cnst/cnix
1
0
Fork 0
Code Issues Pull Requests Activity

feat(refactor): WIP 2.0 some progress

Browse Source
This commit is contained in:
cnst
2025-10-13 21:13:53 +02:00
parent d2bd385367
commit 63f495fa0d
18 changed files with 653 additions and 612 deletions
Download Patch File Download Diff File Expand all files Collapse all files

207
hosts/default.nix
View File

@@ -4,114 +4,111 @@
homeImports,
self,
...
}:
{
flake.nixosConfigurations =
let
cLib = import ../lib inputs.nixpkgs.lib;
userConfig = "${self}/home";
systemConfig = "${self}/system";
hostConfig = "${self}/hosts";
}: {
flake.nixosConfigurations = let
cLib = import ../lib inputs.nixpkgs.lib;
userConfig = "${self}/home";
systemConfig = "${self}/system";
hostConfig = "${self}/hosts";
cnstConfig = "${self}/users/cnst";
toothpickConfig = "${self}/users/toothpick";
cnstConfig = "${self}/users/cnst";
toothpickConfig = "${self}/users/toothpick";
umodPath = "${self}/modules/home";
smodPath = "${self}/modules/system";
umodPath = "${self}/modules/home";
smodPath = "${self}/modules/system";
inherit (inputs.nixpkgs.lib) nixosSystem;
inherit (self) outputs;
inherit (inputs.nixpkgs.lib) nixosSystem;
inherit (self) outputs;
specialArgs = {
inherit
cLib
inputs
outputs
self
userConfig
systemConfig
hostConfig
cnstConfig
toothpickConfig
umodPath
smodPath
;
};
in
{
kima = nixosSystem {
inherit specialArgs;
modules = [
./kima
"${self}/nix"
{
home-manager = {
users.cnst.imports = homeImports."cnst@kima";
extraSpecialArgs = specialArgs;
};
}
self.nixosModules.nixos
self.nixosModules.settings
inputs.chaotic.nixosModules.default
inputs.agenix.nixosModules.default
];
};
bunk = nixosSystem {
inherit specialArgs;
modules = [
./bunk
"${self}/nix"
{
home-manager = {
users.cnst.imports = homeImports."cnst@bunk";
extraSpecialArgs = specialArgs;
};
}
self.nixosModules.nixos
self.nixosModules.settings
inputs.chaotic.nixosModules.default
inputs.agenix.nixosModules.default
];
};
sobotka = nixosSystem {
inherit specialArgs;
modules = [
./sobotka
"${self}/nix"
self.nixosModules.nixos
self.nixosModules.settings
self.nixosModules.server
inputs.agenix.nixosModules.default
inputs.authentik.nixosModules.default
];
};
ziggy = nixosSystem {
inherit specialArgs;
modules = [
./ziggy
"${self}/nix"
self.nixosModules.nixos
self.nixosModules.settings
self.nixosModules.server
inputs.agenix.nixosModules.default
];
};
toothpc = nixosSystem {
inherit specialArgs;
modules = [
./toothpc
"${self}/nix"
{
home-manager = {
users.toothpick.imports = homeImports."toothpick@toothpc";
extraSpecialArgs = specialArgs;
};
}
self.nixosModules.nixos
self.nixosModules.settings
inputs.chaotic.nixosModules.default
inputs.agenix.nixosModules.default
];
};
specialArgs = {
inherit
cLib
inputs
outputs
self
userConfig
systemConfig
hostConfig
cnstConfig
toothpickConfig
umodPath
smodPath
;
};
in {
kima = nixosSystem {
inherit specialArgs;
modules = [
./kima
"${self}/nix"
{
home-manager = {
users.cnst.imports = homeImports."cnst@kima";
extraSpecialArgs = specialArgs;
};
}
self.nixosModules.nixos
self.nixosModules.settings
inputs.chaotic.nixosModules.default
inputs.agenix.nixosModules.default
];
};
bunk = nixosSystem {
inherit specialArgs;
modules = [
./bunk
"${self}/nix"
{
home-manager = {
users.cnst.imports = homeImports."cnst@bunk";
extraSpecialArgs = specialArgs;
};
}
self.nixosModules.nixos
self.nixosModules.settings
inputs.chaotic.nixosModules.default
inputs.agenix.nixosModules.default
];
};
sobotka = nixosSystem {
inherit specialArgs;
modules = [
./sobotka
"${self}/nix"
self.nixosModules.nixos
self.nixosModules.settings
self.nixosModules.server
inputs.agenix.nixosModules.default
inputs.authentik.nixosModules.default
];
};
ziggy = nixosSystem {
inherit specialArgs;
modules = [
./ziggy
"${self}/nix"
self.nixosModules.nixos
self.nixosModules.settings
self.nixosModules.server
inputs.agenix.nixosModules.default
];
};
toothpc = nixosSystem {
inherit specialArgs;
modules = [
./toothpc
"${self}/nix"
{
home-manager = {
users.toothpick.imports = homeImports."toothpick@toothpc";
extraSpecialArgs = specialArgs;
};
}
self.nixosModules.nixos
self.nixosModules.settings
inputs.chaotic.nixosModules.default
inputs.agenix.nixosModules.default
];
};
};
}

359
hosts/sobotka/server.nix
View File

@@ -55,160 +55,159 @@
};
services = {
# homepage-dashboard = {
# enable = true;
# subdomain = "";
# port = "8082";
# };
# n8n = {
# enable = true;
# subdomain = "n8n";
# port = "5678";
# homepage = {
# name = "n8n";
# description = "A workflow automation platform";
# icon = "n8n.svg";
# category = "Services";
# };
# };
# bazarr = {
# enable = true;
# subdomain = "bazarr";
# port = 6767;
# homepage = {
# name = "Bazarr";
# description = "Subtitle manager";
# icon = "bazarr.svg";
# category = "Arr";
# };
# };
# prowlarr = {
# enable = true;
# subdomain = "prowlarr";
# port = 9696;
# homepage = {
# name = "prowlarr";
# description = "PVR indexer";
# icon = "prowlarr.svg";
# category = "Arr";
# };
# };
# flaresolverr = {
# enable = true;
# subdomain = "flaresolverr";
# port = 8191;
# homepage = {
# name = "FlareSolverr";
# description = "Proxy to bypass Cloudflare/DDoS-GUARD protection";
# icon = "flaresolverr.svg";
# category = "Arr";
# };
# };
# lidarr = {
# enable = true;
# subdomain = "lidarr";
# port = 8686;
# homepage = {
# name = "Lidarr";
# description = "Music collection manager";
# icon = "lidarr.svg";
# category = "Arr";
# };
# };
# sonarr = {
# enable = true;
# subdomain = "sonarr";
# port = 8989;
# homepage = {
# name = "Sonarr";
# description = "Internet PVR for Usenet and Torrents";
# icon = "sonarr.svg";
# category = "Arr";
# };
# };
# radarr = {
# enable = true;
# subdomain = "radarr";
# port = 7878;
# homepage = {
# name = "Radarr";
# description = "Movie collection manager";
# icon = "radarr.svg";
# category = "Arr";
# };
# };
# jellyseerr = {
# enable = true;
# subdomain = "jellyseerr";
# port = 5055;
# homepage = {
# name = "Jellyseerr";
# description = "Media request and discovery manager";
# icon = "jellyserr.svg";
# category = "Arr";
# };
# };
# jellyfin = {
# enable = true;
# subdomain = "fin";
# exposure = "tailscale";
# port = 8096;
# homepage = {
# name = "Jellyfin";
# description = "The Free Software Media System";
# icon = "jellyfin.svg";
# category = "Media";
# };
# };
# uptime-kuma = {
# enable = true;
# subdomain = "uptime";
# port = 3001;
# homepage = {
# name = "Uptime Kuma";
# description = "Service monitoring tool";
# icon = "uptime-kuma.svg";
# category = "Services";
# };
# };
# gitea = {
# enable = true;
# subdomain = "git";
# exposure = "tunnel";
# port = 5003;
# cloudflared = {
# tunnelId = "33e2fb8e-ecef-4d42-b845-6d15e216e448";
# credentialsFile = config.age.secrets.giteaCloudflared.path;
# };
# homepage = {
# name = "Gitea";
# description = "Git with a cup of tea";
# icon = "gitea.svg";
# category = "Services";
# };
# };
homepage-dashboard = {
enable = true;
subdomain = "";
port = 8082;
};
n8n = {
enable = true;
subdomain = "n8n";
port = 5678;
homepage = {
name = "n8n";
description = "A workflow automation platform";
icon = "n8n.svg";
category = "Services";
};
};
bazarr = {
enable = true;
subdomain = "bazarr";
port = 6767;
homepage = {
name = "Bazarr";
description = "Subtitle manager";
icon = "bazarr.svg";
category = "Arr";
};
};
prowlarr = {
enable = true;
subdomain = "prowlarr";
port = 9696;
homepage = {
name = "prowlarr";
description = "PVR indexer";
icon = "prowlarr.svg";
category = "Arr";
};
};
flaresolverr = {
enable = true;
subdomain = "flaresolverr";
port = 8191;
homepage = {
name = "FlareSolverr";
description = "Proxy to bypass Cloudflare/DDoS-GUARD protection";
icon = "flaresolverr.svg";
category = "Arr";
};
};
lidarr = {
enable = true;
subdomain = "lidarr";
port = 8686;
homepage = {
name = "Lidarr";
description = "Music collection manager";
icon = "lidarr.svg";
category = "Arr";
};
};
sonarr = {
enable = true;
subdomain = "sonarr";
port = 8989;
homepage = {
name = "Sonarr";
description = "Internet PVR for Usenet and Torrents";
icon = "sonarr.svg";
category = "Arr";
};
};
radarr = {
enable = true;
subdomain = "radarr";
port = 7878;
homepage = {
name = "Radarr";
description = "Movie collection manager";
icon = "radarr.svg";
category = "Arr";
};
};
jellyseerr = {
enable = true;
subdomain = "jellyseerr";
port = 5055;
homepage = {
name = "Jellyseerr";
description = "Media request and discovery manager";
icon = "jellyserr.svg";
category = "Arr";
};
};
jellyfin = {
enable = true;
subdomain = "fin";
exposure = "tailscale";
port = 8096;
homepage = {
name = "Jellyfin";
description = "The Free Software Media System";
icon = "jellyfin.svg";
category = "Media";
};
};
uptime-kuma = {
enable = true;
subdomain = "uptime";
port = 3001;
homepage = {
name = "Uptime Kuma";
description = "Service monitoring tool";
icon = "uptime-kuma.svg";
category = "Services";
};
};
gitea = {
enable = true;
subdomain = "git";
exposure = "tunnel";
port = 5003;
cloudflared = {
tunnelId = "33e2fb8e-ecef-4d42-b845-6d15e216e448";
credentialsFile = config.age.secrets.giteaCloudflared.path;
};
homepage = {
name = "Gitea";
description = "Git with a cup of tea";
icon = "gitea.svg";
category = "Services";
};
};
vaultwarden = {
enable = true;
# subdomain = "vault";
# exposure = "tunnel";
# port = 8222;
# cloudflared = {
# tunnelId = "fdd98086-6a4c-44f2-bba0-eb86b833cce5";
# credentialsFile = config.age.secrets.vaultwardenCloudflared.path;
# };
# homepage = {
# name = "Vaultwarden";
# description = "Password manager";
# icon = "vaultwarden.svg";
# category = "Services";
# };
subdomain = "vault";
exposure = "tunnel";
port = 8222;
cloudflared = {
tunnelId = "fdd98086-6a4c-44f2-bba0-eb86b833cce5";
credentialsFile = config.age.secrets.vaultwardenCloudflared.path;
};
homepage = {
name = "Vaultwarden";
description = "Password manager";
icon = "vaultwarden.svg";
category = "Services";
};
};
nextcloud = {
enable = true;
subdomain = "cloud";
exposure = "local";
port = 8182;
adminpassFile = config.age.secrets.nextcloudAdminPass.path;
homepage = {
name = "Nextcloud";
description = "A safe home for all your data";
@@ -216,40 +215,40 @@
category = "Services";
};
};
# qbittorrent = {
# enable = true;
# subdomain = "qbt";
# port = 8080;
# homepage = {
# name = "qBittorrent";
# description = "Torrent client";
# icon = "qbittorrent.svg";
# category = "Downloads";
# };
# };
# slskd = {
# enable = true;
# subdomain = "slskd";
# port = 5030;
# homepage = {
# name = "Soulseek";
# description = "Web-based Soulseek client";
# icon = "slskd.svg";
# category = "Downloads";
# };
# };
# pihole = {
# enable = true;
# subdomain = "pihole";
# port = 8053;
# homepage = {
# name = "PiHole";
# description = "Adblocking and DNS service";
# icon = "pi-hole.svg";
# category = "Services";
# path = "/admin";
# };
# };
qbittorrent = {
enable = true;
subdomain = "qbt";
port = 8080;
homepage = {
name = "qBittorrent";
description = "Torrent client";
icon = "qbittorrent.svg";
category = "Downloads";
};
};
slskd = {
enable = true;
subdomain = "slskd";
port = 5030;
homepage = {
name = "Soulseek";
description = "Web-based Soulseek client";
icon = "slskd.svg";
category = "Downloads";
};
};
pihole = {
enable = true;
subdomain = "pihole";
port = 8053;
homepage = {
name = "PiHole";
description = "Adblocking and DNS service";
icon = "pi-hole.svg";
category = "Services";
path = "/admin";
};
};
};
};
}