lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity Actions

Setting up deploy-rs, update & start of tetra

Browse source
This commit is contained in:
Lyes Saadi 2026-01-12 11:39:37 +01:00
parent 5532e9e720
commit 8aca74fc84
Signed by: lyes
GPG key ID: 55A1D803917CF39A
9 changed files with 258 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

208
flake.lock generated
View file

@ -61,6 +61,26 @@
"type": "github" "type": "github"
} }
}, },
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"utils": "utils"
},
"locked": {
"lastModified": 1766051518,
"narHash": "sha256-znKOwPXQnt3o7lDb3hdf19oDo0BLP4MfBOYiWkEHoik=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "d5eff7f948535b9c723d60cd8239f8f11ddc90fa",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -82,6 +102,22 @@
} }
}, },
"flake-compat": { "flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1761588595, "lastModified": 1761588595,
@ -173,11 +209,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1767702900, "lastModified": 1768068402,
"narHash": "sha256-xMzHmNytl7JgFRov2jHf2GYsLVp/sAfYO0JvbZt0uDo=", "narHash": "sha256-bAXnnJZKJiF7Xr6eNW6+PhBf1lg2P1aFUO9+xgWkXfA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "38e187fd2f9efac197e03be0c25f3ee215974144", "rev": "8bc5473b6bc2b6e1529a9c4040411e1199c43b4c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -211,9 +247,9 @@
"mailserver": { "mailserver": {
"inputs": { "inputs": {
"blobs": "blobs", "blobs": "blobs",
"flake-compat": "flake-compat", "flake-compat": "flake-compat_2",
"git-hooks": "git-hooks", "git-hooks": "git-hooks",
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1766321686, "lastModified": 1766321686,
@ -247,11 +283,11 @@
}, },
"nix-flatpak": { "nix-flatpak": {
"locked": { "locked": {
"lastModified": 1739444422, "lastModified": 1767983141,
"narHash": "sha256-iAVVHi7X3kWORftY+LVbRiStRnQEob2TULWyjMS6dWg=", "narHash": "sha256-7ZCulYUD9RmJIDULTRkGLSW1faMpDlPKcbWJLYHoXcs=",
"owner": "gmodena", "owner": "gmodena",
"repo": "nix-flatpak", "repo": "nix-flatpak",
"rev": "5e54c3ca05a7c7d968ae1ddeabe01d2a9bc1e177", "rev": "440818969ac2cbd77bfe025e884d0aa528991374",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -278,6 +314,54 @@
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": {
"lastModified": 1743014863,
"narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1767313136,
"narHash": "sha256-16KkgfdYqjaeRGBaYsNrhPRRENs0qzkQVUooNHtoy2w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ac62194c3917d5f474c1a844b6fd6da2db95077d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1768127708,
"narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1764374374, "lastModified": 1764374374,
"narHash": "sha256-naS7hg/D1yLKSZoENx9gvsPLFiNEOTcqamJSu0OEvCA=", "narHash": "sha256-naS7hg/D1yLKSZoENx9gvsPLFiNEOTcqamJSu0OEvCA=",
@ -293,55 +377,23 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-stable": {
"locked": {
"lastModified": 1767051569,
"narHash": "sha256-0MnuWoN+n1UYaGBIpqpPs9I9ZHW4kynits4mrnh1Pk4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "40ee5e1944bebdd128f9fbada44faefddfde29bd",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1767379071,
"narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fb7944c166a3b630f177938e478f0378e64ce108",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1767379071,
"narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fb7944c166a3b630f177938e478f0378e64ce108",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": { "nixpkgs_3": {
"locked": {
"lastModified": 1768127708,
"narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1766902085, "lastModified": 1766902085,
"narHash": "sha256-coBu0ONtFzlwwVBzmjacUQwj3G+lybcZ1oeNSQkgC0M=", "narHash": "sha256-coBu0ONtFzlwwVBzmjacUQwj3G+lybcZ1oeNSQkgC0M=",
@ -376,13 +428,14 @@
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"deploy-rs": "deploy-rs",
"disko": "disko", "disko": "disko",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"mailserver": "mailserver", "mailserver": "mailserver",
"mozilla": "mozilla", "mozilla": "mozilla",
"nix-flatpak": "nix-flatpak", "nix-flatpak": "nix-flatpak",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"pin-factorio": "pin-factorio", "pin-factorio": "pin-factorio",
@ -404,17 +457,50 @@
"type": "github" "type": "github"
} }
}, },
"systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"zen-browser": { "zen-browser": {
"inputs": { "inputs": {
"home-manager": "home-manager_3", "home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_4"
}, },
"locked": { "locked": {
"lastModified": 1767568852, "lastModified": 1768183082,
"narHash": "sha256-6s8hL3YX9zAq2T7qvcwwzaEVwc9MEYbW+C2LcAAQfbk=", "narHash": "sha256-XsiMOsqRLfmUi+24F7adhb/GAM2dMvplzwaW2Wxg/lo=",
"owner": "0xc000022070", "owner": "0xc000022070",
"repo": "zen-browser-flake", "repo": "zen-browser-flake",
"rev": "350c729b261e6f5529460140a5f0943dd4c5e156", "rev": "cdbc300fd89d503a95d1c8564de31a93d7b0a0ae",
"type": "github" "type": "github"
}, },
"original": { "original": {

41
flake.nix
View file

@ -28,12 +28,14 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
deploy-rs.url = "github:serokell/deploy-rs";
# Pins # Pins
# Factorio 2.0.72 # Factorio 2.0.72
pin-factorio.url = "github:NixOS/nixpkgs?rev=c5ae371f1a6a7fd27823bc500d9390b38c05fa55"; pin-factorio.url = "github:NixOS/nixpkgs?rev=c5ae371f1a6a7fd27823bc500d9390b38c05fa55";
}; };
outputs = { self, nixpkgs, mailserver, ... }@inputs: { outputs = { self, nixpkgs, mailserver, deploy-rs, ... }@inputs: {
nixosConfigurations = { nixosConfigurations = {
# Framework Computer # Framework Computer
piaf = nixpkgs.lib.nixosSystem { piaf = nixpkgs.lib.nixosSystem {
@ -53,15 +55,40 @@
}; };
# Desktop ISO # Desktop ISO
triforce = nixpkgs.lib.nixosSystem { # triforce = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; # system = "x86_64-linux";
specialArgs = inputs; # specialArgs = inputs;
modules = [ ./hosts/triforce ]; # modules = [ ./hosts/triforce ];
}; # };
}; };
packages."x86_64-linux" = { packages."x86_64-linux" = {
desktop-iso = self.nixosConfigurations.desktop-iso.config.system.build.isoImage; # desktop-iso = self.nixosConfigurations.desktop-iso.config.system.build.isoImage;
}; };
deploy = {
interactiveSudo = true;
autoRollback = true;
magicRollback = true;
nodes = {
zora = {
hostname = "zora";
profilesOrder = [ "system" ];
# fastConnection = true;
profiles = {
system = {
sshUser = "lyes";
user = "root";
remoteBuild = true;
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.zora;
};
};
};
};
};
checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
}; };
} }

2
hosts/piaf/hardware.nix
View file

@ -8,7 +8,7 @@
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 10; boot.loader.systemd-boot.configurationLimit = 10;
# boot.loader.efi.canTouchEfiVariables = true; # boot.loader.efi.canTouchEfiVariables = true;
# boot.kernelParams = [ "quiet" ]; boot.kernelParams = [ "amdgpu.abmlevel=0" "amdgpu.sg_display=0" "amdgpu.dcdebugmask=0x410" ];
boot.initrd.systemd = { boot.initrd.systemd = {
enable = true; enable = true;
# network.enable = true; # network.enable = true;

15
hosts/zora/default.nix
View file

@ -16,16 +16,17 @@
../../modules ../../modules
../../modules/server ../../modules/server
../../modules/server/link
../../modules/server/taf
../../modules/server/giovanni
../../modules/server/baba ../../modules/server/baba
../../modules/server/nayru
../../modules/server/kalif
../../modules/server/maistro
../../modules/server/mikau
../../modules/server/biggoron ../../modules/server/biggoron
../../modules/server/biggoron/runner.nix ../../modules/server/biggoron/runner.nix
../../modules/server/giovanni
../../modules/server/kalif
../../modules/server/link
../../modules/server/maistro
../../modules/server/mikau
../../modules/server/nayru
../../modules/server/taf
../../modules/server/tetra
# disko.nixosModules.disko # disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default

27
hosts/zora/reverse-proxy.nix
View file

@ -59,17 +59,6 @@
''; '';
locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}"; locations."/".proxyPass = "http://localhost:${toString config.services.forgejo.settings.server.HTTP_PORT}";
}; };
# 9980
"collabora.lyes.eu" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.collabora-online.port}";
proxyWebsockets = true; # collabora a besoin des websockets
};
};
# 8096 # 8096
"media.lyes.eu" = { "media.lyes.eu" = {
forceSSL = true; forceSSL = true;
@ -90,6 +79,22 @@
}; };
}; };
}; };
# 44304
"torrent.lyes.eu" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${toString config.services.qbittorrent.webuiPort}";
};
# 9980
"collabora.lyes.eu" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.collabora-online.port}";
proxyWebsockets = true; # collabora a besoin des websockets
};
};
}; };
}; };
} }

1
modules/server/README.md
View file

@ -8,3 +8,4 @@
- `mikau` : Jellyfin (`media.lyes.eu`) - `mikau` : Jellyfin (`media.lyes.eu`)
- `nayru` : Komga/Manga (`manga.lyes.eu`) - `nayru` : Komga/Manga (`manga.lyes.eu`)
- `taf` : Mail (`taf.lyes.eu`/`mail.lyes.eu`) - `taf` : Mail (`taf.lyes.eu`/`mail.lyes.eu`)
- `tetra` : Torrent (`torrent.lyes.eu`)

2
modules/server/link/default.nix
View file

@ -1,4 +1,4 @@
{ config, pkgs, ... }: { config, ... }:
let let
hostname = "auth.${config.networking.domain}"; hostname = "auth.${config.networking.domain}";

46
modules/server/tetra/default.nix Normal file
View file

@ -0,0 +1,46 @@
{ ... }:
{
services.qbittorrent = {
enable = false;
user = "qbittorrent";
group = "media";
webuiPort = 44303;
serverConfig = {
LegalNotice.Accepted = true;
General.Locale = "fr";
BitTorrent = {
Session = {
DefaultSavePath = "/var/data/media/torrent/";
AnonymousModeEnabled=true;
GlobalDLSpeedLimit=1250;
GlobalUPSpeedLimit=125;
AlternativeGlobalDLSpeedLimit=2500;
AlternativeGlobalUPSpeedLimit=125;
# BandwidthSchedulerEnabled=true;
UseAlternativeGlobalSpeedLimit=false;
QueueingSystemEnabled=true;
MaxActiveDownloads = 7;
MaxActiveTorrents = 7;
MaxActiveUploads = 3;
GlobalMaxSeedingMinutes=1440;
};
};
Preferences = {
WebUI = {
Username = "lyes";
Password_PBKDF2 = "@ByteArray(5UU0KdjkWdtIdml1aQVDOQ==:qs0cVTkuQzbHA3EmF9++MK9eJstbx95hIR52amh2PSSgmQxrXavu0oxUZdUMWnaIRKkUuq18o9GV+DMb7T99NA==)";
AuthSubnetWhitelistEnabled = true;
# AuthSubnetWhitelist = "192.168.2.2/32";
StatusbarExternalIPDisplayed = true;
};
};
};
};
# users.users.qbittorrent.extraGroups = [ "media" ];
users.users.qbittorrent.isSystemUser = true;
users.users.qbittorrent.group = "media";
}

5
users/lyes/common/packages.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, deploy-rs, ... }:
{ {
# Packages # Packages
@ -9,5 +9,8 @@
sl sl
jq jq
pass pass
# NixOS-related
deploy-rs.packages."${stdenv.hostPlatform.system}".default
]; ];
} }