Wekuz/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: Wekuz:main
Branches Tags
Wekuz:main
Wekuz:murg
..
compare: Wekuz:murg
Branches Tags
Wekuz:main
Wekuz:murg

3 commits
main ... murg

Author SHA1 Message Date
Wekuz
6a967394b3
Add Drupal 2026-03-11 22:47:42 +02:00
Wekuz
767dac0b77
# Enable Docker 2026-02-09 18:51:48 +02:00
Wekuz
4c466cc644
# Use fastfetch instead of neofetch 2026-02-09 18:50:01 +02:00
4 changed files with 31 additions and 241 deletions
Show stats Expand all files Collapse all files

18
flake.nix
View file

@ -3,7 +3,6 @@
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-25.11"; url = "github:nix-community/home-manager/release-25.11";
@ -29,7 +28,6 @@
outputs = outputs =
{ {
nixpkgs, nixpkgs,
nixpkgs-unstable,
home-manager, home-manager,
sops-nix, sops-nix,
disko, disko,
@ -40,22 +38,6 @@
plexy = nixpkgs.lib.nixosSystem { plexy = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
{
nixpkgs = {
overlays = [
(final: prev: {
unstable = import nixpkgs-unstable {
inherit (final) config;
inherit (final.stdenv.hostPlatform) system;
};
})
];
};
}
{
disabledModules = [ "services/misc/jellyseerr.nix" ];
}
(import "${nixpkgs-unstable}/nixos/modules/services/misc/seerr.nix")
./hosts/plexy ./hosts/plexy
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {

200
hosts/plexy/default.nix
View file

@ -41,7 +41,7 @@
configurationLimit = 8; configurationLimit = 8;
}; };
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
timeout = 0; timeout = 1;
}; };
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";
@ -49,9 +49,8 @@
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [
intel-media-driver # VAAPI intel-media-driver
intel-compute-runtime # OpenCL intel-vaapi-driver
libvdpau-va-gl # VDPAU
]; ];
}; };
@ -65,16 +64,10 @@
22 22
80 80
443 443
873 # rsyncd
5055 # Seerr
5201 # iperf3 5201 # iperf3
8096 # Jellyfin
15835 # Glance 15835 # Glance
15836 # qBittorrent (Web UI) 14789 # LibreBooking
15837 # Radarr 14788 # Drupal
15838 # Sonarr
15839 # Prowlarr
17650 # qBittorrent (torrent)
]; ];
}; };
@ -87,18 +80,11 @@
secrets = { secrets = {
"vaultwarden.env" = { }; "vaultwarden.env" = { };
"rsyncd.secrets" = { };
}; };
}; };
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
environment.systemPackages = [
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
services = { services = {
openssh = { openssh = {
enable = true; enable = true;
@ -108,33 +94,6 @@
iperf3 = { iperf3 = {
enable = true; enable = true;
}; };
rsyncd = {
enable = true;
settings = {
globalSection = {
address = "0.0.0.0";
gid = "users";
"max connections" = 5;
uid = "wekuz";
};
sections = {
media = {
path = "/storage/media";
comment = "Media storage";
"read only" = false;
"auth users" = "wekuz";
"secrets file" = config.sops.secrets."rsyncd.secrets".path;
};
torrents = {
path = "/storage/torrents";
comment = "Torrents storage";
"read only" = false;
"auth users" = "wekuz";
"secrets file" = config.sops.secrets."rsyncd.secrets".path;
};
};
};
};
vaultwarden = { vaultwarden = {
enable = true; enable = true;
environmentFile = config.sops.secrets."vaultwarden.env".path; environmentFile = config.sops.secrets."vaultwarden.env".path;
@ -152,161 +111,38 @@
enable = true; enable = true;
settings = import ./glance.nix; settings = import ./glance.nix;
}; };
jellyfin = { drupal = {
enable = true; enable = true;
}; sites = {
seerr = { "localhost" = {
enable = true; enable = true;
package = pkgs.unstable.seerr; extraConfig = ''
}; $base_url="http://192.168.1.210:14788";
qbittorrent = { '';
enable = true;
torrentingPort = 17650;
webuiPort = 15836;
serverConfig = {
Application.FileLogger = {
Enabled = true;
Path = "/var/log/qBittorrent";
Backup = true;
MaxSizeBytes = 65536;
DeleteOld = true;
Age = 14;
AgeType = 0;
};
BitTorrent.Session = {
AddTorrentStopped = false;
Preallocation = true;
AddExtensionToIncompleteFiles = false;
DisableAutoTMMByDefault = false;
MaxConnections = 1000;
MaxConnectionsPerTorrent = 200;
MaxUploads = 64;
MaxUploadsPerTorrent = 26;
GlobalDLSpeedLimit = 6000;
GlobalUPSpeedLimit = 6000;
AlternativeGlobalDLSpeedLimit = 0;
AlternativeGlobalUPSpeedLimit = 0;
BandwidthSchedulerEnabled = true;
DefaultSavePath = "/storage/torrents";
MaxActiveCheckingTorrents = 1;
QueueingSystemEnabled = true;
MaxActiveDownloads = 3;
MaxActiveUploads = 10;
MaxActiveTorrents = 200;
IgnoreSlowTorrentsForQueueing = true;
SlowTorrentsDownloadRate = 500;
SlowTorrentsUploadRate = 100;
SlowTorrentsInactivityTimer = 60;
GlobalMaxRatio = -1;
GlobalMaxSeedingMinutes = -1;
GlobalMaxInactiveSeedingMinutes = -1;
ShareLimitAction = "Stop";
Interface = "";
InterfaceAddress = "";
InterfaceName = "";
};
Network = {
PortForwardingEnabled = false;
};
Preferences = {
General = {
Locale = "en";
StatusbarExternalIPDisplayed = true;
};
Scheduler = {
end_time = "@Variant(\\0\\0\\0\\xf\\x1\\x65\\xe@)"; # 02:00
start_time = "@Variant(\\0\\0\\0\\xf\\0m\\xdd\\0)"; # 06:30
};
WebUI = {
Address = "*";
Username = "admin";
Password_PBKDF2 = "@ByteArray(IM7ih6pLNXBv6it48lI1Lg==:VyczL0q0C89RNfXkzcvdZemfXjdG53xBSY66gqIl56dA0OcrvvxOQdW8jOzvY3lFjR+WDBG3Q/ejsG4w8O5RRA==)";
LocalHostAuth = false;
}; };
}; };
Core.AutoDeleteAddedTorrentFile = "never";
LegalNotice.Accepted = true;
};
};
radarr = {
enable = true;
settings = {
server.port = 15837;
};
};
sonarr = {
enable = true;
settings = {
server.port = 15838;
};
};
prowlarr = {
enable = true;
settings = {
server.port = 15839;
};
};
flaresolverr = {
enable = true;
port = 15840;
}; };
nginx.virtualHosts."localhost".listen = [
{
addr = "0.0.0.0";
port = 14788;
}
];
}; };
environment.variables.EDITOR = "nvim"; environment.variables.EDITOR = "nvim";
users = { users.users.wekuz = {
groups = {
media = { };
};
users = {
wekuz = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ extraGroups = [
"wheel" "wheel"
"networkmanager" "networkmanager"
"docker" "docker"
"media"
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBs3aPxyJpVGytuVSO3va2WybKNFMR241o8DCJQbBEWV" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBs3aPxyJpVGytuVSO3va2WybKNFMR241o8DCJQbBEWV"
]; ];
}; };
jellyfin = {
extraGroups = [
"media"
];
};
qbittorrent = {
extraGroups = [
"media"
];
};
radarr = {
extraGroups = [
"media"
];
};
sonarr = {
extraGroups = [
"media"
];
};
};
};
systemd.tmpfiles.rules = [
"d /storage 0755 root root -"
"d /storage/media 2775 wekuz media -"
"d /storage/media/movies 2775 wekuz media -"
"d /storage/media/tv 2775 wekuz media -"
"d /storage/torrents 2775 wekuz media -"
];
system.stateVersion = "25.11"; system.stateVersion = "25.11";
} }

27
hosts/plexy/disko-config.nix
View file

@ -54,33 +54,6 @@
}; };
}; };
}; };
storagedisk = {
type = "disk";
device = "/dev/disk/by-id/ata-HGST_HUS722T2TALA604_WMC6N0P31NKZ";
content = {
type = "gpt";
partitions = {
primary = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ]; # Override existing partition
subvolumes = {
"@storage" = {
mountOptions = [
"compress=zstd"
"noatime"
];
mountpoint = "/storage";
};
};
mountpoint = "/part-storage";
};
};
};
};
};
}; };
}; };
} }

7
hosts/plexy/secrets.yaml
View file

@ -1,5 +1,4 @@
vaultwarden.env: ENC[AES256_GCM,data:PLNb5cFoJaOyUo5U/gpXH0RGVwwQxL3kCE/OLw7MaLWazuBGHIPUEhH+kDMP2cfF916D63w8Ddgb/oH+lHGCw235YwgoqZ9yjWYPG4VB2Jdw+17LeCbirdh3zv8nNzFnSZDJmhz5Pj82+iswju6sYO/H7UfZ3aeASWonKW9LGHVltKSY1rAVhZRu4SvhqPiAxNpEzN0/EDTl46RIxrgEoUraN+Ie8fh1wU9SKevExkPU3NXGO1gG2tWRxclMPgc=,iv:es40/5HpBAhOy2xmU/yCUD43fVVsAXk6qJ3OasKjK3U=,tag:bneErU9pPZkQ2VzbQ1NrJA==,type:str] vaultwarden.env: ENC[AES256_GCM,data:PLNb5cFoJaOyUo5U/gpXH0RGVwwQxL3kCE/OLw7MaLWazuBGHIPUEhH+kDMP2cfF916D63w8Ddgb/oH+lHGCw235YwgoqZ9yjWYPG4VB2Jdw+17LeCbirdh3zv8nNzFnSZDJmhz5Pj82+iswju6sYO/H7UfZ3aeASWonKW9LGHVltKSY1rAVhZRu4SvhqPiAxNpEzN0/EDTl46RIxrgEoUraN+Ie8fh1wU9SKevExkPU3NXGO1gG2tWRxclMPgc=,iv:es40/5HpBAhOy2xmU/yCUD43fVVsAXk6qJ3OasKjK3U=,tag:bneErU9pPZkQ2VzbQ1NrJA==,type:str]
rsyncd.secrets: ENC[AES256_GCM,data:VjHRoZa6/lDtCheKSJyM,iv:kxygNaKOuK0iH/bFY/uKxcbMcYSR8nWDUx+4aDNqTMk=,tag:uYYPWAPCWtvLLGwmOWyH+A==,type:str]
sops: sops:
age: age:
- recipient: age1sqssntfzzlhcgp0wuf9wmeavg0hmwmq349npsq8vaxj9sxey5s9ssc82sw - recipient: age1sqssntfzzlhcgp0wuf9wmeavg0hmwmq349npsq8vaxj9sxey5s9ssc82sw
@ -11,7 +10,7 @@ sops:
eDUxR1V0ZEFSYnZTYnYzakFydEliaFUKoa/gHecAy01vTk7I02KMGGPHZBql5K48 eDUxR1V0ZEFSYnZTYnYzakFydEliaFUKoa/gHecAy01vTk7I02KMGGPHZBql5K48
hkLDjoWK9dkGRX8kqRd028cuMCQRenLpULEECWp6oV+evUdMf7wRtg== hkLDjoWK9dkGRX8kqRd028cuMCQRenLpULEECWp6oV+evUdMf7wRtg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2026-04-03T15:46:07Z" lastmodified: "2025-12-30T19:34:00Z"
mac: ENC[AES256_GCM,data:gh9Voy28Lo4G1qwQ7/WVAt/L3SAXIY5bs5fdCE0Oywi0ZV4YTJI5VCAcfxuE0Fc3DXdHF0/LORGjKa2l0yp5msMdBVpzI46FBiwYvU+w7EfEoEmhu0yMLf0SZmXkVLEq8u2uVFHGVbR1dOKcdFef+qTIGTlz4cE9VQ01xg/nh7g=,iv:fasXOAm2hjB4ULKT4vPOFnFpAcEgSeNvNM7Zrnk6MvM=,tag:1hWtpuTVdC3H8flA1m0Z0A==,type:str] mac: ENC[AES256_GCM,data:kFttJIQM/Zyd9xeiJpdEVoJ2AhlbuvtUxGBkQTQeEvrJsClAUM7s288XhkG02IxpH9bt2U6AgF60K/3E3qEdFHpM9WKTso/n6mXeD5WUyo9XD1XiWMPZ07arRLH0ajRWHOlIadKm7hvPhEWiWxVg9+sc0BHtjTGMLgvRhUyMPgM=,iv:gsMvU3lxVFSF8bJK5u9cNFSYDT5OZPmWqehv0ozB5Uo=,tag:XsfLCSTlqSgeKy609lMmLQ==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.12.2 version: 3.11.0