swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

chore: update flake
Some checks failed
Flake check / Check flake (push) Has been cancelled
Details

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-09-15 15:55:39 +02:00
parent 0848f04326
commit d0f432b717
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
25 changed files with 2787 additions and 999 deletions
Download patch file Download diff file Expand all files Collapse all files

3
modules/nixos/server/immich.nix
View file

@ -1,4 +1,4 @@
{ lib, config, globals, ... }:
{ lib, pkgs, config, globals, ... }:
let
servicePort = 3001;
serviceUser = "immich";
@ -19,6 +19,7 @@ in
services.${serviceName} = {
enable = true;
package = pkgs.stable.immich;
host = "0.0.0.0";
port = servicePort;
openFirewall = true;

2
modules/nixos/server/kanidm.nix
View file

@ -50,7 +50,7 @@ in
services = {
${serviceName} = {
package = pkgs.kanidmWithSecretProvisioning;
package = pkgs.kanidmWithSecretProvisioning_1_7;
enableServer = true;
serverSettings = {
domain = serviceDomain;

1
modules/nixos/server/nginx.nix
View file

@ -20,7 +20,6 @@ in
security.acme = {
acceptTerms = true;
preliminarySelfsigned = false;
defaults = {
inherit dnsProvider;
email = address3;

8
modules/nixos/server/settings.nix
View file

@ -15,11 +15,9 @@ in
environment.shellAliases = lib.recursiveUpdate
{
npswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
nswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch;";
npiswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
nipswitch = "cd ${flakePath}; git pull; sudo nixos-rebuild --flake .#$(hostname) switch --impure; cd -;";
niswitch = "sudo nixos-rebuild --flake ${flakePath}#$(hostname) switch --impure;";
nswitch = "cd ${flakePath}; swarsel-deploy $(hostname) switch; cd -;";
nboot = "cd ${flakePath}; swarsel-deploy $(hostname) boot; cd -;";
ndry = "cd ${flakePath}; swarsel-deploy $(hostname) dry-activate; cd -;";
}
config.swarselsystems.shellAliases;

14
modules/nixos/server/shlink.nix
View file

@ -3,6 +3,7 @@ let
servicePort = 8081;
serviceName = "shlink";
serviceDomain = config.repo.secrets.common.services.domains.${serviceName};
serviceDir = "/var/lib/shlink";
containerRev = "sha256:1a697baca56ab8821783e0ce53eb4fb22e51bb66749ec50581adc0cb6d031d7a";
@ -42,12 +43,23 @@ in
config.sops.templates.shlink-env.path
];
ports = [ "${builtins.toString servicePort}:${builtins.toString servicePort}" ];
volumes = [ ];
volumes = [
"${serviceDir}/data:/etc/shlink/data"
];
};
systemd.tmpfiles.rules = [
"d ${serviceDir}/data 0750 1001 root - -"
"d ${serviceDir}/data/cache 0750 1001 root - -"
"d ${serviceDir}/data/locks 0750 1001 root - -"
"d ${serviceDir}/data/log 0750 1001 root - -"
"d ${serviceDir}/data/proxies 0750 1001 root - -"
];
networking.firewall.allowedTCPPorts = [ servicePort ];
environment.persistence."/persist".directories = lib.mkIf config.swarselsystems.isImpermanence [
{ directory = serviceDir; }
{ directory = "/var/lib/containers"; }
];

1
modules/nixos/server/slink.nix
View file

@ -65,7 +65,6 @@ in
locations = {
"/" = {
proxyPass = "http://${serviceName}";
setOauth2Headers = false;
};
"/image" = {
proxyPass = "http://${serviceName}";