elias/knossos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: elias:ff99902baefa7e79c53c780ee3605d7e19cc9c25
Branches Tags
elias:main
..
compare: elias:9ebffd82c6b8701dcf85c5646a6bb1b9398e7bc4
Branches Tags
elias:main

No commits in common. "ff99902baefa7e79c53c780ee3605d7e19cc9c25" and "9ebffd82c6b8701dcf85c5646a6bb1b9398e7bc4" have entirely different histories.
ff99902bae ... 9ebffd82c6

10 changed files with 9 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

1
FUTURE-SERVER.md
View file

@ -25,4 +25,3 @@ Steps I would need to take.
# Other Considerations # Other Considerations
- where to setup docker stuff? - where to setup docker stuff?
- look at this [nix setup](https://github.com/rwiankowski/homeserver-nixos) and look how they use vars and SOPS

6
README.md
View file

@ -6,15 +6,15 @@ My test system.
- Learn NixOS. - Learn NixOS.
- Attempt to make basic media homelab, a la [Yunohost](https://yunohost.org/)[^1]...but declarative, reproducable - Attempt to make basic media homelab, a la [Yunohost](https://yunohost.org/)[^1]...but declarative, reproducable
- Try to avoid Docker - Try to avoid Docker
- ~~No flakes~~ - No flakes
## Tasks ## Tasks
- [ ] ~~ZFS for root file system (removed because I didn't want to deal with initrd and wifi)~~ - [X] ZFS for root file system
- [X] Tailscale - [X] Tailscale
- [X] VPS Caddy reverse proxy --> NixOS machine - [X] VPS Caddy reverse proxy --> NixOS machine
- [X] Setup Jellyfin - [X] Setup Jellyfin
- [X] Setup calibre-web - [X] Setup calibre-web
- [] Setup Transmission - [X] Setup Transmission
- [ ] Setup Nextcloud - [ ] Setup Nextcloud
- [ ] Setup systemwide auth system - LDAP? OAuth? OR don't do this - [ ] Setup systemwide auth system - LDAP? OAuth? OR don't do this

22
configuration.nix
View file

@ -11,8 +11,7 @@
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./services/jellyfin.nix # ./services/jellyfin.nix
./services/authentik.nix
# ./services/calibre-web.nix # ./services/calibre-web.nix
# ./services/glances.nix # ./services/glances.nix
# ./services/fail2ban.nix # ./services/fail2ban.nix
@ -23,8 +22,6 @@
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true; boot.loader.grub.useOSProber = true;
boot.supportedFilesystems = [ "zfs" ];
boot.zfs.extraPools = [ "plakias" ];
# Nix settings # Nix settings
nix = { nix = {
@ -45,24 +42,12 @@
# Networking # Networking
networking.hostName = "knossos"; # Define your hostname. networking.hostName = "knossos"; # Define your hostname.
networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.hostId = "f8f05846";
networking.wireless.networks = { networking.wireless.networks = {
# SSID with spaces and/or special characters # SSID with spaces and/or special characters
"Suntek_188" = { "Suntek_188" = {
psk = "0226203850"; psk = "0226203850";
}; };
"Suntek_288" = {
psk = "0226203850";
};
"Pixel_9407" = {
psk = "dieai888";
};
"hercules" = {
psk = "0531thewire";
};
}; };
# Enable networking # Enable networking
@ -101,9 +86,6 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILv96m1nCz3D0lzjzeGa+n4m3krEyl7KZ0tstjIZdTkq elias@bluefin" #acer "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILv96m1nCz3D0lzjzeGa+n4m3krEyl7KZ0tstjIZdTkq elias@bluefin" #acer
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8zlxSVOTCnAgb4U5vkC3ietH3Jd9gLE+FA6UOZp64J elias@arkadi.one" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK8zlxSVOTCnAgb4U5vkC3ietH3Jd9gLE+FA6UOZp64J elias@arkadi.one"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKWN6eeLFbtRJDEebSjoI8FaDOA5bmIzbyTUvX/hPWdh elias@greynix" #asus - greynix "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKWN6eeLFbtRJDEebSjoI8FaDOA5bmIzbyTUvX/hPWdh elias@greynix" #asus - greynix
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO/akM7XlILO499DvQhDa2+UnbbwaXB76a+XDxr8Yvdw elias@aspire"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFa3Gk2C2HmniiwMyYQ3HFs9M4W+obz2y3HNsEo6DA0c macbookpro"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINyRtSVEpOZ08QoOhwfMizYXJxLFCJ/jfIlP4FMD1zga elias@bluefin" #framework
]; ];
linger = true; linger = true;
packages = with pkgs; []; packages = with pkgs; [];
@ -140,7 +122,6 @@
git git
neovim neovim
emacs emacs
vim
tmux #like screen tmux #like screen
wiper #like ncdu wiper #like ncdu
@ -148,7 +129,6 @@
tcpdump #for wireguard test tcpdump #for wireguard test
ncdu
]; ];
# List services that you want to enable: # List services that you want to enable:

27
flake.lock generated
View file

@ -1,27 +0,0 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1766622938,
"narHash": "sha256-Eovt/DOCYjFFBZuYbbG9j5jhklzxdNbUGVYYxh3lG3s=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5900a0a8850cbba98e16d5a7a6ed389402dfcf4f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

19
flake.nix
View file

@ -1,19 +0,0 @@
{
description = "NixOS configuration";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
};
outputs = inputs@{ nixpkgs, ... }: {
nixosConfigurations = {
knossos = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./configuration.nix
];
};
};
};
}

2
nix-upgrade.sh
View file

@ -1,4 +1,4 @@
#!/run/current-system/sw/bin/bash #!/run/current-system/sw/bin/bash
sudo nixos-rebuild switch --flake .# --upgrade sudo nixos-rebuild switch -I nixos-config=/home/elias/nixos-knossos/configuration.nix --upgrade

3
rebuild.sh
View file

@ -1,4 +1,3 @@
#!/run/current-system/sw/bin/bash #!/run/current-system/sw/bin/bash
#sudo nixos-rebuild switch -I nixos-config=/home/elias/nixos-knossos/configuration.nix sudo nixos-rebuild switch -I nixos-config=/home/elias/nixos-config/configuration.nix
sudo nixos-rebuild switch --flake .#

55
services/authentik.nix
View file

@ -1,55 +0,0 @@
{ config, lib, pkgs, ... }:
{
config = {
systemd.services.authentik = {
description = "Run Docker Compose for authentik";
after = [ "network.target" "docker.service" ];
requires = [ "docker.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "exec";
# Pull the latest image before running
ExecStartPre = "/run/current-system/sw/bin/docker compose -f /home/nix/docker/authentik/compose.yaml pull";
# Bring the service up
ExecStart = "/run/current-system/sw/bin/docker compose -f /home/nix/docker/authentik/compose.yaml up";
# Take it down gracefully
ExecStop = "/run/current-system/sw/bin/docker compose -f /home/nix/docker/authentik/compose.yaml down";
WorkingDirectory = "/home/nix/docker/authentik";
Restart = "on-failure";
};
};
};
}

2
services/jellyfin-pass.txt
View file

@ -1,2 +0,0 @@
elias
XWEUt0afZmntvdRCkM7X

3
services/jellyfin.nix
View file

@ -4,7 +4,7 @@
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
dataDir = "/mnt/plakias/enc/jellyfin"; #default dataDir = "/var/lib/jellyfin"; #default
}; };
environment.systemPackages = [ environment.systemPackages = [
@ -12,4 +12,5 @@
pkgs.jellyfin-web pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg pkgs.jellyfin-ffmpeg
]; ];
} }