Bos55/nix-config
2
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Initial commit

Browse source
This commit is contained in:
Tibo De Peuter 2025-01-09 22:25:00 +01:00
commit 32849cc5d2
Signed by: tdpeuter
GPG key ID: 38297DE43F75FFE2
44 changed files with 3811 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

255
hosts/Isabel/default.nix Normal file
View file

@ -0,0 +1,255 @@
{ config, pkgs, ... }:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# List packages installed in the system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
];
environment.etc = {
"homepage/bookmarks.yaml".text = ''
- Office:
- Zoho Mail:
- icon: zohomail
href: https://mail.zoho.eu
- Network:
- Cloudlfare:
- icon: cloudflare
href: https://dash.cloudflare.com
- TransIP:
- icon: https://www.transip.eu/cache-60c9b25f/img/transip-new/favicons/favicon.png
href: https://www.transip.eu/cp/
- Telenet Internet usage:
- icon: https://static.telenet.be/assets/favicon/favicon.ico
href: https://www2.telenet.be/nl/klantenservice/raadpleeg-je-internetverbruik/
- Telenet Modem:
- icon: https://static.telenet.be/assets/favicon/favicon.ico
# href: https://mijn.telenet.be/mijntelenet/rgw/settings.do?identifier=u381160&action=showAdvancedSettings
href: https://www2.telenet.be/residential/nl/mijn-telenet/je-thuisnetwerk#/mainnavitem=hgw/mainnavitemid=item-1/subnavitem=modem_general
- Pulsetic:
- href: https://status.depeuter.dev
icon: https://pulsetic.com/favicon-196x196.png
- Homemade:
- AI-Transparency:
- href: https://ai-transparency.depeuter.dev
icon: https://ai-transparency.depeuter.dev/img/transparency.png
- Down-message:
- href: https://down.depeuter.dev
icon: https://down.depeuter.dev/assets/icon.jpg
- Portfolio:
- href: https://tibo.depeuter.dev
icon: https://tibo.depeuter.dev/assets/owl_circuit.png
'';
"homepage/services.yaml".text = ''
- Networking:
- Traefik Isabel:
description: Reverse proxy manager
href: https://traefik.isabel.depeuter.dev/dashboard/#
ping: https://traefik.isabel.depeuter.dev/dashboard/#
icon: traefik
widget:
type: traefik
url: https://traefik.isabel.depeuter.dev
- Traefik Niko:
description: Reverse proxy manager
href: https://traefik.niko.depeuter.dev/dashboard/#
ping: https://traefik.niko.depeuter.dev/dashboard/#
icon: traefik
widget:
type: traefik
url: https://traefik.niko.depeuter.dev
'';
"homepage/settings.yaml".text = ''
---
# For configuration options and examples, please see:
# https://gethomepage.dev/en/configs/settings
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey
'';
};
homelab.apps.technitiumDNS.enable = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_GB.utf8";
networking = {
hostName = "Hugo-Isabel";
domain = "depeuter.dev";
enableIPv6 = true;
# Open ports in the firewall.
firewall = {
enable = true;
};
networkmanager.enable = true;
};
# List services that you want to enable:
services = {
tailscale = {
enable = true;
useRoutingFeatures = "server";
authKeyFile = "/etc/nixos/tailscale-authkey";
extraUpFlags = [
"--advertise-routes=192.168.0.0/24"
"--exit-node"
];
};
# Fix DNS issues. See:
# https://github.com/tailscale/tailscale/issues/4254
# resolved.enable = true;
};
system.stateVersion = "24.05";
security.sudo = {
enable = true;
};
virtualisation = {
docker = {
enable = true;
autoPrune.enable = true;
};
oci-containers = {
backend = "docker";
containers = {
reverse-proxy = {
hostname = "traefik";
image = "traefik:v3.0";
cmd = [
"--api.insecure=true"
# Add Docker provider
"--providers.docker=true"
"--providers.docker.exposedByDefault=false"
# Add web entrypoint
"--entrypoints.web.address=:80/tcp"
"--entrypoints.web.http.redirections.entrypoint.to=websecure"
"--entrypoints.web.http.redirections.entrypoint.scheme=https"
# Add websecure entrypoint
"--entrypoints.websecure.address=:443/tcp"
"--entrypoints.websecure.http.tls=true"
"--entrypoints.websecure.http.tls.certResolver=letsencrypt"
"--entrypoints.websecure.http.tls.domains[0].main=depeuter.dev"
"--entrypoints.websecure.http.tls.domains[0].sans=*.depeuter.dev"
"--entrypoints.websecure.http.tls.domains[1].sans=*.isabel.depeuter.dev"
"--entrypoints.websecure.http.tls.domains[2].sans=*.jelly.depeuter.dev"
# Certificates
"--certificatesresolvers.letsencrypt.acme.dnschallenge=true"
"--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare"
"--certificatesresolvers.letsencrypt.acme.email=tibo.depeuter@telenet.be"
"--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json"
# Additional routes
];
ports = [
"80:80/tcp"
"443:443/tcp"
# "8080:8080/tcp" # The Web UI (enabled by --api.insecure=true)
];
environment = {
# TODO Hide this!
"CLOUDFLARE_DNS_API_TOKEN" = "6Vz64Op_a6Ls1ljGeBxFoOVfQ-yB-svRbf6OyPv2";
};
environmentFiles = [
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock:ro" # So that Traefik can listen to the Docker events
"letsencrypt:/letsencrypt"
];
labels = {
"traefik.enable" = "true";
"traefik.http.routers.traefik.rule" = "Host(`traefik.isabel.depeuter.dev`)";
"traefik.http.services.traefik.loadbalancer.server.port" = "8080";
};
autoStart = true;
};
feishin = {
hostname = "feishin";
image = "ghcr.io/jeffvli/feishin:0.7.1";
ports = [
# "9180:9180/tcp" # Web player (HTTP)
];
environment = {
# pre defined server name
SERVER_NAME = "Hugo";
# When true AND name/type/url are set, only username/password can be toggled
SERVER_LOCK = "true";
# navidrome also works
SERVER_TYPE = "jellyfin";
# http://address:port
SERVER_URL= "https://jelly.depeuter.dev";
TZ = config.time.timeZone;
};
labels = {
"traefik.enable" = "true";
"traefik.http.routers.feishin.rule" = "Host(`music.depeuter.dev`)";
"traefik.http.services.feishin.loadbalancer.server.port" = "9180";
"traefik.tls.options.default.minVersion" = "VersionTLS13";
};
autoStart = true;
};
dashboard = {
hostname = "dashboard";
image = "ghcr.io/gethomepage/homepage:v0.9.3";
ports = [
# "3000:3000/tcp"
];
volumes = [
"/etc/homepage:/app/config" # Make sure your local config directory exists
"/var/run/docker.sock:/var/run/docker.sock:ro" # optional, for docker integrations
];
labels = {
"traefik.enable" = "true";
"traefik.http.routers.dashboard.rule" = "Host(`dash.depeuter.dev`)";
"traefik.http.services.dashboard.loadbalancer.server.port" = "3000";
"traefik.tls.options.default.minVersion" = "VersionTLS13";
};
autoStart = true;
};
prometheus = {
hostname = "prometheus";
image = "prom/prometheus:v2.45.6";
ports = [
# "127.0.0.1:9090:9090/tcp"
];
labels = {
"traefik.enable" = "true";
"traefik.http.routers.prometheus.rule" = "Host(`prometheus.isabel.depeuter.dev`)";
"traefik.http.services.prometheus.loadbalancer.server.port" = "9090";
"traefik.tls.options.default.minVersion" = "VersionTLS13";
};
autoStart = true;
};
};
};
};
}