mc-fucker/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added nasty system config

Browse source
This commit is contained in:
mc-fucker 2024-08-28 00:00:10 +02:00
parent a93d9736a9
commit 9eb125dad1
5 changed files with 398 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
systems/nasty/configuration.nix Normal file
View file

@ -0,0 +1,65 @@
{ config, lib, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
./modules/generic.nix
./modules/physical.nix
./modules/borg-serve.nix
./modules/jellyfin.nix
./modules/arrstack.nix
./modules/authentik-proxy.nix
./modules/stash.nix
#./modules/nextcloud-aio.nix
./samba.nix
./modules/navidrome.nix
./modules/feishin.nix
./modules/tvproxy.nix
./modules/calibre-web.nix
./modules/borg.nix
];
system.autoUpgrade = {
allowReboot = false;
};
sops.secrets."authentik/proxy/nasty" = {};
services.authentik-proxy.token = builtins.readFile config.sops.secrets."authentik/proxy/nasty".path;
environment.systemPackages = with pkgs; [
mediainfo
mergerfs
mergerfs-tools
filezilla
firefox
ffmpeg_6-full
_7zz
];
programs.fuse.userAllowOther = true;
users.users.mc-fucker.extraGroups = [ "render" ];
zramSwap.memoryPercent = 50;
programs.atop.netatop.enable = false;
programs.java.enable = true;
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
xfce.enable = true;
};
};
services.xrdp = {
enable = true;
defaultWindowManager = "xfce4-session";
};
#system.stateVersion = "24.11";
}
# vim: set et ts=2 sw=2 ai:

130
systems/nasty/drives.nix Normal file
View file

@ -0,0 +1,130 @@
{ ... }:
{
environment.etc.crypttab = {
text = ''
1EJZN6MZ UUID=8264b529-17a9-4167-8e34-3774b5074a4e /var/lib/keyfiles/8264b529-17a9-4167-8e34-3774b5074a4e nofail
1EKR513Z UUID=80483157-7aa4-42a4-af5d-bbd7474a29b3 /var/lib/keyfiles/80483157-7aa4-42a4-af5d-bbd7474a29b3 nofail
1EKVK21Z UUID=438e7e6b-4faa-4fc5-b7ba-3d7af0c9e184 /var/lib/keyfiles/438e7e6b-4faa-4fc5-b7ba-3d7af0c9e184 nofail
43P0A00AFJDH UUID=eff697b4-86bc-4a0e-833f-cc40e6aa001e /var/lib/keyfiles/eff697b4-86bc-4a0e-833f-cc40e6aa001e nofail
43P0A00FFJDH UUID=eae95261-2600-4935-93ba-6cd8e54773e0 /var/lib/keyfiles/eae95261-2600-4935-93ba-6cd8e54773e0 nofail
53F0A0SBFJDH UUID=f443a535-ca5a-4093-9f29-6ab0699e3527 /var/lib/keyfiles/f443a535-ca5a-4093-9f29-6ab0699e3527 nofail
53G0A2AXFJDH UUID=2fc7874c-ef0e-41d7-85f6-a8364041c51b /var/lib/keyfiles/2fc7874c-ef0e-41d7-85f6-a8364041c51b nofail
53J0A016FJDH UUID=95f84b21-d3d3-4241-8a9b-5ac46afea1e1 /var/lib/keyfiles/95f84b21-d3d3-4241-8a9b-5ac46afea1e1 nofail
92F0A079FJDH UUID=b915263e-082d-4954-845d-4bdf4fbf049a /var/lib/keyfiles/b915263e-082d-4954-845d-4bdf4fbf049a nofail
X2N0A0AXFJDH UUID=60e3e109-d7e0-4587-ba08-ba69eb6cd957 /var/lib/keyfiles/60e3e109-d7e0-4587-ba08-ba69eb6cd957 nofail
X2N0A0AZFJDH UUID=d57c6d8f-26cd-4387-8aaa-37dcedb1eadf /var/lib/keyfiles/d57c6d8f-26cd-4387-8aaa-37dcedb1eadf nofail
ZA1D9307 UUID=4d4621d3-0b75-4779-8548-a4836e68469e /var/lib/keyfiles/4d4621d3-0b75-4779-8548-a4836e68469e nofail
'';
#unused
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/ad716602-9e0d-4c07-9fb5-e15cb6df3004";
fsType = "ext4";
#options = [ "compress-force=zstd" ];
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/2427-55B1";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
"/mnt/drives/1EJZN6MZ" = {
label = "1EJZN6MZ";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/1EKR513Z" = {
label = "1EKR513Z";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/1EKVK21Z" = {
label = "1EKVK21Z";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/53F0A0SBFJDH" = {
label = "53F0A0SBFJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/53G0A2AXFJDH" = {
label = "53G0A2AXFJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/53J0A016FJDH" = {
label = "53J0A016FJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/92F0A079FJDH" = {
label = "92F0A079FJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/43P0A00FFJDH" = {
label = "43P0A00FFJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/43P0A00AFJDH" = {
label = "43P0A00AFJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/X2N0A0AXFJDH" = {
label = "X2N0A0AXFJDH";
fsType = "ext4";
options = [ "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/X2N0A0AZFJDH" = {
label = "X2N0A0AZFJDH";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/drives/ZA1D9307" = {
label = "ZA1D9307";
fsType = "btrfs";
options = [ "compress-force=zstd" "nofail" "x-systemd.mount-timeout=5m" ];
};
"/mnt/mergerfs" = {
device = "/mnt/drives/X2N0A0AXFJDH:/mnt/drives/92F0A079FJDH:/mnt/drives/43P0A00FFJDH:/mnt/drives/43P0A00AFJDH:/mnt/drives/53J0A016FJDH:/mnt/drives/53F0A0SBFJDH:/mnt/drives/53G0A2AXFJDH:/mnt/drives/1EKVK21Z:/mnt/drives/1EJZN6MZ:/mnt/drives/1EKR513Z";
fsType = "fuse.mergerfs";
options = [ "cache.files=full,,dropcacheonclose=true,category.create=mfs" "nofail" ];
depends = [ "/mnt/drives/X2N0A0AXFJDH" "/mnt/drives/92F0A079FJDH" "/mnt/drives/43P0A00FFJDH" "/mnt/drives/43P0A00AFJDH" "/mnt/drives/53J0A016FJDH" "/mnt/drives/53F0A0SBFJDH" "/mnt/drives/53G0A2AXFJDH" "/mnt/drives/1EKVK21Z" "/mnt/drives/1EJZN6MZ" "/mnt/drives/1EKR513Z" ];
};
#"/mnt/box" = {
# device = "seedbox:";
# fsType = "fuse.rclone";
# options = [ "user_id=1000" "group_id=100" ];
#};
};
services.nfs.server = {
enable = true;
exports = ''
/mnt/mergerfs 100.64.0.13(no_subtree_check,fsid=0)
'';
};
}
# vim: set et ts=2 sw=2 ai:

66
systems/nasty/hardware-configuration.nix Normal file
View file

@ -0,0 +1,66 @@
{ config, lib, pkgs, modulesPath, ... }:
{
system.stateVersion = "24.11";
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
./drives.nix
./snapraid.nix
];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "usbhid" "usb_storage" "sd_mod" "igc" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-intel" ];
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.loader.systemd-boot.enable = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.extraModprobeConfig = ''
options usb-storage quirks=174c:1356:u
'';
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
];
};
networking.hostName = "nasty";
boot.initrd.network = {
enable = true;
ssh = {
enable = true;
port = 2222;
hostKeys = [ "/root/ssh_host_ed25519_key" ];
};
postCommands = ''
echo "cryptsetup-askpass" >> /root/.profile
'';
udhcpc.extraArgs = [ "--timeout=10" ];
};
boot.initrd.luks.devices."nixos".device = "/dev/disk/by-uuid/58fc6ad3-8b7c-4448-8f07-5fedac404442";
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp86s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
#hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}
# vim: set et ts=2 sw=2 ai:

50
systems/nasty/samba.nix Normal file
View file

@ -0,0 +1,50 @@
{ ... }:
{
users.groups = {
dummesos = { gid = 1100; };
};
users.users = {
dummesos = {
uid = 1100;
isSystemUser = true;
group = "dummesos";
};
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
services.samba = {
enable = true;
openFirewall = true;
shares = {
"private" = {
path = "/mnt/mergerfs/smb/%u";
"read only" = "no";
"create mask" = "0600";
"directory mask" = "0700";
};
"software" = {
path = "/mnt/mergerfs/media/software";
"guest ok" = "yes";
};
"movies" = {
path = "/mnt/mergerfs/media/movies";
"guest ok" = "yes";
};
"Serien" = {
path = "/mnt/mergerfs/media/Serien";
"guest ok" = "yes";
};
#"software" = {
# path = "/mnt/mergerfs/media/software";
# "guest ok" = "yes";
#};
};
};
}
# vim: set et ts=2 sw=2 ai:

87
systems/nasty/snapraid.nix Normal file
View file

@ -0,0 +1,87 @@
{ ... }:
let
excludes = [
"/media/usenet/incomplete/"
];
in
{
#systemd.timers."snapraid-sync".enable = false; #temporarily
#services.snapraid = {
# enable = true;
# scrub.plan = 5;
# parityFiles = [
# "/mnt/drives/X2N0A0AZFJDH/snapraid.parity"
# ];
# dataDisks = {
# d1 = "/mnt/drives/43P0A00AFJDH";
# d2 = "/mnt/drives/43P0A00FFJDH";
# d3 = "/mnt/drives/53F0A0SBFJDH";
# d4 = "/mnt/drives/53G0A2AXFJDH";
# d5 = "/mnt/drives/53J0A016FJDH";
# d6 = "/mnt/drives/92F0A079FJDH";
# d7 = "/mnt/drives/X2N0A0AXFJDH";
# #d3 = "/mnt/drives/1EKVK21Z";
# };
# contentFiles = [
# "/mnt/snapraid-18tb1.content"
# "/mnt/snapraid-18tb2.content"
# #"/mnt/drives/43P0A00AFJDH/snapraid.content"
# #"/mnt/drives/43P0A00FFJDH/snapraid.content"
# #"/mnt/drives/53F0A0SBFJDH/snapraid.content"
# #"/mnt/drives/53G0A2AXFJDH/snapraid.content"
# #"/mnt/drives/53J0A016FJDH/snapraid.content"
# #"/mnt/drives/92F0A079FJDH/snapraid.content"
# #"/mnt/drives/X2N0A0AXFJDH/snapraid.content"
# #"/mnt/drives/1EKVK21Z/snapraid.content"
# ];
# exclude = [
# "/media/usenet/incomplete/"
# ];
#};
imports = [ ./modules/snapraid.nix ];
services.snapraidnew = {
"8tb" = {
arrayName = "8tb";
enable = true;
scrub.plan = 5;
parityFiles = [
"/mnt/drives/ZA1D9307/snapraid-8tb.parity"
];
dataDisks = {
d1 = "/mnt/drives/1EJZN6MZ";
d2 = "/mnt/drives/1EKR513Z";
d3 = "/mnt/drives/1EKVK21Z";
};
contentFiles = [
"/mnt/snapraid-8tb1.content"
"/mnt/drives/X2N0A0AZFJDH/snapraid-8tb2.content"
];
exclude = excludes;
};
"18tb" = {
enable = true;
scrub.plan = 5;
parityFiles = [
"/mnt/drives/X2N0A0AZFJDH/snapraid.parity"
];
dataDisks = {
d1 = "/mnt/drives/43P0A00AFJDH";
d2 = "/mnt/drives/43P0A00FFJDH";
d3 = "/mnt/drives/53F0A0SBFJDH";
d4 = "/mnt/drives/53G0A2AXFJDH";
d5 = "/mnt/drives/53J0A016FJDH";
d6 = "/mnt/drives/92F0A079FJDH";
d7 = "/mnt/drives/X2N0A0AXFJDH";
};
contentFiles = [
"/mnt/snapraid-18tb1.content"
"/mnt/drives/ZA1D9307/snapraid-18tb2.content"
];
exclude = excludes;
};
};
}
# vim: set et ts=2 sw=2 ai: