sora/nixconfig
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Releases Activity

Fix overlays

Browse Source
This commit is contained in:
soraefir 2023-11-17 09:55:29 +01:00
parent a2ad5dd5a7
commit da69a21100
Signed by: sora
GPG Key ID: A362EA0491E2EEA0
4 changed files with 37 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/home/gui/games/default.nix
View File

@ -5,7 +5,7 @@
config = lib.mkIf (config.homecfg.make.game) { config = lib.mkIf (config.homecfg.make.game) {
home.packages = with pkgs; [ home.packages = with pkgs; [
# custom.simc # custom.simc
#games #games
steam steam

38
modules/nixos/system/network/wireguard/default.nix
View File

@ -1,19 +1,19 @@
{ config, ... }: { { config, ... }: {
networking.wireguard = { networking.wireguard = {
enable = true; enable = true;
interfaces = { interfaces = {
wg0 = { wg0 = {
ips = [ config.hostcfg.net.wg.ip4 config.hostcfg.net.wg.ip6 ]; ips = [ config.hostcfg.net.wg.ip4 config.hostcfg.net.wg.ip6 ];
privateKeyFile = config.hostcfg.net.wg.pk; privateKeyFile = config.hostcfg.net.wg.pk;
listenPort = 1515; listenPort = 1515;
mtu = 1340; mtu = 1340;
peers = [{ peers = [{
allowedIPs = [ "10.10.1.0/24" "fd10:10:10::0/64" ]; allowedIPs = [ "10.10.1.0/24" "fd10:10:10::0/64" ];
endpoint = "vpn.helcel.net:1515"; endpoint = "vpn.helcel.net:1515";
publicKey = "NFBJvYXZC+bd62jhrKnM7/pugidWhgR6+C5qIiUiq3Q="; publicKey = "NFBJvYXZC+bd62jhrKnM7/pugidWhgR6+C5qIiUiq3Q=";
persistentKeepalive = 30; persistentKeepalive = 30;
}]; }];
}; };
}; };
}; };
} }

4
systems/avalon/server/docker/authentik.nix
View File

@ -54,7 +54,7 @@ in {
"AUTHENTIK_POSTGRESQL__HOST" = "auth_postgresql"; "AUTHENTIK_POSTGRESQL__HOST" = "auth_postgresql";
"AUTHENTIK_POSTGRESQL__USER" = "authentik"; "AUTHENTIK_POSTGRESQL__USER" = "authentik";
"AUTHENTIK_POSTGRESQL__NAME" = "authentik"; "AUTHENTIK_POSTGRESQL__NAME" = "authentik";
"AUTHENTIK_POSTGRESQL__PASSWORD" ="AUTHENTIK_DB_PASSWORD"; "AUTHENTIK_POSTGRESQL__PASSWORD" = "AUTHENTIK_DB_PASSWORD";
"AUTHENTIK_SECRET_KEY" = "AUTHENTIK_SECRET_KEY"; "AUTHENTIK_SECRET_KEY" = "AUTHENTIK_SECRET_KEY";
"AUTHENTIK_EMAIL__HOST" = "${MAIL_SERVER_DOMAIN}"; "AUTHENTIK_EMAIL__HOST" = "${MAIL_SERVER_DOMAIN}";
"AUTHENTIK_EMAIL__PORT" = "587"; "AUTHENTIK_EMAIL__PORT" = "587";
@ -94,7 +94,7 @@ in {
"AUTHENTIK_POSTGRESQL__HOST" = "auth_postgresql"; "AUTHENTIK_POSTGRESQL__HOST" = "auth_postgresql";
"AUTHENTIK_POSTGRESQL__USER" = "authentik"; "AUTHENTIK_POSTGRESQL__USER" = "authentik";
"AUTHENTIK_POSTGRESQL__NAME" = "authentik"; "AUTHENTIK_POSTGRESQL__NAME" = "authentik";
"AUTHENTIK_POSTGRESQL__PASSWORD" ="AUTHENTIK_DB_PASSWORD"; "AUTHENTIK_POSTGRESQL__PASSWORD" = "AUTHENTIK_DB_PASSWORD";
"AUTHENTIK_SECRET_KEY" = "AUTHENTIK_SECRET_KEY"; "AUTHENTIK_SECRET_KEY" = "AUTHENTIK_SECRET_KEY";
}; };
labels = { "traefik.enable" = "false"; }; labels = { "traefik.enable" = "false"; };

25
systems/avalon/server/docker/cloud.nix
View File

@ -24,7 +24,7 @@ in {
container_name = "cloud"; container_name = "cloud";
restart = "unless-stopped"; restart = "unless-stopped";
networks = [ "external" ]; networks = [ "external" ];
volumes = [ volumes = [
"${DATA_PATH}/data/nextcloud:/var/www/html" "${DATA_PATH}/data/nextcloud:/var/www/html"
"${DATA_PATH}/data/music:/media/music" "${DATA_PATH}/data/music:/media/music"
"${DATA_PATH}/data/video:/media/video" "${DATA_PATH}/data/video:/media/video"
@ -36,13 +36,18 @@ in {
"traefik.http.routers.nextcloud.entrypoints" = "web-secure"; "traefik.http.routers.nextcloud.entrypoints" = "web-secure";
"traefik.http.routers.nextcloud.rule" = "Host(`cloud.${HOST_DOMAIN}`)"; "traefik.http.routers.nextcloud.rule" = "Host(`cloud.${HOST_DOMAIN}`)";
"traefik.http.routers.nextcloud.tls" = "true"; "traefik.http.routers.nextcloud.tls" = "true";
"traefik.http.routers.nextcloud.middlewares" = "sts_headers,nextcloud-caldav"; "traefik.http.routers.nextcloud.middlewares" =
"sts_headers,nextcloud-caldav";
"traefik.http.middlewares.nextcloud-caldav.redirectregex.permanent" = "true"; "traefik.http.middlewares.nextcloud-caldav.redirectregex.permanent" =
"traefik.http.middlewares.nextcloud-caldav.redirectregex.regex" = "^https://(.*)/.well-known/(card|cal)dav"; "true";
"traefik.http.middlewares.nextcloud-caldav.redirectregex.replacement" = "https://$\${1}/remote.php/dav/"; "traefik.http.middlewares.nextcloud-caldav.redirectregex.regex" =
"^https://(.*)/.well-known/(card|cal)dav";
"traefik.http.middlewares.nextcloud-caldav.redirectregex.replacement" =
"https://$\${1}/remote.php/dav/";
"traefik.http.middlewares.sts_headers.headers.stsSeconds" = "15552000"; "traefik.http.middlewares.sts_headers.headers.stsSeconds" = "15552000";
"traefik.http.middlewares.sts_headers.headers.stsIncludeSubdomains" = "true"; "traefik.http.middlewares.sts_headers.headers.stsIncludeSubdomains" =
"true";
}; };
}; };
@ -79,11 +84,11 @@ in {
container_name = "etherpad"; container_name = "etherpad";
restart = "unless-stopped"; restart = "unless-stopped";
networks = [ "external" ]; networks = [ "external" ];
volumes = [ volumes = [
"${DATA_PATH}/ether/etherpad/data:/opt/etherpad-lite/var" "${DATA_PATH}/ether/etherpad/data:/opt/etherpad-lite/var"
"/${DATA_PATH}/ether/etherpad/APIKEY.txt:/opt/etherpad-lite/APIKEY.txt" "/${DATA_PATH}/ether/etherpad/APIKEY.txt:/opt/etherpad-lite/APIKEY.txt"
]; ];
environment = { environment = {
NODE_ENV = "production"; NODE_ENV = "production";
TITLE = "Helcel-Pad"; TITLE = "Helcel-Pad";
DB_TYPE = "mysql"; DB_TYPE = "mysql";
@ -112,11 +117,11 @@ in {
container_name = "ethercalc"; container_name = "ethercalc";
restart = "unless-stopped"; restart = "unless-stopped";
networks = [ "external" "internal" ]; networks = [ "external" "internal" ];
volumes = [ volumes = [
"${DATA_PATH}/ether/etherpad/data:/opt/etherpad-lite/var" "${DATA_PATH}/ether/etherpad/data:/opt/etherpad-lite/var"
"/${DATA_PATH}/ether/etherpad/APIKEY.txt:/opt/etherpad-lite/APIKEY.txt" "/${DATA_PATH}/ether/etherpad/APIKEY.txt:/opt/etherpad-lite/APIKEY.txt"
]; ];
environment = { environment = {
NODE_ENV = "production"; NODE_ENV = "production";
TITLE = "Helcel-Calc"; TITLE = "Helcel-Calc";
REDIS_PORT_6379_TCP_ADDR = "redis"; REDIS_PORT_6379_TCP_ADDR = "redis";