1,17 @@
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.loader.grub = {
enable = true;
efiSupport = true;
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

65
hosts/pirate/nixarr.nix Normal file
View file

@ -0,0 +1,65 @@
{
nixarr = {
enable = true;
# These two values are also the default, but you can set them to whatever
# else you want
# WARNING: Do _not_ set them to `/home/user/whatever`, it will not work!
mediaDir = "/data/media";
stateDir = "/data/media/.state/nixarr";
vpn = {
enable = false;
# WARNING: This file must _not_ be in the config git directory
# You can usually get this wireguard file from your VPN provider
wgConf = "/data/.secret/wg.conf";
};
jellyfin = {
enable = true;
# These options set up a nginx HTTPS reverse proxy, so you can access
# Jellyfin on your domain with HTTPS
expose.https = {
enable = true;
domainName = "your.domain.com";
acmeMail = "your@email.com"; # Required for ACME-bot
};
};
qbittorrent = {
enable = true;
#peerPort = 50000; # Set this to the port forwarded by your VPN
webuiPort = 5252; # Port for the qui WebUI (default)
openFirewall = true;
# Disable DHT/PeX for private trackers (optional)
# privateTrackers.disableDhtPex = true;
# Extra qBittorrent configuration (optional)
# See: https://github.com/qbittorrent/qBittorrent/wiki/Explanation-of-Options-in-qBittorrent
extraConfig = {
BitTorrent = {
"Session\\MaxActiveDownloads" = 3;
"Session\\MaxActiveTorrents" = 5;
};
};
};
prowlarr = {
enable = true;
openFirewall = true;
settings-sync.enable-nixarr-apps = true;
# Define tags for organizing indexers
};
# It is possible for this module to run the *Arrs through a VPN, but it
# is generally not recommended, as it can cause rate-limiting issues.
bazarr.enable = false;
lidarr.enable = false;
#prowlarr.enable = true;
radarr.enable = false;
sonarr.enable = false;
};
services.prowlarr.settings.auth.required = "DisabledForLocalAddresses";
networking.firewall.allowedTCPPorts = [6881];
}

18
hosts/virgil/hardware-configuration.nix
View file

@ -58,15 +58,15 @@
swapDevices = []; swapDevices = [];
#fileSystems."/mnt/backup" = { fileSystems."/mnt/backup" = {
# device = "/dev/disk/by-uuid/4242ad6b-4b5e-4990-bcf7-501f6099b429"; device = "/dev/disk/by-uuid/4242ad6b-4b5e-4990-bcf7-501f6099b429";
# fsType = "ext4"; fsType = "ext4";
# options = [ options = [
# "nofail" # dont block boot if missing "nofail" # dont block boot if missing
# # "x-systemd.automount" # mount on first access # "x-systemd.automount" # mount on first access
# "noatime" "noatime"
# ]; ];
# }; };
fileSystems."/mnt/hdd1tb" = { fileSystems."/mnt/hdd1tb" = {
device = "/dev/disk/by-uuid/790092e5-074b-4007-a511-cbd8aa8cc1a7"; device = "/dev/disk/by-uuid/790092e5-074b-4007-a511-cbd8aa8cc1a7";