marty/config.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server and other shit

Browse source
This commit is contained in:
martyTF 2026-04-11 17:21:28 +02:00
parent 270e1a0be4
commit 804371bf96
65 changed files with 1428 additions and 619 deletions
Download patch file Download diff file Expand all files Collapse all files

13
modules/server/cloud/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./immich.nix
./nextcloud.nix
];
}

70
modules/server/cloud/immich.nix Normal file
View file

@ -0,0 +1,70 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.cloud.immich = {
enable = lib.mkEnableOption "enable immich";
port = lib.mkOption {
default = 2283;
description = "immich port";
};
public = lib.mkEnableOption "public immich";
subdomain = lib.mkOption {
default = "photos";
description = "immich subdomain";
};
};
};
config = {
users =
if config.server.cloud.immich.enable then
{
users.immich = {
isSystemUser = true;
createHome = true;
home = "/var/lib/immich";
group = "immich";
extraGroups = [
"video"
"render"
];
};
groups.immich = { };
}
else
{ };
services = {
immich = {
enable = config.server.cloud.immich.enable;
port = config.server.cloud.immich.port;
host = "127.0.0.1";
machine-learning = {
enable = true;
environment = {
MACHINE_LEARNING_MODEL_TTL = "600";
MACHINE_LEARNING_REQUEST_THREADS = "4";
MACHINE_LEARNING_MODEL_INTER_OP_THREADS = "2";
};
};
};
nginx =
if config.server.cloud.immich.enable && config.server.cloud.immich.public then
{
virtualHosts."${config.server.cloud.immich.subdomain}.${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.cloud.immich.port}";
};
};
}
else
{ };
};
};
}

93
modules/server/cloud/nextcloud.nix Normal file
View file

@ -0,0 +1,93 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.cloud.nextcloud = {
enable = lib.mkEnableOption "enable nextcloud";
port = lib.mkOption {
default = 8009;
description = "nextcloud port";
};
public = lib.mkEnableOption "make nextcloud public";
subdomain = lib.mkOption {
default = "nextcloud";
description = "nextcloud subdomain";
};
};
};
config = {
services = {
nextcloud = {
enable = config.server.cloud.nextcloud.enable;
configureRedis = true;
package = pkgs.nextcloud33;
hostName = "nextcloud-net";
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
adminpassFile = "/home/marty/secrets/nextcloud";
adminuser = "admin";
};
settings = {
trusted_proxies = [
"localhost"
"127.0.0.1"
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}"
config.networking.hostName
];
trusted_domains = [
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}"
config.networking.hostName
];
skeletondirectory = "";
preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg";
log_type = "file";
logfile = "nextcloud.log";
loglevel = 0;
};
};
postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
};
nginx = {
virtualHosts = {
"nextcloud-net".listen = [
{
addr = "0.0.0.0";
port = config.server.cloud.nextcloud.port;
}
];
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" =
if config.server.cloud.nextcloud.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.cloud.nextcloud.port}";
};
}
else
{ };
};
};
};
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
};
}