chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: chris:2bbbe034447cac485b2dd04723b4f8de8ab28f58
Branches Tags
chris:main
chris:experimental/clan
chris:feature/convex
chris:feature/nix-anywhere
...
compare: chris:01fb98ba10ebc098edcbe256b9766650297bd911
Branches Tags
chris:main
chris:experimental/clan
chris:feature/convex
chris:feature/nix-anywhere

2 commits
2bbbe03444 ... 01fb98ba10

Author SHA1 Message Date
Chris Kruining
01fb98ba10
various fixes
Some checks failed
Test action / kaas (push) Failing after 1s
Details
2026-03-24 07:30:41 +01:00
Chris Kruining
51adeb02e6
fix a load of stuff 2026-03-23 15:09:58 +01:00
4 changed files with 49 additions and 89 deletions
Download patch file Download diff file Expand all files Collapse all files

8
.just/machine.just
View file

@ -11,4 +11,10 @@
cd .. && just vars _check {{ machine }}
echo ""
just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')"
nixos-rebuild switch -L --sudo --target-host {{ machine }} --build-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json
nixos-rebuild switch -L --sudo --target-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json
[doc('Check if target machine builds')]
[no-exit-message]
@check machine:
just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')"
nix build ..#nixosConfigurations.{{ machine }}.config.system.build.toplevel

2
modules/nixos/services/media/glance/default.nix
View file

@ -15,7 +15,7 @@ in {
config = mkIf cfg.enable {
${namespace}.services.networking.caddy.hosts = {
"https://${config.networking.hostName}:443" = ''
reverse_proxy http://[::]:2000
reverse_proxy http://[::1]:2000
'';
};

118
modules/nixos/services/media/servarr/default.nix
View file

@ -80,18 +80,7 @@ in {
enable = true;
openFirewall = true;
webuiPort = 2008;
serverConfig = {
LegalNotice.Accepted = true;
Prefecences.WebUI = {
AlternativeUIEnabled = true;
RootFolder = "''${pkgs.vuetorrent}/share/vuetorrent";
Username = "admin";
Password_PBKDF2 = "@ByteArray(Yhyk8fzgSHuKcgcmIxhYzg==:9njltqI5znb98+n+eOqUvpe4xYj6Dcub994o2fe9kpTa1fczMdHf/fNoifLaGmEf69xkTNSztEuh6BqcR4/CbQ==)"; #config.sops.secrets."qbittorrent/password_hash".path;
};
};
serverConfig = lib.mkForce {};
user = "qbittorrent";
group = "media";
@ -110,7 +99,9 @@ in {
settings = {
misc = {
host = "0.0.0.0";
port = 2009;
host_whitelist = "${config.networking.hostName}";
download_dir = "/var/media/downloads/incomplete";
complete_dir = "/var/media/downloads/done";
@ -246,7 +237,7 @@ in {
host = "localhost";
api_key = lib.tfRef "var.sabnzbd_api_key";
url_base = "/";
port = 8080;
port = 2009;
};
};
}
@ -326,77 +317,6 @@ in {
}
];
};
# "_1337x" = {
# enable = true;
# app_profile_id = 1;
# priority = 1;
# name = "1337x";
# implementation = "Cardigann";
# config_contract = "CardigannSettings";
# protocol = "torrent";
# tags = [1];
# fields = [
# {
# name = "definitionFile";
# text_value = "1337x";
# }
# {
# name = "baseSettings.limitsUnit";
# number_value = 0;
# }
# {
# name = "torrentBaseSettings.preferMagnetUrl";
# bool_value = false;
# }
# {
# name = "disablesort";
# bool_value = false;
# }
# {
# name = "sort";
# number_value = 2;
# }
# {
# name = "type";
# number_value = 1;
# }
# ];
# };
# "nzbgeek" = {
# enable = true;
# app_profile_id = 2;
# priority = 1;
# name = "NZBgeek";
# implementation = "Newznab";
# config_contract = "NewznabSettings";
# protocol = "usenet";
# fields = [
# {
# name = "baseUrl";
# text_value = "https://api.nzbgeek.info";
# }
# {
# name = "apiPath";
# text_value = "/api";
# }
# {
# name = "apiKey";
# text_value = "__TODO_API_KEY_SECRET__";
# }
# {
# name = "baseSettings.limitsUnit";
# number_value = 5;
# }
# ];
# };
};
}
]
@ -425,7 +345,7 @@ in {
# Sleep for a bit to give the service a chance to start up
sleep 5s
if [ "$(systemctl is-active ${service})" != "active" ]; then
if [ "$(systemctl is-active "${service}")" != "active" ]; then
echo "${service} is not running"
exit 1
fi
@ -464,6 +384,18 @@ in {
}))
|> lib.mkMerge;
system.activationScripts.qbittorrent-config = {
deps = lib.optional (!config.sops.useSystemdActivation) "setupSecrets";
# TODO: If sops-nix is switched to systemd activation, add a systemd unit
# for this install step that runs after sops-install-secrets.service,
# because this activation-script dependency only orders against setupSecrets.
text = ''
install -Dm0600 -o ${config.services.qbittorrent.user} -g ${config.services.qbittorrent.group} \
${config.sops.templates."qbittorrent/qBittorrent.conf".path} \
${config.services.qbittorrent.profileDir}/qBittorrent/config/qBittorrent.conf
'';
};
users =
cfg
|> lib.mapAttrsToList (service: {enable, ...}: (mkIf enable {
@ -532,6 +464,22 @@ in {
sabnzbd_api_key = "${config.sops.placeholder."sabnzbd/apikey"}"
'';
};
"qbittorrent/qBittorrent.conf" = {
owner = "qbittorrent";
group = "media";
mode = "0600";
restartUnits = ["qbittorrent.service"];
content = ''
[LegalNotice]
Accepted=true
[Preferences]
WebUI\AlternativeUIEnabled=true
WebUI\RootFolder=${pkgs.vuetorrent}/share/vuetorrent
WebUI\Username=admin
WebUI\Password_PBKDF2=${config.sops.placeholder."qbittorrent/password_hash"}
'';
};
"sabnzbd/config.ini" = {
owner = "sabnzbd";
group = "media";

10
systems/x86_64-linux/orome/default.nix
View file

@ -1,16 +1,22 @@
{ ... }:
{
{pkgs, ...}: {
imports = [
./disks.nix
./hardware.nix
];
environment.systemPackages = with pkgs; [
azure-cli
github-copilot-cli
];
sneeuwvlok = {
hardware.has = {
bluetooth = true;
audio = true;
};
authentication.himmelblau.enable = true;
application = {
steam.enable = true;
};