sora/nixconfig
1
0
Fork 1
Code Issues 2 Pull Requests Actions Releases Activity

Merge remote-tracking branch 'ext/dev' into dev

Browse Source
This commit is contained in:
soraefir
2026-06-17 21:25:04 +02:00
parent 9936f538e1 ece075ffaf
commit 0611ab0077
5 changed files with 147 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/nixos/system/network/base/default.nix
View File

@@ -4,7 +4,6 @@
useDHCP = true; useDHCP = true;
nameservers = [ "1.1.1.1" "9.9.9.9" ]; nameservers = [ "1.1.1.1" "9.9.9.9" ];
dhcpcd = { dhcpcd = {
enable = true;
wait = "background"; wait = "background";
}; };

55
modules/server/containers/apps/drawio.nix Normal file
View File

@@ -0,0 +1,55 @@
{ config, containerCfg, pkgs, lib, builder, name, ... }:
let
version = "latest";
serverCfg = config.syscfg.server;
in
{
runtime = {
paths = [
{
path = "${serverCfg.path.data.path}/drawio/";
owner = "root:root";
mode = "0777";
}
];
containers = {
server = builder.mkContainer {
subdomain = containerCfg.subdomain;
image = "jgraph/drawio:${version}";
port = 8080;
extraEnv = {
VIRTUAL_HOST = "${containerCfg.subdomain}.${serverCfg.domain}";
VIRTUAL_PORT = "8080";
LETS_ENCRYPT_ENABLED = "false";
DRAWIO_SERVER_URL = "https://${containerCfg.subdomain}.${serverCfg.domain}";
DRAWIO_SELF_CONTAINED = "1";
EXPORT_URL = "http://drawio-exporter:8000/";
DRAWIO_CONFIG = ''
{
"defaultFonts": [
"Helvetica", "Arial", "Verdana",
"IBM Plex Mono",
"IBM Plex Sans",
"Noto Sans",
"Latin Modern Math"
]
}
'';
};
overrides = {
ports = ["8080:8080"];
};
};
exporter = builder.mkContainer {
image = "jgraph/export-server:${version}";
extraEnv = {
DRAWIO_SERVER_URL = "https://${containerCfg.subdomain}.${serverCfg.domain}";
};
overrides = {
volumes = ["/run/current-system/sw/share/X11/fonts:/usr/share/fonts/drawio:ro" "/nix/store:/nix/store:ro"];
};
};
};
};
}

35
modules/server/containers/apps/excalidraw.nix Normal file
View File

@@ -0,0 +1,35 @@
{ config, containerCfg, pkgs, lib, builder, name,... }:
let
version = "latest";
serverCfg = config.syscfg.server;
in {
runtime = {
paths = [{
path="${serverCfg.path.data.path}/excalidraw/";
owner = "root:root";
mode = "0777";
}];
containers = {
server = builder.mkContainer {
subdomain = containerCfg.subdomain;
image = "excalidraw/excalidraw:${version}";
port = 80;
tmpfs = true;
# secret = name;
extraEnv = {
NODE_ENV="production";
VITE_APP_WS_SERVER_URL="${containerCfg.subdomain}.${serverCfg.domain}";
};
extraLabels = {
};
overrides = {
volumes = [
"${serverCfg.path.data.path}/excalidraw:/app/data"
];
};
};
};
};
}

5
modules/server/containers/apps/influx.nix
View File

@@ -111,6 +111,11 @@ in {
GF_LIVE_HA_ENGINE_ADRESS = "${builder.host}:6379"; GF_LIVE_HA_ENGINE_ADRESS = "${builder.host}:6379";
DEFAULT_INFLUX_SERVER = "http://${builder.host}:8181"; DEFAULT_INFLUX_SERVER = "http://${builder.host}:8181";
}; };
extraLabels = {
"traefik.http.routers.grafana-pub.rule" = "Host(`${containerCfg.subdomain}.${serverCfg.domain}`) && PathPrefix(`/public-dashboards`)";
"traefik.http.routers.grafana-pub.entrypoints" = "web-secure";
"traefik.http.routers.grafana-pub.tls" = "true";
};
overrides = { overrides = {
user = "1500:1500"; user = "1500:1500";
environmentFiles = [ config.sops.secrets."INFLUX".path config.sops.secrets."CUSTOM".path ] ; environmentFiles = [ config.sops.secrets."INFLUX".path config.sops.secrets."CUSTOM".path ] ;

52
modules/server/containers/apps/robotstxt.nix Normal file
View File

@@ -0,0 +1,52 @@
{ containerCfg, pkgs, builder, name, ... }:
let
port = 8080;
priority = toString (containerCfg.extra.priority or 2147482647);
defaultRobots = ''
User-agent: *
Disallow: /
'';
robots =
if containerCfg.extra ? robots then
containerCfg.extra.robots
else
defaultRobots + (containerCfg.extra.extraRobots or "");
robotsRoot = pkgs.writeTextDir "robots.txt" robots;
image = pkgs.dockerTools.streamLayeredImage {
name = "robots";
tag = "1";
contents = [
robotsRoot
pkgs.busybox
];
config = {
Entrypoint = [
"${pkgs.busybox}/bin/httpd"
"-f"
"-p"
"0.0.0.0:${toString port}"
"-h"
"${robotsRoot}"
];
ExposedPorts = { "${toString port}/tcp" = { }; };
WorkingDir = "/";
};
};
in {
runtime = {
containers = {
server = builder.mkContainer {
imageStream = image;
port = port;
extraLabels = {
"traefik.enable" = "true";
"traefik.http.routers.${name}.entrypoints" = "web-secure";
"traefik.http.routers.${name}.rule" = "Path(`/robots.txt`)";
"traefik.http.routers.${name}.priority" = priority;
"traefik.http.routers.${name}.tls" = "true";
"traefik.http.services.${name}.loadbalancer.server.port" = toString port;
};
};
};
};
}