{ config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Use the systemd-boot EFI boot loader. boot.loader = { systemd-boot.enable = true; efi = { canTouchEfiVariables = true; efiSysMountPoint = "/boot/efi"; }; }; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; # List packages installed in the system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ ]; environment.etc = { "homepage/bookmarks.yaml".text = '' - Office: - Zoho Mail: - icon: zohomail href: https://mail.zoho.eu - Network: - Cloudlfare: - icon: cloudflare href: https://dash.cloudflare.com - TransIP: - icon: https://www.transip.eu/cache-60c9b25f/img/transip-new/favicons/favicon.png href: https://www.transip.eu/cp/ - Telenet Internet usage: - icon: https://static.telenet.be/assets/favicon/favicon.ico href: https://www2.telenet.be/nl/klantenservice/raadpleeg-je-internetverbruik/ - Telenet Modem: - icon: https://static.telenet.be/assets/favicon/favicon.ico # href: https://mijn.telenet.be/mijntelenet/rgw/settings.do?identifier=u381160&action=showAdvancedSettings href: https://www2.telenet.be/residential/nl/mijn-telenet/je-thuisnetwerk#/mainnavitem=hgw/mainnavitemid=item-1/subnavitem=modem_general - Pulsetic: - href: https://status.depeuter.dev icon: https://pulsetic.com/favicon-196x196.png - Homemade: - AI-Transparency: - href: https://ai-transparency.depeuter.dev icon: https://ai-transparency.depeuter.dev/img/transparency.png - Down-message: - href: https://down.depeuter.dev icon: https://down.depeuter.dev/assets/icon.jpg - Portfolio: - href: https://tibo.depeuter.dev icon: https://tibo.depeuter.dev/assets/owl_circuit.png ''; "homepage/services.yaml".text = '' - Networking: - Traefik Isabel: description: Reverse proxy manager href: https://traefik.isabel.depeuter.dev/dashboard/# ping: https://traefik.isabel.depeuter.dev/dashboard/# icon: traefik widget: type: traefik url: https://traefik.isabel.depeuter.dev - Traefik Niko: description: Reverse proxy manager href: https://traefik.niko.depeuter.dev/dashboard/# ping: https://traefik.niko.depeuter.dev/dashboard/# icon: traefik widget: type: traefik url: https://traefik.niko.depeuter.dev ''; "homepage/settings.yaml".text = '' --- # For configuration options and examples, please see: # https://gethomepage.dev/en/configs/settings providers: openweathermap: openweathermapapikey weatherapi: weatherapiapikey ''; }; homelab.apps.technitiumDNS.enable = true; # Select internationalisation properties. i18n.defaultLocale = "en_GB.utf8"; networking = { hostName = "Hugo-Isabel"; domain = "depeuter.dev"; enableIPv6 = true; # Open ports in the firewall. firewall = { enable = true; }; networkmanager.enable = true; }; # List services that you want to enable: services = { tailscale = { enable = true; useRoutingFeatures = "server"; authKeyFile = "/etc/nixos/tailscale-authkey"; extraUpFlags = [ "--advertise-routes=192.168.0.0/24" "--exit-node" ]; }; # Fix DNS issues. See: # https://github.com/tailscale/tailscale/issues/4254 # resolved.enable = true; }; system.stateVersion = "24.05"; security.sudo = { enable = true; }; virtualisation = { docker = { enable = true; autoPrune.enable = true; }; oci-containers = { backend = "docker"; containers = { reverse-proxy = { hostname = "traefik"; image = "traefik:v3.0"; cmd = [ "--api.insecure=true" # Add Docker provider "--providers.docker=true" "--providers.docker.exposedByDefault=false" # Add web entrypoint "--entrypoints.web.address=:80/tcp" "--entrypoints.web.http.redirections.entrypoint.to=websecure" "--entrypoints.web.http.redirections.entrypoint.scheme=https" # Add websecure entrypoint "--entrypoints.websecure.address=:443/tcp" "--entrypoints.websecure.http.tls=true" "--entrypoints.websecure.http.tls.certResolver=letsencrypt" "--entrypoints.websecure.http.tls.domains[0].main=depeuter.dev" "--entrypoints.websecure.http.tls.domains[0].sans=*.depeuter.dev" "--entrypoints.websecure.http.tls.domains[1].sans=*.isabel.depeuter.dev" "--entrypoints.websecure.http.tls.domains[2].sans=*.jelly.depeuter.dev" # Certificates "--certificatesresolvers.letsencrypt.acme.dnschallenge=true" "--certificatesresolvers.letsencrypt.acme.dnschallenge.provider=cloudflare" "--certificatesresolvers.letsencrypt.acme.email=tibo.depeuter@telenet.be" "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" # Additional routes ]; ports = [ "80:80/tcp" "443:443/tcp" # "8080:8080/tcp" # The Web UI (enabled by --api.insecure=true) ]; environment = { # TODO Hide this! "CLOUDFLARE_DNS_API_TOKEN" = "6Vz64Op_a6Ls1ljGeBxFoOVfQ-yB-svRbf6OyPv2"; }; environmentFiles = [ ]; volumes = [ "/var/run/docker.sock:/var/run/docker.sock:ro" # So that Traefik can listen to the Docker events "letsencrypt:/letsencrypt" ]; labels = { "traefik.enable" = "true"; "traefik.http.routers.traefik.rule" = "Host(`traefik.isabel.depeuter.dev`)"; "traefik.http.services.traefik.loadbalancer.server.port" = "8080"; }; autoStart = true; }; feishin = { hostname = "feishin"; image = "ghcr.io/jeffvli/feishin:0.7.1"; ports = [ # "9180:9180/tcp" # Web player (HTTP) ]; environment = { # pre defined server name SERVER_NAME = "Hugo"; # When true AND name/type/url are set, only username/password can be toggled SERVER_LOCK = "true"; # navidrome also works SERVER_TYPE = "jellyfin"; # http://address:port SERVER_URL= "https://jelly.depeuter.dev"; TZ = config.time.timeZone; }; labels = { "traefik.enable" = "true"; "traefik.http.routers.feishin.rule" = "Host(`music.depeuter.dev`)"; "traefik.http.services.feishin.loadbalancer.server.port" = "9180"; "traefik.tls.options.default.minVersion" = "VersionTLS13"; }; autoStart = true; }; dashboard = { hostname = "dashboard"; image = "ghcr.io/gethomepage/homepage:v0.9.3"; ports = [ # "3000:3000/tcp" ]; volumes = [ "/etc/homepage:/app/config" # Make sure your local config directory exists "/var/run/docker.sock:/var/run/docker.sock:ro" # optional, for docker integrations ]; labels = { "traefik.enable" = "true"; "traefik.http.routers.dashboard.rule" = "Host(`dash.depeuter.dev`)"; "traefik.http.services.dashboard.loadbalancer.server.port" = "3000"; "traefik.tls.options.default.minVersion" = "VersionTLS13"; }; autoStart = true; }; prometheus = { hostname = "prometheus"; image = "prom/prometheus:v2.45.6"; ports = [ # "127.0.0.1:9090:9090/tcp" ]; labels = { "traefik.enable" = "true"; "traefik.http.routers.prometheus.rule" = "Host(`prometheus.isabel.depeuter.dev`)"; "traefik.http.services.prometheus.loadbalancer.server.port" = "9090"; "traefik.tls.options.default.minVersion" = "VersionTLS13"; }; autoStart = true; }; }; }; }; }