marty/config.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of https://git.marty.tf/marty/config.nix

Browse source
This commit is contained in:
martyTF 2026-04-11 17:37:29 +02:00
commit 540ac42eac
20 changed files with 475 additions and 211 deletions
Download patch file Download diff file Expand all files Collapse all files

39
modules/desktop/display-manager.nix
View file

@ -30,35 +30,34 @@
programs = {
uwsm = {
enable = true;
waylandCompositors = {
hyprland =
if config.desktop.window-managers.hyprland.enable then
{
waylandCompositors =
if config.desktop.window-managers.hyprland.enable then
{
hyprland = {
prettyName = "Hyprland";
comment = "Hyprland";
binPath = "${config.programs.hyprland.package}/bin/start-hyprland";
}
else
{ };
sway =
if config.desktop.window-managers.sway.enable then
{
};
}
else if config.desktop.window-managers.sway.enable then
{
sway = {
prettyName = "Sway";
comment = "Sway";
binPath = "${config.programs.sway.package}/bin/sway --session";
}
else
{ };
niri =
if config.desktop.window-managers.niri.enable then
{
};
}
else if config.desktop.window-managers.niri.enable then
{
niri = {
prettyName = "Niri";
comment = "Niri";
binPath = "${config.programs.niri.package}/bin/niri-session";
}
else
{ };
};
};
}
else
{ };
};
};
xdg.portal.enable = true;

1
modules/server/cloud/default.nix
View file

@ -8,5 +8,6 @@
{
imports = [
./immich.nix
./nextcloud.nix
];
}

93
modules/server/cloud/nextcloud.nix Normal file
View file

@ -0,0 +1,93 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.cloud.nextcloud = {
enable = lib.mkEnableOption "enable nextcloud";
port = lib.mkOption {
default = 8009;
description = "nextcloud port";
};
public = lib.mkEnableOption "make nextcloud public";
subdomain = lib.mkOption {
default = "nextcloud";
description = "nextcloud subdomain";
};
};
};
config = {
services = {
nextcloud = {
enable = config.server.cloud.nextcloud.enable;
configureRedis = true;
package = pkgs.nextcloud33;
hostName = "nextcloud-net";
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
adminpassFile = "/home/marty/secrets/nextcloud";
adminuser = "admin";
};
settings = {
trusted_proxies = [
"localhost"
"127.0.0.1"
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}"
config.networking.hostName
];
trusted_domains = [
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}"
config.networking.hostName
];
skeletondirectory = "";
preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg";
log_type = "file";
logfile = "nextcloud.log";
loglevel = 0;
};
};
postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
};
nginx = {
virtualHosts = {
"nextcloud-net".listen = [
{
addr = "0.0.0.0";
port = config.server.cloud.nextcloud.port;
}
];
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" =
if config.server.cloud.nextcloud.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.cloud.nextcloud.port}";
};
}
else
{ };
};
};
};
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
};
}

1
modules/server/media/default.nix
View file

@ -8,5 +8,6 @@
{
imports = [
./jellyfin.nix
./navidrome.nix
];
}

66
modules/server/media/navidrome.nix Normal file
View file

@ -0,0 +1,66 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.media.navidrome = {
enable = lib.mkEnableOption "enable navidrome";
port = lib.mkOption {
default = 4533;
description = "navidrome port";
};
public = lib.mkEnableOption "make navidrome public";
subdomain = lib.mkOption {
default = "music";
description = "navidrome subdomain";
};
};
};
config = {
services = {
navidrome = {
enable = config.server.media.navidrome.enable;
user = config.user.userName;
group = "users";
settings = {
Address = "0.0.0.0";
Port = config.server.media.navidrome.port;
MusicFolder = "/mnt/Data/Media/Music";
Agents = "lastfm";
AlbumPlayCountMode = "normalized";
EnableDownloads = true;
EnableFavourites = true;
EnableNowPlaying = true;
EnableStarRating = true;
EnableUserEditing = true;
LastFM.Enabled = true;
LastFM.Language = "en";
LastFM.ScrobbleFirstArtistOnly = false;
ListenBrainz.Enabled = true;
Scanner.Enabled = true;
Scanner.Schedule = "1h";
Subsonic.ArtistParticipations = true;
};
};
nginx = {
virtualHosts = {
"${config.server.media.navidrome.subdomain}.${config.networking.domain}" =
if config.server.media.navidrome.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.media.navidrome.port}";
};
}
else
{ };
};
};
};
};
}

31
modules/server/misc/lauti.nix
View file

@ -21,29 +21,32 @@
};
};
config = {
services = {
eintopf = {
lauti = {
enable = config.server.misc.lauti.enable;
settings = {
LAUTI_ADMIN_EMAIL = "test@example.org";
LAUTI_BASE_URL = "https://freising.space";
LAUTI_OSM_TILE_CACHE_DIR = "/var/lib/eintopf/osm";
LAUTI_ADMIN_EMAIL = "lauti@${config.networking.domain}";
LAUTI_BASE_URL = "https://${config.server.misc.lauti.subdomain}.${config.networking.domain}";
LAUTI_OSM_TILE_CACHE_DIR = "/var/lib/lauti/osm";
LAUTI_OSM_TILE_SERVER = "https://tile.openstreetmap.org/{z}/{x}/{y}.png";
LAUTI_TIMEZONE = "Europe/Berlin";
LAUTI_LANGUAGE = "en";
LAUTI_LANGUAGE = config.console.keyMap;
};
secrets = [ /etc/lauti-secrets ];
secrets = [ /home/${config.user.userName}/secrets/lauti ];
};
nginx = {
virtualHosts = {
${"freising.space"} = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3333";
};
};
"${config.server.misc.lauti.subdomain}.${config.networking.domain}" =
if config.server.misc.lauti.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.misc.lauti.port}";
};
}
else
{ };
};
};
};

1
modules/server/social/synapse.nix
View file

@ -57,6 +57,7 @@ in
media_store_path = "/mnt/Data/Matrix/Media";
max_upload_size = "10G";
enable_registration = false;
registration_shared_secret = "";
generic = {
enabled = true;
outbound = true;

81
modules/system/networking.nix
View file

@ -1,43 +1,60 @@
{ config, pkgs, ... }:
{
config,
pkgs,
lib,
...
}:
{
networking = {
domain = "marty.tf";
networkmanager.enable = true;
firewall = {
enable = true;
allowedUDPPorts = [
config.services.tailscale.port
53317
16261
16262
];
allowedTCPPorts = [
53317
16261
16262
];
trustedInterfaces = [ "tailscale0" ];
options = {
system.hostname = lib.mkOption {
default = "${config.user.userName}-device";
description = "hostname";
};
};
services = {
tailscale = {
enable = true;
extraSetFlags = [
"--ssh"
];
config = {
networking = {
domain = "marty.tf";
hostName = config.system.hostname;
networkmanager.enable = true;
firewall = {
enable = true;
allowedUDPPorts = [
config.services.tailscale.port
53317
16261
16262
];
allowedTCPPorts = [
53317
16261
16262
];
trustedInterfaces = [ "tailscale0" ];
};
};
};
hardware = {
bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Experimental = true;
services = {
tailscale = {
enable = true;
extraSetFlags = [
"--ssh"
];
};
};
hardware = {
bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Experimental = true;
};
};
};
};
environment.systemPackages = with pkgs; [
oniux
];
};
environment.systemPackages = with pkgs; [
oniux