Updated mosquitto and formatted files
This commit is contained in:
parent
f431bcd53c
commit
a1190957f8
|
@ -17,11 +17,8 @@
|
||||||
nix = {
|
nix = {
|
||||||
package = pkgs.nixUnstable;
|
package = pkgs.nixUnstable;
|
||||||
autoOptimiseStore = true;
|
autoOptimiseStore = true;
|
||||||
binaryCaches = [
|
binaryCaches =
|
||||||
"https://cachix.cachix.org"
|
[ "https://cachix.cachix.org" "https://nix-community.cachix.org" "https://nixpkgs-review-bot.cachix.org" ];
|
||||||
"https://nix-community.cachix.org"
|
|
||||||
"https://nixpkgs-review-bot.cachix.org"
|
|
||||||
];
|
|
||||||
binaryCachePublicKeys = [
|
binaryCachePublicKeys = [
|
||||||
"cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
|
"cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM="
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
|
|
|
@ -2,11 +2,7 @@
|
||||||
# See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/
|
# See also: https://blog.xirion.net/posts/nixos-proxmox-lxc/
|
||||||
|
|
||||||
# Supress systemd services that don't work (correctly) on LXC
|
# Supress systemd services that don't work (correctly) on LXC
|
||||||
systemd.suppressedSystemUnits = [
|
systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ];
|
||||||
"dev-mqueue.mount"
|
|
||||||
"sys-kernel-debug.mount"
|
|
||||||
"sys-fs-fuse-connections.mount"
|
|
||||||
];
|
|
||||||
|
|
||||||
# Enable SSH daemon support.
|
# Enable SSH daemon support.
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
|
|
@ -1,8 +1 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }: { imports = [ ./flood.nix ./unpackerr.nix ./vmagent.nix ]; }
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./flood.nix
|
|
||||||
./unpackerr.nix
|
|
||||||
./vmagent.nix
|
|
||||||
];
|
|
||||||
}
|
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let cfg = config.services.flood;
|
let cfg = config.services.flood;
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
options.services.flood = {
|
options.services.flood = {
|
||||||
enable = mkEnableOption "flood";
|
enable = mkEnableOption "flood";
|
||||||
|
|
||||||
|
@ -111,9 +110,7 @@ in
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Create group if set to default
|
# Create group if set to default
|
||||||
users.groups = mkIf (cfg.group == "rtorrent") {
|
users.groups = mkIf (cfg.group == "rtorrent") { rtorrent = { }; };
|
||||||
rtorrent = { };
|
|
||||||
};
|
|
||||||
|
|
||||||
# Create user if set to default
|
# Create user if set to default
|
||||||
users.users = mkIf (cfg.user == "flood") {
|
users.users = mkIf (cfg.user == "flood") {
|
||||||
|
@ -140,7 +137,12 @@ in
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
WorkingDirectory = cfg.dataDir;
|
WorkingDirectory = cfg.dataDir;
|
||||||
ExecStart = "${cfg.package}/bin/flood --baseuri ${cfg.baseURI} --rundir ${cfg.dataDir} --host ${cfg.host} --port ${toString cfg.port} ${if cfg.ssl then "--ssl" else ""} --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}";
|
ExecStart =
|
||||||
|
"${cfg.package}/bin/flood --baseuri ${cfg.baseURI} --rundir ${cfg.dataDir} --host ${cfg.host} --port ${
|
||||||
|
toString cfg.port
|
||||||
|
} ${
|
||||||
|
if cfg.ssl then "--ssl" else ""
|
||||||
|
} --auth ${cfg.authMode} --rtsocket ${cfg.rpcSocket} --allowedpath ${cfg.downloadDir}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -57,8 +57,7 @@ let
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
options.services.unpackerr = {
|
options.services.unpackerr = {
|
||||||
enable = mkEnableOption "unpackerr";
|
enable = mkEnableOption "unpackerr";
|
||||||
|
|
||||||
|
@ -151,13 +150,25 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
sonarr = mkStarrOptions { name = "Sonarr"; url = "http://localhost:8989"; };
|
sonarr = mkStarrOptions {
|
||||||
|
name = "Sonarr";
|
||||||
|
url = "http://localhost:8989";
|
||||||
|
};
|
||||||
|
|
||||||
radarr = mkStarrOptions { name = "Radarr"; url = "http://localhost:7878"; };
|
radarr = mkStarrOptions {
|
||||||
|
name = "Radarr";
|
||||||
|
url = "http://localhost:7878";
|
||||||
|
};
|
||||||
|
|
||||||
lidarr = mkStarrOptions { name = "Lidarr"; url = "http://localhost:8686"; };
|
lidarr = mkStarrOptions {
|
||||||
|
name = "Lidarr";
|
||||||
|
url = "http://localhost:8686";
|
||||||
|
};
|
||||||
|
|
||||||
readarr = mkStarrOptions { name = "Readarr"; url = "http://localhost:8787"; };
|
readarr = mkStarrOptions {
|
||||||
|
name = "Readarr";
|
||||||
|
url = "http://localhost:8787";
|
||||||
|
};
|
||||||
|
|
||||||
folder = {
|
folder = {
|
||||||
path = mkOption {
|
path = mkOption {
|
||||||
|
@ -211,17 +222,13 @@ in
|
||||||
description = ''
|
description = ''
|
||||||
Extra environment variables
|
Extra environment variables
|
||||||
'';
|
'';
|
||||||
example = {
|
example = { UN_WEBHOOK_0_URL = "http://example.com"; };
|
||||||
UN_WEBHOOK_0_URL = "http://example.com";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Create group if set to default
|
# Create group if set to default
|
||||||
users.groups = mkIf (cfg.group == "unpackerr") {
|
users.groups = mkIf (cfg.group == "unpackerr") { unpackerr = { }; };
|
||||||
unpackerr = { };
|
|
||||||
};
|
|
||||||
|
|
||||||
# Create user if set to default
|
# Create user if set to default
|
||||||
users.users = mkIf (cfg.user == "unpackerr") {
|
users.users = mkIf (cfg.user == "unpackerr") {
|
||||||
|
|
|
@ -1,8 +1,7 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
let cfg = config.services.vmagent;
|
let cfg = config.services.vmagent;
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
options.services.vmagent = {
|
options.services.vmagent = {
|
||||||
enable = mkEnableOption "vmagent";
|
enable = mkEnableOption "vmagent";
|
||||||
|
|
||||||
|
@ -74,9 +73,7 @@ in
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
# Create group if set to default
|
# Create group if set to default
|
||||||
users.groups = mkIf (cfg.group == "vmagent") {
|
users.groups = mkIf (cfg.group == "vmagent") { vmagent = { }; };
|
||||||
vmagent = { };
|
|
||||||
};
|
|
||||||
|
|
||||||
# Create user if set to default
|
# Create user if set to default
|
||||||
users.users = mkIf (cfg.user == "vmagent") {
|
users.users = mkIf (cfg.user == "vmagent") {
|
||||||
|
@ -93,8 +90,7 @@ in
|
||||||
networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ];
|
networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ 8429 ];
|
||||||
|
|
||||||
# The actual service
|
# The actual service
|
||||||
systemd.services.vmagent = let
|
systemd.services.vmagent = let prometheusConfig = pkgs.writeText "prometheus.yml" cfg.prometheusConfig;
|
||||||
prometheusConfig = pkgs.writeText "prometheus.yml" cfg.prometheusConfig;
|
|
||||||
in {
|
in {
|
||||||
wantedBy = [ "multi-user.target" ];
|
wantedBy = [ "multi-user.target" ];
|
||||||
after = [ "network.target" ];
|
after = [ "network.target" ];
|
||||||
|
@ -105,7 +101,8 @@ in
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
Restart = "on-failure";
|
Restart = "on-failure";
|
||||||
WorkingDirectory = cfg.dataDir;
|
WorkingDirectory = cfg.dataDir;
|
||||||
ExecStart = "${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}";
|
ExecStart =
|
||||||
|
"${cfg.package}/bin/vmagent -remoteWrite.url=${cfg.remoteWriteUrl} -promscrape.config=${prometheusConfig}";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -55,13 +55,5 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# Setup packages available everywhere
|
# Setup packages available everywhere
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ fzf git htop rsync ripgrep vim zoxide ];
|
||||||
fzf
|
|
||||||
git
|
|
||||||
htop
|
|
||||||
rsync
|
|
||||||
ripgrep
|
|
||||||
vim
|
|
||||||
zoxide
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -54,11 +54,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1634638999,
|
"lastModified": 1635141467,
|
||||||
"narHash": "sha256-4TWC/3iXsMqTDUu2MJSaCn4xGJpBnlDR+/SL/Aaz2XU=",
|
"narHash": "sha256-H+TVE6tBSm4nAepm7HRfW7AcrndI5e4+TJwCQo4/z+s=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "a323570a264da96a0b0bcc1c9aa017794acdc752",
|
"rev": "38d21595b8fb0a744aa31c5794013bf42cf98fa9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
@ -5,8 +5,7 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [
|
||||||
[
|
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
# Import common config
|
# Import common config
|
||||||
|
@ -36,13 +35,14 @@
|
||||||
kubectl
|
kubectl
|
||||||
kubectx
|
kubectx
|
||||||
nodejs-14_x
|
nodejs-14_x
|
||||||
|
nixfmt
|
||||||
ripgrep
|
ripgrep
|
||||||
rsync
|
rsync
|
||||||
tmux
|
tmux
|
||||||
vault
|
vault
|
||||||
vim
|
vim
|
||||||
];
|
];
|
||||||
|
#
|
||||||
programs.gnupg.agent = {
|
programs.gnupg.agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
pinentryFlavor = "curses";
|
pinentryFlavor = "curses";
|
||||||
|
|
|
@ -4,23 +4,18 @@
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||||
[
|
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ ];
|
boot.kernelModules = [ ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{
|
|
||||||
device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca";
|
device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
|
||||||
[{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }: {
|
||||||
{
|
imports = [
|
||||||
imports =
|
|
||||||
[
|
|
||||||
# Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
# Import common config
|
# Import common config
|
||||||
|
@ -25,10 +23,7 @@
|
||||||
system.stateVersion = "21.05"; # Did you read the comment?
|
system.stateVersion = "21.05"; # Did you read the comment?
|
||||||
|
|
||||||
# Additional packages
|
# Additional packages
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [ iptables vim ];
|
||||||
iptables
|
|
||||||
vim
|
|
||||||
];
|
|
||||||
|
|
||||||
# Disable the firewall as we need all the ports
|
# Disable the firewall as we need all the ports
|
||||||
networking.firewall.enable = false;
|
networking.firewall.enable = false;
|
||||||
|
|
|
@ -4,23 +4,18 @@
|
||||||
{ config, lib, pkgs, modulesPath, ... }:
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||||
[
|
|
||||||
(modulesPath + "/profiles/qemu-guest.nix")
|
|
||||||
];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ ];
|
boot.kernelModules = [ ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
fileSystems."/" =
|
fileSystems."/" = {
|
||||||
{
|
|
||||||
device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca";
|
device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca";
|
||||||
fsType = "ext4";
|
fsType = "ext4";
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices =
|
swapDevices = [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
|
||||||
[{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,10 +3,9 @@
|
||||||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||||
|
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
let mosquittoPort = 1883;
|
||||||
{
|
in {
|
||||||
imports =
|
imports = [
|
||||||
[
|
|
||||||
# Import common config
|
# Import common config
|
||||||
../../common/generic-lxc.nix
|
../../common/generic-lxc.nix
|
||||||
../../common
|
../../common
|
||||||
|
@ -26,21 +25,19 @@
|
||||||
environment.systemPackages = with pkgs; [ ];
|
environment.systemPackages = with pkgs; [ ];
|
||||||
|
|
||||||
services.mosquitto = {
|
services.mosquitto = {
|
||||||
users = {
|
|
||||||
victor = {
|
|
||||||
acl = ["topic readwrite #"];
|
|
||||||
};
|
|
||||||
zigbee2mqtt = {
|
|
||||||
acl = ["topic readwrite #"];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
|
listeners = [{
|
||||||
port = 1883;
|
port = 1883;
|
||||||
host = "0.0.0.0";
|
settings.allow_anonymous = true;
|
||||||
|
acl = [ "topic readwrite #" ];
|
||||||
|
users = {
|
||||||
|
victor = { acl = [ "readwrite #" ]; };
|
||||||
|
zigbee2mqtt = { acl = [ "readwrite #" ]; };
|
||||||
|
};
|
||||||
|
}];
|
||||||
|
|
||||||
allowAnonymous = true;
|
|
||||||
aclExtraConf = "topic readwrite #";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.zigbee2mqtt = {
|
services.zigbee2mqtt = {
|
||||||
|
@ -50,17 +47,17 @@
|
||||||
homeassistant = true;
|
homeassistant = true;
|
||||||
permit_join = true;
|
permit_join = true;
|
||||||
|
|
||||||
serial = {
|
serial = { port = "/dev/ttyUSB0"; };
|
||||||
port = "/dev/ttyUSB0";
|
|
||||||
};
|
|
||||||
|
|
||||||
mqtt = {
|
mqtt = {
|
||||||
base_topic = "zigbee2mqtt";
|
base_topic = "zigbee2mqtt";
|
||||||
server = "mqtt://localhost:${toString config.services.mosquitto.port}";
|
server = "mqtt://localhost:${toString mosquittoPort}";
|
||||||
user = "zigbee2mqtt";
|
user = "zigbee2mqtt";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
frontend = { port = 8080; };
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ config.services.mosquitto.port ];
|
networking.firewall.allowedTCPPorts = [ mosquittoPort config.services.zigbee2mqtt.settings.frontend.port ];
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,14 +5,12 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [
|
||||||
[
|
|
||||||
# Import common config
|
# Import common config
|
||||||
../../common/generic-lxc.nix
|
../../common/generic-lxc.nix
|
||||||
../../common
|
../../common
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
networking.hostName = "nginx";
|
networking.hostName = "nginx";
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
|
@ -41,6 +39,15 @@
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
virtualHosts."zookeeper.0x76.dev" = {
|
||||||
|
enableACME = true;
|
||||||
|
forceSSL = true;
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "http://10.42.43.28:8085/";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
security.acme.email = "victorheld12@gmail.com";
|
security.acme.email = "victorheld12@gmail.com";
|
||||||
|
|
|
@ -5,14 +5,12 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [
|
||||||
[
|
|
||||||
# Import common config
|
# Import common config
|
||||||
../../common/generic-lxc.nix
|
../../common/generic-lxc.nix
|
||||||
../../common
|
../../common
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
networking.hostName = "vault";
|
networking.hostName = "vault";
|
||||||
|
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
|
|
Loading…
Reference in a new issue