diff --git a/flake.lock b/flake.lock index 9e4b947..96db23c 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1733377410, - "narHash": "sha256-tZ9JEAaHIs3TPdRZeZzHsnJmUilkcnVaUTvyprbRb1A=", + "lastModified": 1735172763, + "narHash": "sha256-a6n8RsiAolz6p24Fsr/gTndx9xr9USpKqKK6kzBeXQc=", "owner": "tpwrules", "repo": "nixos-apple-silicon", - "rev": "e8c07c3ae199b55a8c1c35a7c067c5cef9c7e929", + "rev": "3daf0637409689d7a1304cedc50d20542bc47905", "type": "github" }, "original": { @@ -308,11 +308,11 @@ ] }, "locked": { - "lastModified": 1734425854, - "narHash": "sha256-nzE5UbJ41aPEKf8R2ZFYtLkqPmF7EIUbNEdHMBLg0Ig=", + "lastModified": 1734797603, + "narHash": "sha256-ulZN7ps8nBV31SE+dwkDvKIzvN6hroRY8sYOT0w+E28=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "0ddd26d0925f618c3a5d85a4fa5eb1e23a09491d", + "rev": "f0f0dc4920a903c3e08f5bdb9246bb572fcae498", "type": "github" }, "original": { @@ -350,11 +350,11 @@ ] }, "locked": { - "lastModified": 1734821669, - "narHash": "sha256-F7Z2tIJsUEhErpK0sGMep4xG/eTVuK2eBpvgh3cS2H8=", + "lastModified": 1735381016, + "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", "owner": "nix-community", "repo": "home-manager", - "rev": "51160a097a850839b7eae7ef08d0d3e7e353dfc3", + "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", "type": "github" }, "original": { @@ -371,11 +371,11 @@ ] }, "locked": { - "lastModified": 1734622215, - "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=", + "lastModified": 1734862405, + "narHash": "sha256-bXZJvUMJ2A6sIpYcCUAGjYCD5UDzmpmQCdmJSkPhleU=", "owner": "nix-community", "repo": "home-manager", - "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be", + "rev": "cb27edb5221d2f2920a03155f8becc502cf60e35", "type": "github" }, "original": { @@ -556,11 +556,11 @@ }, "nixlib": { "locked": { - "lastModified": 1734224914, - "narHash": "sha256-hKWALzQ/RxxXdKWsLKXULru6XTag9Cc5exgVyS4a/AE=", + "lastModified": 1734829460, + "narHash": "sha256-dPhc+f2wkmhMqMIfq+hColJdysgVxKP9ilZ5bR0NRZI=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "538697b664a64fade8ce628d01f35d1f1fd82d77", + "rev": "0a31e8d833173ae63e43fd9dbff1ccf09c4f778c", "type": "github" }, "original": { @@ -575,11 +575,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1734570415, - "narHash": "sha256-kcsDNcEr4hYuDc8l+ox41FvEPpmQTV3/3hgdx3tuxHw=", + "lastModified": 1734915500, + "narHash": "sha256-A7CTIQ8SW0hfbhKlwK+vSsu4pD+Oaelw3v6goX6go+U=", "owner": "nix-community", "repo": "nixos-generators", - "rev": "b8f266f26bb757e7aec18adeee6919db6666c4f6", + "rev": "051d1b2dda3b2e81b38d82e2b691e5c2f4d335f4", "type": "github" }, "original": { @@ -588,13 +588,29 @@ "type": "github" } }, + "nixos-hardware": { + "locked": { + "lastModified": 1735388221, + "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=", + "owner": "nixos", + "repo": "nixos-hardware", + "rev": "7c674c6734f61157e321db595dbfcd8523e04e19", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "master", + "repo": "nixos-hardware", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1733212471, - "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=", + "lastModified": 1734649271, + "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776", + "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", "type": "github" }, "original": { @@ -682,11 +698,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1734649271, - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "lastModified": 1735471104, + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", "type": "github" }, "original": { @@ -730,11 +746,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1734649271, - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "lastModified": 1735471104, + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", "type": "github" }, "original": { @@ -775,11 +791,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1734798432, - "narHash": "sha256-JVU+WjrRZUJnUKQ/iXP9O8eQ0L3YkqV1DpFMS4kLZog=", + "lastModified": 1735378670, + "narHash": "sha256-A8aQA+YhJfA8mUpzXOZdlXNnKiZg2EcpCn1srgtBjTs=", "owner": "nix-community", "repo": "nixvim", - "rev": "6a4b4221c4ebf1140f73f8df769e97f1828d90fa", + "rev": "f4b0b81ef9eb4e37e75f32caf1f02d5501594811", "type": "github" }, "original": { @@ -892,6 +908,7 @@ "linger": "linger", "lix-module": "lix-module", "nixos-generators": "nixos-generators", + "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_4", "nixpkgs-stable": "nixpkgs-stable", "nixpkgs-unstable": "nixpkgs-unstable", @@ -946,11 +963,11 @@ "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1734546875, - "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=", + "lastModified": 1735468296, + "narHash": "sha256-ZjUjbvS06jf4fElOF4ve8EHjbpbRVHHypStoY8HGzk8=", "owner": "Mic92", "repo": "sops-nix", - "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d", + "rev": "bcb8b65aa596866eb7e5c3e1a6cccbf5d1560b27", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 1ee9192..7491546 100644 --- a/flake.nix +++ b/flake.nix @@ -33,6 +33,7 @@ # Pro gamer move nixos-generators.url = "github:nix-community/nixos-generators"; + nixos-hardware.url = "github:nixos/nixos-hardware/master"; flake-utils.url = "github:numtide/flake-utils"; # Iceshrimpy @@ -133,6 +134,14 @@ ]; format = "proxmox-lxc"; }; + + rpi-streambox = inputs.nixos-generators.nixosGenerate { + inherit system pkgs; + modules = [ + ./nixos/hosts/streambox + ]; + format = "sd-aarch64"; + }; } ); @@ -176,6 +185,7 @@ sapphic-engineer = mkNixos [ ./nixos/hosts/sapphic-engineer ]; # Akkoma, sapphic.engineer seedbox = mkNixos [ ./nixos/hosts/seedbox ]; # fuck static-sites = mkNixos [ ./nixos/hosts/static-sites ]; # nginx specifically for static sites + streambox = mkNixos [ ./nixos/hosts/streambox ]; # lil rpi thonkpad = mkNixos [ ./nixos/hosts/thonkpad ]; # t480 ts3 = mkNixos [ ./nixos/hosts/ts3 ]; # Teamspeak-san }; diff --git a/home-manager/features/retroarch.nix b/home-manager/features/retroarch.nix new file mode 100644 index 0000000..106c9e2 --- /dev/null +++ b/home-manager/features/retroarch.nix @@ -0,0 +1,15 @@ +{ pkgs, ... }: { + home.packages = [ + (pkgs.retroarch.withCores ( + cores: with cores; [ + pcsx2 + ppsspp + snes9x + dolphin + mupen64plus + desmume + vba-m + ] + )) + ]; +} diff --git a/home-manager/noe/hosts/aerial.nix b/home-manager/noe/hosts/aerial.nix index 4896259..997c7c9 100644 --- a/home-manager/noe/hosts/aerial.nix +++ b/home-manager/noe/hosts/aerial.nix @@ -5,6 +5,7 @@ ../../features/kitty.nix ../../features/vesktop + ../../features/retroarch.nix ]; home.packages = with pkgs; let @@ -31,6 +32,8 @@ senpai # master.pokemmo-installer jq + plexamp + plex-media-player ]; programs.vscode = { diff --git a/home-manager/noe/hosts/streambox.nix b/home-manager/noe/hosts/streambox.nix new file mode 100644 index 0000000..ae12781 --- /dev/null +++ b/home-manager/noe/hosts/streambox.nix @@ -0,0 +1,17 @@ +{ pkgs, ... }: { + imports = [ + ../common + ../common/home-user.nix + + ../../features/kitty.nix + ]; + + home.packages = with pkgs; [ + spotify + vlc + plexamp + plex-media-player + ]; + + programs.kitty.settings.font_size = 12; +} diff --git a/home-manager/noe/hosts/unicorn.nix b/home-manager/noe/hosts/unicorn.nix new file mode 100644 index 0000000..db54da6 --- /dev/null +++ b/home-manager/noe/hosts/unicorn.nix @@ -0,0 +1,30 @@ +{ pkgs, ... }: { + imports = [ + ../common + ../common/home-user.nix + + ../../features/kitty.nix + ../../features/vesktop + ../../features/retroarch.nix + ]; + + home.packages = with pkgs; [ + spotify + teamspeak_client + vlc + helvum + tenacity + gimp + krita + jq + plexamp + plex-media-player + ]; + + programs.vscode = { + enable = true; + package = pkgs.vscode.fhs; + }; + + programs.kitty.settings.font_size = 12; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 0db3279..e8095b9 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -1,3 +1,4 @@ { - + transmission-exporter = import ./transmission-exporter.nix; + plex-exporter = import ./plex-exporter.nix; } diff --git a/modules/nixos/plex-exporter.nix b/modules/nixos/plex-exporter.nix new file mode 100644 index 0000000..ee0a8d4 --- /dev/null +++ b/modules/nixos/plex-exporter.nix @@ -0,0 +1,34 @@ +{ config, pkgs, lib, ... }: let + cfg = config.services.plex-exporter; +in { + options.services.plex-exporter = { + enable = lib.mkEnableOption "enables plex exporter"; + + configFile = lib.mkOption { + type = lib.types.path; + default = "http://localhost:32400"; + }; + + listenAddress = lib.mkOption { + type = lib.types.str; + default = ":9594"; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.plex-exporter = { + enable = true; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + description = "Plex exporter for Prometheus"; + serviceConfig = { + Type = "simple"; + User = "nobody"; + Group = "nobody"; + Restart = "always"; + ExecStart = "${pkgs.local-pkgs.plex-exporter}/bin/plex_exporter --listen-address ${cfg.listenAddress} --config-path ${cfg.configFile}"; + RuntimeDirectory = "plex-exporter"; + }; + }; + }; +} diff --git a/modules/nixos/transmission-exporter.nix b/modules/nixos/transmission-exporter.nix new file mode 100644 index 0000000..217378a --- /dev/null +++ b/modules/nixos/transmission-exporter.nix @@ -0,0 +1,61 @@ +{ config, pkgs, lib, ... }: let + cfg = config.services.transmission-exporter; +in { + options.services.transmission-exporter = { + enable = lib.mkEnableOption "enables transmission exporter"; + + web_path = lib.mkOption { + type = lib.types.str; + default = "/metrics"; + description = "Path for metrics"; + }; + + web_addr = lib.mkOption { + type = lib.types.str; + default = ":19091"; + description = "Address for this exporter to run"; + }; + + transmission_addr = lib.mkOption { + type = lib.types.str; + default = "http://localhost:9091"; + description = "Transmission address to connect with"; + }; + + transmission_username = lib.mkOption { + type = lib.types.str; + default = ""; + description = "Transmission username"; + }; + + transmission_password = lib.mkOption { + type = lib.types.str; + default = ""; + description = "Transmission password"; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.transmission-exporter = { + enable = true; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + description = "Transmission exporter for Prometheus"; + environment = { + WEB_PATH = cfg.web_path; + WEB_ADDR = cfg.web_addr; + TRANSMISSION_ADDR = cfg.transmission_addr; + TRANSMISSION_USERNAME = cfg.transmission_username; + TRANSMISSION_PASSWORD = cfg.transmission_password; + }; + serviceConfig = { + Type = "simple"; + User = "nobody"; + Group = "nobody"; + Restart = "always"; + ExecStart = "${pkgs.local-pkgs.transmission-exporter}/bin/transmission-exporter"; + RuntimeDirectory = "transmission-exporter"; + }; + }; + }; +} diff --git a/nixos/client-lite.nix b/nixos/client-lite.nix new file mode 100644 index 0000000..c5b38f0 --- /dev/null +++ b/nixos/client-lite.nix @@ -0,0 +1,29 @@ +{ pkgs, lib, ... }: { + imports = [ + ./base.nix + ./features/fonts.nix + ]; + + environment.systemPackages = with pkgs; [ + firefox + curl + btop + htop + fastfetch + xclip + ]; + + programs.neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + }; + + networking.nameservers = lib.mkForce [ + #"100.80.255.88" + "10.100.69.69" + ]; + + time.timeZone = "America/Los_Angeles"; +} diff --git a/nixos/client.nix b/nixos/client.nix index 9c2c923..fc55685 100644 --- a/nixos/client.nix +++ b/nixos/client.nix @@ -1,34 +1,10 @@ { pkgs, lib, ... }: { imports = [ - ./base.nix - ./features/fonts.nix + ./client-lite.nix ]; boot.loader.systemd-boot.enable = lib.mkDefault true; boot.loader.efi.canTouchEfiVariables = lib.mkDefault true; boot.kernelPackages = lib.mkDefault pkgs.unstable.linuxPackages_zen; - - environment.systemPackages = with pkgs; [ - firefox - curl - btop - htop - fastfetch - xclip - ]; - - programs.neovim = { - enable = true; - defaultEditor = true; - viAlias = true; - vimAlias = true; - }; - - networking.nameservers = lib.mkForce [ - #"100.80.255.88" - "10.100.69.69" - ]; - - time.timeZone = "America/Los_Angeles"; } diff --git a/nixos/features/nas0.nix b/nixos/features/nas0.nix index 068f8ca..16f2657 100644 --- a/nixos/features/nas0.nix +++ b/nixos/features/nas0.nix @@ -37,7 +37,7 @@ in { }; fileSystems."/mnt/nas0" = let - automount_opts = if cfg.lazyMount then "x-systemd.automount,noauto,x-systemd.idle-timeout=60" else ""; + automount_opts = if cfg.lazyMount then "x-systemd.automount,noauto,x-systemd.idle-timeout=60" else "x-systemd.automount,auto"; in { device = if cfg.useSMB then "//nas0.hoki-porgy.ts.net/main/" else "nas0.hoki-porgy.ts.net:/storage"; fsType = if cfg.useSMB then "cifs" else "nfs"; diff --git a/nixos/features/telemetry/nginx.nix b/nixos/features/telemetry/nginx.nix index 4b31618..428cf23 100644 --- a/nixos/features/telemetry/nginx.nix +++ b/nixos/features/telemetry/nginx.nix @@ -16,7 +16,7 @@ }; }; - services.nginx.commonHttpConfig = '' + services.nginx.commonHttpConfig = config.services.nginx.commonHttpConfig + '' log_format combined2 "$server_name: $remote_addr - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\""; access_log /var/log/nginx/access.log combined2; ''; diff --git a/nixos/features/telemetry/plex.nix b/nixos/features/telemetry/plex.nix new file mode 100644 index 0000000..9d6a32c --- /dev/null +++ b/nixos/features/telemetry/plex.nix @@ -0,0 +1,30 @@ +{ outputs, lib, config, ... }: { + imports = [ + outputs.nixosModules.plex-exporter + ]; + + sops.secrets.plex_token = { + sopsFile = ../../../secrets/plex/default.yaml; + }; + + sops.templates."plex-exporter-config.yaml" = { + content = lib.strings.toJSON { + token = config.sops.placeholder.plex_token; + servers = [ + { + baseUrl = "https://localhost:32400"; + insecure = true; + } + ]; + }; + owner = "nobody"; + }; + + services.plex-exporter = { + enable = true; + listenAddress = ":14220"; + configFile = config.sops.templates."plex-exporter-config.yaml".path; + }; + + networking.firewall.allowedTCPPorts = [ 14220 ]; +} diff --git a/nixos/features/telemetry/transmission.nix b/nixos/features/telemetry/transmission.nix new file mode 100644 index 0000000..e93eda4 --- /dev/null +++ b/nixos/features/telemetry/transmission.nix @@ -0,0 +1,12 @@ +{ outputs, pkgs, ... }: { + imports = [ + outputs.nixosModules.transmission-exporter + ]; + + services.transmission-exporter = { + enable = true; + web_addr = ":14222"; + }; + + networking.firewall.allowedTCPPorts = [ 14222 ]; +} diff --git a/nixos/hosts/aerial/default.nix b/nixos/hosts/aerial/default.nix index 41e1ed7..2dd564e 100644 --- a/nixos/hosts/aerial/default.nix +++ b/nixos/hosts/aerial/default.nix @@ -35,7 +35,9 @@ environment.systemPackages = with pkgs; [ python3 - ]; + ]; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; networking.firewall.allowedTCPPorts = [ 42069 8000 ]; networking.firewall.allowedUDPPorts = [ 42069 ]; diff --git a/nixos/hosts/ingress-proxy/default.nix b/nixos/hosts/ingress-proxy/default.nix index 0cd3955..1c13e4a 100644 --- a/nixos/hosts/ingress-proxy/default.nix +++ b/nixos/hosts/ingress-proxy/default.nix @@ -39,6 +39,7 @@ in rec { git.servers."${tsHost "git" 3000}" = {}; staticsites.servers."${tsHost "static-sites" 80}" = {}; nextcloud.servers."${tsHost "nextcloud" 80}" = {}; + nas0.servers."${tsHost "nas0" 6969}" = {}; pushps2.servers."push.planetside2.com:443" = {}; }; @@ -161,6 +162,17 @@ in rec { }; } // defaultConfig; + "kat.cafe" = { + serverAliases = ["dripping.blood.pet"]; + locations."/" = { + extraConfig = "return 302 https://noe.sh;"; + }; + locations."/s" = { + recommendedProxySettings = true; + proxyPass = "http://nas0"; + }; + } // defaultConfig; + "sapphic.engineer" = { # serverAliases = ["p.sapphic.engineer"]; diff --git a/nixos/hosts/monitoring/default.nix b/nixos/hosts/monitoring/default.nix index c504133..332459e 100644 --- a/nixos/hosts/monitoring/default.nix +++ b/nixos/hosts/monitoring/default.nix @@ -49,6 +49,9 @@ node = 14200; nginx = 14201; pve = 14210; + plex = 14220; + smb = 14221; + transmission = 14222; }; in with ports; [ (static "aerial" [ node ]) @@ -56,36 +59,20 @@ (static "dis-sociat-ing" [ node ]) (static "exit-node" [ node ]) (static "git" [ node ]) + (static "hive" [ node pve ]) (static "ingress-proxy" [ node nginx ]) (static "monitoring" [ node ]) (static "mumble" [ node ]) (static "nas0" [ node ]) (static "nextcloud" [ node ]) (static "pihole" [ node ]) - (static "plex" [ node ]) + (static "plex" [ node plex ]) (static "porcelain-doll-repair" [ node ]) (static "ps2live" [ node ]) (static "sapphic-engineer" [ node ]) + (static "seedbox" [ node transmission ]) (static "static-sites" [ node nginx ]) (static "ts3" [ node ]) - { - job_name = "pve_node"; - static_configs = [ - { targets = [ "10.69.0.1:${builtins.toString node}" ]; } - ]; - } - { - job_name = "pve_pve"; - static_configs = [ - { targets = [ "10.69.0.1:${builtins.toString pve}" ]; } - ]; - metrics_path = "/pve"; - params = { - module = ["default"]; - cluster = ["1"]; - node = ["1"]; - }; - } { job_name = "saerro"; static_configs = [ diff --git a/nixos/hosts/nas0/default.nix b/nixos/hosts/nas0/default.nix index 2628a0d..d840fd3 100644 --- a/nixos/hosts/nas0/default.nix +++ b/nixos/hosts/nas0/default.nix @@ -104,6 +104,14 @@ autoindex = true; auth = "false"; } + { + route = [ "/s(/*path)" ]; + directory = "/mnt/storage/main/public/Share"; + handler = "filesystem"; + methods = [ "webdav-ro" ]; + autoindex = true; + auth = "false"; + } ]; }; }; diff --git a/nixos/hosts/plex/default.nix b/nixos/hosts/plex/default.nix index 6d18f87..8b51be4 100644 --- a/nixos/hosts/plex/default.nix +++ b/nixos/hosts/plex/default.nix @@ -2,6 +2,7 @@ imports = [ ../../templates/proxmox-lxc.nix ../../features/nas0.nix + ../../features/telemetry/plex.nix ../../server.nix ]; diff --git a/nixos/hosts/seedbox/default.nix b/nixos/hosts/seedbox/default.nix index 5a4cc9d..ad3d44f 100644 --- a/nixos/hosts/seedbox/default.nix +++ b/nixos/hosts/seedbox/default.nix @@ -5,6 +5,7 @@ ../../features/dns-cache.nix ../../features/nas0.nix ../../features/podman.nix + ../../features/telemetry/transmission.nix ]; networking.hostName = "seedbox"; @@ -16,7 +17,6 @@ sops.secrets.protonvpn_username = {}; sops.secrets.protonvpn_password = {}; - sops.secrets.protonvpn_ovpn = {}; sops.templates."transmission.env" = { content = '' diff --git a/nixos/hosts/streambox/default.nix b/nixos/hosts/streambox/default.nix new file mode 100644 index 0000000..4e8bd9a --- /dev/null +++ b/nixos/hosts/streambox/default.nix @@ -0,0 +1,23 @@ +{ inputs, lib, ... }: { + imports = [ + inputs.nixos-hardware.nixosModules.raspberry-pi-4 + ../../client-lite.nix + ../../stacks/streambox + + ../../features/plasma6.nix + ../../features/sound + ../../features/wifi.nix + ../../features/tailscale.nix + ../../features/bluetooth.nix + ../../features/telemetry + ../../features/dns-cache.nix + ../../features/nas0.nix + ]; + + home-manager.users.noe = import ../../../home-manager/noe/hosts/streambox.nix; + + networking.hostName = "streambox"; + system.stateVersion = "25.05"; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +} diff --git a/nixos/hosts/unicorn/default.nix b/nixos/hosts/unicorn/default.nix new file mode 100644 index 0000000..002668b --- /dev/null +++ b/nixos/hosts/unicorn/default.nix @@ -0,0 +1,25 @@ +{ pkgs, config, ... }: { + imports = [ + ./hardware-configuration.nix + ../../client.nix + + ../../features/plasma6.nix + ../../features/tailscale.nix + ../../features/sound + ../../features/steam.nix + ../../features/dns-cache.nix + ../../features/podman.nix + ../../features/bluetooth.nix + ../../features/telemetry + ../../features/nas0.nix + ]; + + home-manager.users.noe = import ../../../home-manager/noe/hosts/unicorn.nix; + + networking.hostName = "unicorn"; + system.stateVersion = "25.05"; + + internal.nas0.useSMB = true; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; +} diff --git a/nixos/hosts/unicorn/hardware-configuration.nix b/nixos/hosts/unicorn/hardware-configuration.nix new file mode 100644 index 0000000..6a2637f --- /dev/null +++ b/nixos/hosts/unicorn/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/cf5922bd-3910-4f1b-85b7-422f7c55c856"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/2F38-02AD"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/ac8abccd-63c7-4e62-9f8b-7baafe85dfb9"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixos/stacks/streambox/default.nix b/nixos/stacks/streambox/default.nix new file mode 100644 index 0000000..067ea7a --- /dev/null +++ b/nixos/stacks/streambox/default.nix @@ -0,0 +1,4 @@ +# Streambox is usually for RPis! These are lil friends :3 +{ ... }: { + +} diff --git a/pkgs/default.nix b/pkgs/default.nix index 8798371..8bbe0b9 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,2 +1,4 @@ { pkgs ? (import ../nixpkgs.nix) { }, ... }: rec { + transmission-exporter = import ./transmission-exporter.nix { inherit pkgs; }; + plex-exporter = import ./plex-exporter.nix { inherit pkgs; }; } diff --git a/pkgs/plex-exporter.nix b/pkgs/plex-exporter.nix new file mode 100644 index 0000000..40a7a3a --- /dev/null +++ b/pkgs/plex-exporter.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: pkgs.buildGoModule { + pname = "plex_exporter"; + version = "0132160fcf2f41f25a5e18e78392eb324e932c5f"; + + vendorHash = null; + + src = pkgs.fetchFromGitHub { + owner = "arnarg"; + repo = "plex_exporter"; + rev = "0132160fcf2f41f25a5e18e78392eb324e932c5f"; + sha256 = "sha256-Jg/sQnAVplgag4Mv12pCbSO3v4GwcUUHvEUbF9m2R+Q="; + }; +} diff --git a/pkgs/transmission-exporter.nix b/pkgs/transmission-exporter.nix new file mode 100644 index 0000000..fa3f215 --- /dev/null +++ b/pkgs/transmission-exporter.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: pkgs.buildGoModule { + pname = "transmission-exporter"; + version = "a7872aa2975c7a95af680c51198f4a363e226c8f"; + + vendorHash = "sha256-YhmfrM5iAK0zWcUM7LmbgFnH+k2M/tE+f/QQIQmQlZs="; + + src = pkgs.fetchFromGitHub { + owner = "metalmatze"; + repo = "transmission-exporter"; + rev = "a7872aa2975c7a95af680c51198f4a363e226c8f"; + sha256 = "sha256-Ky7eCvC1AqHheqGGOGBNKbtVgg4Y8hDG67gCVlpUwZo="; + }; +} diff --git a/secrets/plex/default.yaml b/secrets/plex/default.yaml new file mode 100644 index 0000000..a5cdcbd --- /dev/null +++ b/secrets/plex/default.yaml @@ -0,0 +1,48 @@ +plex_token: ENC[AES256_GCM,data:dtRLjNcObKfUKxo3+lWJ2WEaMw8=,iv:gDknJRsEdie8bMPowkPBjFGU0Eq6x89D/Pby2UWqW68=,tag:aGjJwNHe4LddkPjcCSBmxA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNZ2dvcmJwcENVV3lKU0VR + SlZNTG01djlab2grejVMM2hUZjlXTlVNLzNVCjNaRVBzOWxHdEJPMVZlRHJHdGtZ + MjFic3AyQ3h0R2paOUZza3VCcUk2Vm8KLS0tIC9aMXZIak1CTHNGYVgvMlBLMk8z + VHBWSTZpRGNGd2l4cENnZkdMZjYvNXcKa4SlV220IAWDQrj1ARaVvl7X2Rl1sXbU + 3U8a3qu41QTHWPXjjDKTcJuID/za8hNh42ZJciTNt0lDMxsuoLEA8Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnSXZIVUx2NWV6Sk1jeEpw + UzYyeU81dEFCSmFUNTQwY2ZDZ0Rzb0xQYkJVCldxUmx6SkJyQThqd2UwNmFBT0d4 + cWFjWkRQd0VtUUkra0czdjZyWURoWmMKLS0tIGY4R0ZWazdaOExxZWxSS2Ira2lB + Szh6VkU2NjFFYklkYWdkRUp2ZjVlYVkKdikQfF6FYJAviuz0Nl+hckX6KPsq3TS7 + vRBbJTPdBP3q9Zl8Gly52VoEsqIkQq5rpBucaQMF+TYM2plwlu2n9w== + -----END AGE ENCRYPTED FILE----- + - recipient: age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMG9TMHNnVGNyYnkybGtR + TjJ6ZlAwU3JyREMrcFNFc2NwWi9ma3ZsV0NnCkhOTHA2alY0SmJiU29QMkU3cHQz + cFVXcGVZS1lZVW9FRkhRTVdyK21wV2sKLS0tIEk4eHZETHhEaVlpb3lWVktTVlhu + SXJTSjhxeTdodTk5QjRlS2thZWdpQzAKZQWiC+YmFBwKjmJsMqMfSjYywThuPhsO + /7gMYLtYWtqnaik4YS/HOzTSMR+a8c7x1L01l4H4QzgaBp6W+sqj8g== + -----END AGE ENCRYPTED FILE----- + - recipient: age16jzuvkchnm53wfl4q0yg93zmg7jmj6rpud79sa6wuljved74hd6qvlw66w + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiSURWRk1URmtvbFBqSFhr + azMrS3dDbkxubWFXMVFGWXZ6elpTS2N3NUZVCjd2eWRsTC9MaVBIUzRkd0dGTDJw + K1lwMkNIVmVtUHJJTVpuRS9tRE1NclEKLS0tIFp2TlpNMnZXaE9jL3IvNjdrQlFK + eHFhZDFmTWtYR2ozaUJnTnZvTm03WVUKmGFmPG8LaLkbpWoaOAr14VtVriXcXo8V + 0dO+FnP8VmidinLwsN3leNw0ZQwxY1AXvW4NFUDLx/MFbNeu26ScQw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-12-28T03:24:06Z" + mac: ENC[AES256_GCM,data:JONeBRVQRPTjV93LvVynIcqtOsbbr2JUGbw67gUREVjYsghB2Z5LRvroxB3d2cwxwGMP3lvI6H6bIHjAE2xmzhxwwNvFWAdmDtEzWMqnbKE8OLrFrt6sh2cPykUySe3/K8/Q1iuxGnqm3T3pEAq8dBRbTKSPCZdYW8ZvrRsbFDA=,iv:q0Z8/coFMmwwQqPiXYqlT5TclavByThf0QJsiCq6nAE=,tag:OaJTHfgc0ugjkz6JdDInDw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.2