mirror/github.com-tboerger-nixos-config
1
0
Fork 0
mirror of https://github.com/tboerger/nixos-config synced 2024-11-22 18:21:58 +01:00
Code Issues

chore: add more services like containers

Browse Source
This commit is contained in:
Thomas Boerger 2022-11-17 21:48:21 +01:00
parent c2d6d4090d
commit 6cae8a7cfd
No known key found for this signature in database
GPG Key ID: 09745AFF9D63C79B
21 changed files with 627 additions and 430 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
servers/midgard/default.nix
View File

@ -14,13 +14,7 @@
personal = {
services = {
acme = {
enable = config.personal.services.enable;
};
adguard = {
enable = config.personal.services.enable;
};
coredns = {
homedns = {
enable = config.personal.services.enable;
};
tailscale = {

12
servers/niflheim/default.nix
View File

@ -14,6 +14,18 @@
personal = {
services = {
authentik = {
enable = config.personal.services.enable;
};
media = {
enable = config.personal.services.enable;
};
minecraft = {
enable = config.personal.services.enable;
};
nextcloud = {
enable = config.personal.services.enable;
};
tailscale = {
enable = config.personal.services.enable;
};

96
servers/niflheim/filesystems.nix
View File

@ -37,6 +37,86 @@
];
};
fileSystems."/var/lib/acme" = {
device = "/dev/disk/by-label/acme";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/nzbget" = {
device = "/dev/disk/by-label/nzbget";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/jellyfin" = {
device = "/dev/disk/by-label/jellyfin";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/radarr" = {
device = "/dev/disk/by-label/radarr";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/sonarr" = {
device = "/dev/disk/by-label/sonarr";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/lidarr" = {
device = "/dev/disk/by-label/lidarr";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/readarr" = {
device = "/dev/disk/by-label/readarr";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/bazarr" = {
device = "/dev/disk/by-label/bazarr";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/prowlarr" = {
device = "/dev/disk/by-label/prowlarr";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/downloads" = {
device = "/dev/disk/by-label/downloads";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/movies" = {
device = "/dev/disk/by-label/movies";
fsType = "ext4";
@ -68,4 +148,20 @@
"noatime"
];
};
fileSystems."/var/lib/bromance" = {
device = "/dev/disk/by-label/bromance";
fsType = "ext4";
options = [
"noatime"
];
};
fileSystems."/var/lib/owntech" = {
device = "/dev/disk/by-label/owntech";
fsType = "ext4";
options = [
"noatime"
];
};
}

6
servers/niflheim/networking.nix
View File

@ -38,5 +38,11 @@
};
};
};
nat = {
enable = true;
externalInterface = "enp3s0";
internalInterfaces = [ "ve-*" ];
};
};
}

32
servers/niflheim/partitions.sh
View File

@ -161,7 +161,7 @@ mount /dev/disk/by-partlabel/boot1 /mnt/boot
# STORAGE
#
for PARTITION in ; do
for PARTITION in acme nzbget jellyfin radarr sonarr lidarr readarr bazarr prowlarr; do
echo "-----> Create ${PARTITION} volume"
lvcreate -y --size 5G --name ${PARTITION} system
@ -173,6 +173,16 @@ for PARTITION in ; do
mount -t ext4 /dev/system/${PARTITION} /mnt/var/lib/${PARTITION}
done
echo "-----> Create downloads volume"
lvcreate -y --size 200G --name downloads system
echo "-----> Create downloads filesystem"
mkfs.ext4 -L downloads /dev/system/downloads
echo "-----> Mount downloads filesystem"
mkdir -p /mnt/var/lib/downloads
mount -t ext4 /dev/system/downloads /mnt/var/lib/downloads
echo "-----> Create movies volume"
lvcreate -y --size 2000G --name movies system
@ -212,3 +222,23 @@ mkfs.ext4 -L music /dev/system/music
echo "-----> Mount music filesystem"
mkdir -p /mnt/var/lib/music
mount -t ext4 /dev/system/music /mnt/var/lib/music
echo "-----> Create bromance volume"
lvcreate -y --size 10G --name bromance system
echo "-----> Create bromance filesystem"
mkfs.ext4 -L bromance /dev/system/bromance
echo "-----> Mount bromance filesystem"
mkdir -p /mnt/var/lib/bromance
mount -t ext4 /dev/system/bromance /mnt/var/lib/bromance
echo "-----> Create owntech volume"
lvcreate -y --size 10G --name owntech system
echo "-----> Create owntech filesystem"
mkfs.ext4 -L owntech /dev/system/owntech
echo "-----> Mount owntech filesystem"
mkdir -p /mnt/var/lib/owntech
mount -t ext4 /dev/system/owntech /mnt/var/lib/owntech

7
servers/utgard/default.nix
View File

@ -3,6 +3,7 @@
{
imports = [
../../shared/modules
../../shared/programs
../../shared/services
./filesystems.nix
@ -13,15 +14,9 @@
personal = {
services = {
acme = {
enable = config.personal.services.enable;
};
hass = {
enable = config.personal.services.enable;
};
media = {
enable = config.personal.services.enable;
};
tailscale = {
enable = config.personal.services.enable;
};

3
shared/services/acme/default.nix
View File

@ -22,11 +22,12 @@ in
acceptTerms = true;
defaults = {
email = "hostmaster@boerger.ws";
reloadServices = [ "nginx" ];
};
certs = {
"boerger.ws" = {
email = "hostmaster@boerger.ws";
extraDomainNames = [ "*.boerger.ws" ];
dnsProvider = "cloudflare";
credentialsFile = config.age.secrets."services/acme/credentials".path;

20
shared/services/coredns/default.nix
View File

@ -1,20 +0,0 @@
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let
cfg = config.personal.services.coredns;
in
{
options = {
personal = {
services = {
coredns = {
enable = mkEnableOption "CoreDNS";
};
};
};
};
config = mkIf cfg.enable { };
}

5
shared/services/default.nix
View File

@ -4,17 +4,14 @@ with lib;
{
imports = [
./acme
./adguard
./authentik
./coredns
./homedns
./desktop
./docker
./dst
./hass
./haveged
./libvirt
./media
./mediang
./minecraft
./nextcloud
./nixbuild

20
shared/services/dst/default.nix
View File

@ -1,20 +0,0 @@
{ pkgs, lib, config, options, fetchurl, ... }:
with lib;
let
cfg = config.personal.services.dst;
in
{
options = {
personal = {
services = {
dst = {
enable = mkEnableOption "Don't Starve Together";
};
};
};
};
config = mkIf cfg.enable { };
}

4
shared/services/hass/arion.nix
View File

@ -1,4 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
{ }

41
shared/services/hass/default.nix
View File

@ -64,28 +64,37 @@ in
default_config = { };
};
};
nginx = {
virtualHosts =
let
base = locations: {
inherit locations;
useACMEHost = "boerger.ws";
forceSSL = true;
};
proxy = port: base {
"/" = {
proxyPass = "http://127.0.0.1:" + toString (port) + "/";
proxyWebsockets = true;
};
};
in
{
"iot.boerger.ws" = proxy 8123;
};
};
};
personal = {
services = {
acme = {
enable = true;
};
webserver = {
enable = true;
hosts = [
{
domain = "home.boerger.ws";
proxy = "http://127.0.0.1:8123";
proxyOptions = ''
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
'';
}
];
};
};
};

38
shared/services/adguard/default.nix → shared/services/homedns/default.nix
View File

@ -2,15 +2,15 @@
with lib;
let
cfg = config.personal.services.adguard;
cfg = config.personal.services.homedns;
in
{
options = {
personal = {
services = {
adguard = {
enable = mkEnableOption "Adguard";
homedns = {
enable = mkEnableOption "HomeDNS";
};
};
};
@ -47,19 +47,37 @@ in
}];
};
};
nginx = {
virtualHosts =
let
base = locations: {
inherit locations;
useACMEHost = "boerger.ws";
forceSSL = true;
};
proxy = port: base {
"/" = {
proxyPass = "http://127.0.0.1:" + toString (port) + "/";
proxyWebsockets = true;
};
};
in
{
"adguard.boerger.ws" = proxy 3000;
};
};
};
personal = {
services = {
acme = {
enable = true;
};
webserver = {
enable = true;
hosts = [
{
domain = "adguard.boerger.ws";
proxy = "http://localhost:3000";
}
];
};
};
};

0
shared/services/dst/arion.nix → shared/services/media/arion.nix
View File

248
shared/services/media/default.nix
View File

@ -17,116 +17,170 @@ in
};
config = mkIf cfg.enable {
# containers = {
# media =
# let
# passwordFile = config.age.secrets."users/media/password".path;
# in
# {
# autoStart = true;
# privateNetwork = true;
# # hostAddress = "192.168.100.10";
# # localAddress = "192.168.100.11";
# config = { config, pkgs, ... }: {
# users = {
# users = {
# media = {
# uid = 20000;
# description = "Media";
# shell = pkgs.zsh;
# isSystemUser = true;
# group = "media";
# home = "/var/lib/media";
# passwordFile = passwordFile;
# };
# };
# groups = {
# media = {
# gid = 20000;
# };
# };
# };
# services = {
# jellyfin = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.jellyfin;
# };
# };
# networking.firewall = {
# enable = true;
# allowedTCPPorts = [
# 8080
# ];
# };
# environment.etc."resolv.conf".text = "nameserver 8.8.8.8";
# system.stateVersion = "22.05";
# };
# };
# };
environment = {
systemPackages = with pkgs; [
nur.repos.tboerger.jellyseerr
sqlite
];
};
users = {
users = {
media = {
uid = 20000;
description = "Media";
shell = pkgs.zsh;
isSystemUser = true;
group = "media";
home = "/var/lib/media";
passwordFile = config.age.secrets."users/media/password".path;
};
};
# users = {
# users = {
# media = {
# uid = 20000;
# description = "Media";
# shell = pkgs.zsh;
# isSystemUser = true;
# group = "media";
# home = "/var/lib/media";
# passwordFile = config.age.secrets."users/media/password".path;
# };
# };
groups = {
media = {
gid = 20000;
};
};
};
# groups = {
# media = {
# gid = 20000;
# };
# };
# };
services = {
nzbget = {
enable = true;
user = "media";
group = "media";
# nzbget = {
# enable = true;
# user = "media";
# group = "media";
settings = {
MainDir = "/var/lib/downloads";
DestDir = "/var/lib/downloads/completed";
InterDir = "/var/lib/downloads/intermediate";
NzbDir = "/var/lib/downloads/nzb";
QueueDir = "/var/lib/downloads/queue";
TempDir = "/var/lib/downloads/temp";
ScriptDir = "/var/lib/downloads/scripts";
# settings = {
# MainDir = "/var/lib/downloads";
# DestDir = "/var/lib/downloads/completed";
# InterDir = "/var/lib/downloads/intermediate";
# NzbDir = "/var/lib/downloads/nzb";
# QueueDir = "/var/lib/downloads/queue";
# TempDir = "/var/lib/downloads/temp";
# ScriptDir = "/var/lib/downloads/scripts";
"Category1.Name" = "Movies";
"Category1.Unpack" = "yes";
# "Category1.Name" = "Movies";
# "Category1.Unpack" = "yes";
"Category2.Name" = "Series";
"Category2.Unpack" = "yes";
# "Category2.Name" = "Series";
# "Category2.Unpack" = "yes";
"Category3.Name" = "Music";
"Category3.Unpack" = "yes";
# "Category3.Name" = "Music";
# "Category3.Unpack" = "yes";
"Category4.Name" = "Books";
"Category4.Unpack" = "yes";
# "Category4.Name" = "Books";
# "Category4.Unpack" = "yes";
"Category5.Name" = "Prowlarr";
"Category5.Unpack" = "yes";
};
};
# "Category5.Name" = "Prowlarr";
# "Category5.Unpack" = "yes";
# };
# };
jellyfin = {
enable = true;
user = "media";
group = "media";
package = pkgs.jellyfin;
};
# jellyfin = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.jellyfin;
# };
radarr = {
enable = true;
user = "media";
group = "media";
package = pkgs.radarr;
dataDir = "/var/lib/radarr";
};
# radarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.radarr;
# dataDir = "/var/lib/radarr";
# };
sonarr = {
enable = true;
user = "media";
group = "media";
package = pkgs.sonarr;
dataDir = "/var/lib/sonarr";
};
# sonarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.sonarr;
# dataDir = "/var/lib/sonarr";
# };
lidarr = {
enable = true;
user = "media";
group = "media";
package = pkgs.lidarr;
dataDir = "/var/lib/lidarr";
};
# lidarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.lidarr;
# dataDir = "/var/lib/lidarr";
# };
readarr = {
enable = true;
user = "media";
group = "media";
package = pkgs.nur.repos.tboerger.readarr;
dataDir = "/var/lib/readarr";
};
# readarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.nur.repos.tboerger.readarr;
# dataDir = "/var/lib/readarr";
# };
bazarr = {
enable = true;
user = "media";
group = "media";
package = pkgs.bazarr;
};
# bazarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.bazarr;
# };
prowlarr = {
enable = true;
user = "media";
group = "media";
package = pkgs.prowlarr;
};
# prowlarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.prowlarr;
# };
nginx = {
virtualHosts =
@ -159,18 +213,22 @@ in
personal = {
services = {
acme = {
enable = true;
};
webserver = {
enable = true;
};
};
};
networking = {
firewall = {
allowedTCPPorts = [ 8096 ];
allowedUDPPorts = [ 1900 7359 ];
};
};
# networking = {
# firewall = {
# allowedTCPPorts = [ 8096 ];
# allowedUDPPorts = [ 1900 7359 ];
# };
# };
age.secrets."users/media/password" = {
file = ../../../secrets/users/media/password.age;

4
shared/services/mediang/arion.nix
View File

@ -1,4 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
{ }

215
shared/services/mediang/default.nix
View File

@ -1,215 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
let
cfg = config.personal.services.mediang;
in
{
options = {
personal = {
services = {
mediang = {
enable = mkEnableOption "Media";
};
};
};
};
config = mkIf cfg.enable {
# networking = {
# nat = {
# enable = true;
# internalInterfaces = ["ve-+"];
# externalInterface = "ens3";
# };
# };
containers = {
media =
let
passwordFile = config.age.secrets."users/media/password".path;
in
{
autoStart = true;
privateNetwork = true;
# hostAddress = "192.168.100.10";
# localAddress = "192.168.100.11";
config = { config, pkgs, ... }: {
users = {
users = {
media = {
uid = 20000;
description = "Media";
shell = pkgs.zsh;
isSystemUser = true;
group = "media";
home = "/var/lib/media";
passwordFile = passwordFile;
};
};
groups = {
media = {
gid = 20000;
};
};
};
services = {
jellyfin = {
enable = true;
user = "media";
group = "media";
package = pkgs.jellyfin;
};
};
networking.firewall = {
enable = true;
allowedTCPPorts = [
8080
];
};
environment.etc."resolv.conf".text = "nameserver 8.8.8.8";
system.stateVersion = "22.05";
};
};
};
age.secrets."users/media/password" = {
file = ../../../secrets/users/media/password.age;
};
};
}
# services = {
# nzbget = {
# enable = true;
# user = "media";
# group = "media";
# settings = {
# MainDir = "/var/lib/downloads";
# DestDir = "/var/lib/downloads/completed";
# InterDir = "/var/lib/downloads/intermediate";
# NzbDir = "/var/lib/downloads/nzb";
# QueueDir = "/var/lib/downloads/queue";
# TempDir = "/var/lib/downloads/temp";
# ScriptDir = "/var/lib/downloads/scripts";
# "Category1.Name" = "Movies";
# "Category1.Unpack" = "yes";
# "Category2.Name" = "Series";
# "Category2.Unpack" = "yes";
# "Category3.Name" = "Music";
# "Category3.Unpack" = "yes";
# "Category4.Name" = "Books";
# "Category4.Unpack" = "yes";
# "Category5.Name" = "Prowlarr";
# "Category5.Unpack" = "yes";
# };
# };
# jellyfin = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.jellyfin;
# };
# radarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.radarr;
# dataDir = "/var/lib/radarr";
# };
# sonarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.sonarr;
# dataDir = "/var/lib/sonarr";
# };
# lidarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.lidarr;
# dataDir = "/var/lib/lidarr";
# };
# readarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.nur.repos.tboerger.readarr;
# dataDir = "/var/lib/readarr";
# };
# bazarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.bazarr;
# };
# prowlarr = {
# enable = true;
# user = "media";
# group = "media";
# package = pkgs.prowlarr;
# };
# nginx = {
# virtualHosts =
# let
# base = locations: {
# inherit locations;
# useACMEHost = "boerger.ws";
# forceSSL = true;
# };
# proxy = port: base {
# "/" = {
# proxyPass = "http://127.0.0.1:" + toString (port) + "/";
# proxyWebsockets = true;
# };
# };
# in
# {
# "nzbget.boerger.ws" = proxy 6789;
# "jellyfin.boerger.ws" = proxy 8096;
# "radarr.boerger.ws" = proxy 7878;
# "sonarr.boerger.ws" = proxy 8989;
# "lidarr.boerger.ws" = proxy 8686;
# "readarr.boerger.ws" = proxy 8787;
# "bazarr.boerger.ws" = proxy 6767;
# "prowlarr.boerger.ws" = proxy 9696;
# };
# };
# };
# personal = {
# services = {
# webserver = {
# enable = true;
# };
# };
# };
# networking = {
# firewall = {
# allowedTCPPorts = [ 8096 ];
# allowedUDPPorts = [ 1900 7359 ];
# };
# };

134
shared/services/minecraft/default.nix
View File

@ -16,5 +16,137 @@ in
};
};
config = mkIf cfg.enable { };
config = mkIf cfg.enable {
# containers = {
# bromance = {
# autoStart = true;
# privateNetwork = true;
# hostAddress = "192.168.100.10";
# localAddress = "192.168.100.11";
# config = { config, pkgs, ... }: {
# nixpkgs = {
# config = {
# allowUnfree = true;
# };
# };
# services = {
# minecraft-server = {
# enable = true;
# package = pkgs.minecraft-server;
# openFirewall = true;
# eula = true;
# declarative = true;
# jvmOpts = "-Xmx2048M -Xms2048M";
# whitelist = {
# mompelz = "e640f53a-44a1-4d6d-89b4-988b649cbb6d";
# };
# serverProperties = {
# motd = "Welcome to Bromance!";
# white-list = true;
# };
# };
# };
# networking = {
# firewall = {
# enable = true;
# };
# };
# systemd = {
# tmpfiles = {
# rules = [
# "d /var/lib/minecraft 700 minecraft minecraft -"
# ];
# };
# };
# environment.etc."resolv.conf".text = "nameserver 1.1.1.1";
# system.stateVersion = "22.05";
# };
# bindMounts = {
# "/var/lib/minecraft" = {
# hostPath = "/var/lib/bromance/";
# isReadOnly = false;
# };
# };
# forwardPorts = [{
# containerPort = 25565;
# hostPort = 25575;
# protocol = "tcp";
# }];
# };
# owntech = {
# autoStart = true;
# privateNetwork = true;
# hostAddress = "192.168.100.20";
# localAddress = "192.168.100.21";
# config = { config, pkgs, ... }: {
# nixpkgs = {
# config = {
# allowUnfree = true;
# };
# };
# services = {
# minecraft-server = {
# enable = true;
# package = pkgs.minecraft-server;
# openFirewall = true;
# eula = true;
# declarative = true;
# jvmOpts = "-Xmx2048M -Xms2048M";
# whitelist = {
# mompelz = "e640f53a-44a1-4d6d-89b4-988b649cbb6d";
# };
# serverProperties = {
# motd = "Welcome to ownTech!";
# white-list = true;
# };
# };
# };
# networking = {
# firewall = {
# enable = true;
# };
# };
# systemd = {
# tmpfiles = {
# rules = [
# "d /var/lib/minecraft 700 minecraft minecraft -"
# ];
# };
# };
# environment.etc."resolv.conf".text = "nameserver 1.1.1.1";
# system.stateVersion = "22.05";
# };
# bindMounts = {
# "/var/lib/minecraft" = {
# hostPath = "/var/lib/owntech/";
# isReadOnly = false;
# };
# };
# forwardPorts = [{
# containerPort = 25565;
# hostPort = 25585;
# protocol = "tcp";
# }];
# };
# };
};
}

19
shared/services/nextcloud/arion.nix
View File

@ -1,19 +1,4 @@
{ pkgs, lib, config, options, ... }:
with lib;
{
config = {
services = {
nextcloud = {
nixos = {
configuration = {
services = {
nextcloud = {
enable = true;
};
};
};
};
};
};
};
}
{ }

141
shared/services/nextcloud/default.nix
View File

@ -17,10 +17,141 @@ in
};
config = mkIf cfg.enable {
virtualisation.arion.projects.prometheus.settings = {
imports = [
(import ./arion.nix)
];
};
# containers = {
# nextcloud = {
# autoStart = true;
# privateNetwork = true;
# hostAddress = "192.168.101.10";
# localAddress = "192.168.101.11";
# config = { config, pkgs, ... }: {
# services = {
# mysql = {
# enable = true;
# ensureDatabases = [
# "nextcloud"
# ];
# ensureUsers = [{
# name = "nextcloud";
# ensurePermissions = {
# "*.*" = "ALL PRIVILEGES";
# };
# }];
# };
# nextcloud = {
# enable = true;
# package = pkgs.nextcloud25;
# hostName = "cloud.boerger.ws";
# https = true;
# extraAppsEnable = true;
# globalProfiles = false;
# logType = "systemd";
# maxUploadSize = "1024M";
# secretFile = null;
# trustedProxies = [
# "192.168.101.0/24"
# ];
# config = {
# overwriteProtocol = "https";
# adminuser = "devops";
# adminpassFile = "";
# dbtype = "mysql";
# dbname = "nextcloud";
# dbhost = "/run/mysql/mysql.sock";
# dbuser = "nextcloud";
# dbpassFile = null;
# defaultPhoneRegion = "DE";
# objectstore = {
# s3 = {
# enabel = true;
# hostname = "s3.eu-west-1.wasabisys.com"
# port = 443
# region = "eu-west-1";
# bucket = "bws-nextcloud";
# key = "";
# secretFile = "";
# }
# };
# };
# caching = {
# redis = true;
# };
# extraOptions = {
# redis = {
# host = "/run/redis/redis.sock";
# port = 0;
# dbindex = 0;
# password = "secret";
# timeout = 1.5;
# };
# };
# # extraApps = {
# # bookmarks = pkgs.fetchNextcloudApp {
# # name = "bookmarks";
# # sha256 = "";
# # url = "https://github.com/nextcloud/bookmarks/releases/download/v11.0.4/bookmarks-11.0.4.tar.gz";
# # version = "11.0.4";
# # };
# # cookbook = pkgs.fetchNextcloudApp {
# # name = "cookbook";
# # sha256 = "";
# # url = "https://github.com/nextcloud/cookbook/releases/download/v0.10.1/Cookbook-0.10.1.tar.gz";
# # version = "0.10.1";
# # };
# # guests = pkgs.fetchNextcloudApp {
# # name = "guests";
# # sha256 = "";
# # url = "https://github.com/nextcloud/guests/releases/download/v2.3.0/guests.tar.gz";
# # version = "2.3.0";
# # };
# # impersonate = pkgs.fetchNextcloudApp {
# # name = "impersonate";
# # sha256 = "";
# # url = "https://github.com/nextcloud/impersonate/releases/download/v1.8.0/impersonate.tar.gz";
# # version = "1.8.0";
# # };
# # };
# };
# };
# networking = {
# firewall = {
# enable = true;
# };
# };
# systemd = {
# tmpfiles = {
# rules = [
# "d /var/lib/nextcloud 700 nextcloud nextcloud -"
# ];
# };
# };
# environment.etc."resolv.conf".text = "nameserver 1.1.1.1";
# system.stateVersion = "22.05";
# };
# bindMounts = {
# "/var/lib/nextcloud" = {
# hostPath = "/var/lib/nextcloud/";
# isReadOnly = false;
# };
# };
# };
# };
};
}

4
shared/services/shares/arion.nix
View File

@ -1,4 +0,0 @@
{ pkgs, lib, config, options, ... }:
with lib;
{ }