nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: nyanloutre:3e440a97762e7146ebdd35c17117017ee21ec464
Branches Tags
nyanloutre:master
..
compare: nyanloutre:c2c0d2bb05ee678aab19a59780f9011aea041ae1
Branches Tags
nyanloutre:master

No commits in common. "3e440a97762e7146ebdd35c17117017ee21ec464" and "c2c0d2bb05ee678aab19a59780f9011aea041ae1" have entirely different histories.
3e440a9776 ... c2c0d2bb05

5 changed files with 64 additions and 295 deletions
Show stats Expand all files Collapse all files

2
systems/LoutreOS/configuration.nix
View file

@ -32,8 +32,6 @@ in
"nixos-config=/etc/nixos/configuration.nix" "nixos-config=/etc/nixos/configuration.nix"
]; ];
documentation.nixos.enable = false;
nixpkgs.config.allowUnfree = false; nixpkgs.config.allowUnfree = false;
nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem pkg.pname or (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.32.0-slimserver" "minecraft-server" ]); nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem pkg.pname or (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.32.0-slimserver" "minecraft-server" ]);

7
systems/LoutreOS/medias.nix
View file

@ -29,12 +29,9 @@
dataDir = "/var/lib/slimserver"; dataDir = "/var/lib/slimserver";
}; };
navidrome = { airsonic = {
enable = true; enable = true;
settings = { maxMemory = 500;
MusicFolder = "/mnt/medias/musique";
ImageCacheSize = 0;
};
}; };
}; };

91
systems/LoutreOS/monitoring.nix
View file

@ -112,98 +112,7 @@ in
ZED_EMAIL_ADDR = [ "paul@nyanlout.re" ]; ZED_EMAIL_ADDR = [ "paul@nyanlout.re" ];
ZED_NOTIFY_VERBOSE = true; ZED_NOTIFY_VERBOSE = true;
}; };
loki = {
enable = true;
configuration = {
auth_enabled = false;
server.http_listen_port = 3100;
ingester = {
lifecycler = {
address = "127.0.0.1";
ring = {
kvstore.store = "inmemory";
replication_factor = 1;
}; };
};
chunk_idle_period = "1h";
chunk_target_size = 1000000;
};
schema_config.configs = [
{
from = "2018-04-15";
store = "boltdb";
object_store = "filesystem";
schema = "v11";
index = {
prefix = "index_";
period = "168h";
};
}
];
storage_config = {
boltdb.directory = "/var/lib/loki/index";
filesystem.directory = "/var/lib/loki/chunks";
};
limits_config = {
enforce_metric_name = false;
reject_old_samples = true;
reject_old_samples_max_age = "168h";
};
chunk_store_config.max_look_back_period = "168h";
table_manager = {
retention_deletes_enabled = true;
retention_period = "168h";
};
};
};
promtail = {
enable = true;
configuration = {
server = {
http_listen_port = 9080;
grpc_listen_port = 0;
};
positions.filename = "/tmp/positions.yaml";
clients = [ { url = "http://127.0.0.1:3100/loki/api/v1/push"; } ];
scrape_configs = [
{
job_name = "nginx";
static_configs = [
{
labels = {
job = "nginx";
__path__ = "/var/log/nginx/*log";
};
}
];
pipeline_stages = [
{
match = {
selector = ''{job="nginx"}'';
stages = [
{
regex.expression = ''^(?P<remote_addr>[\w\.]+) - (?P<remote_user>[^ ]*) \[(?P<time_local>.*)\] "(?P<method>[^ ]*) (?P<request>[^ ]*) (?P<protocol>[^ ]*)" (?P<status>[\d]+) (?P<body_bytes_sent>[\d]+) "(?P<http_referer>[^"]*)" "(?P<http_user_agent>[^"]*)"?'';
}
{
labels = {
method = null;
request = null;
status = null;
};
}
];
};
}
];
}
];
};
};
};
systemd.services.promtail.serviceConfig.SupplementaryGroups = [ "nginx" ];
security.sudo.extraRules = [ security.sudo.extraRules = [
{ commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; } { commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; }

196
systems/LoutreOS/services.nix
View file

@ -27,7 +27,7 @@ in
../../services/mail-server.nix ../../services/mail-server.nix
../../services/python-ci.nix ../../services/python-ci.nix
../../services/sdtdserver.nix ../../services/sdtdserver.nix
# ../../containers/vsftpd.nix ../../containers/vsftpd.nix
# /mnt/secrets/factorio_secrets.nix # /mnt/secrets/factorio_secrets.nix
./monitoring.nix ./monitoring.nix
./medias.nix ./medias.nix
@ -35,22 +35,6 @@ in
]; ];
services = { services = {
redis.enable = true;
logrotate = {
enable = true;
paths = {
nginx = {
path = "/var/log/nginx/*.log";
user = config.services.nginx.user;
group = config.services.nginx.group;
keep = 7;
extraConfig = ''
compress
'';
};
};
};
fail2ban.enable = true; fail2ban.enable = true;
@ -279,7 +263,6 @@ in
"10.40.249.1".name = "Bureau"; "10.40.249.1".name = "Bureau";
"10.40.249.2".name = "Cuisine"; "10.40.249.2".name = "Cuisine";
}; };
zha = null;
esphome = null; esphome = null;
light = [ light = [
{ {
@ -403,27 +386,7 @@ in
]; ];
automation = let automation = let
min_sun_elevation = 4; min_sun_elevation = 4;
switch_chambre = {
domain = "zha";
platform = "device";
device_id = "3329ecdcad244e5e8fc0f4b96d52ffe1";
};
switch_entree = {
domain = "zha";
platform = "device";
device_id = "7cd814190ec543dba76a7aa7e7996c41";
};
remote = {
domain = "zha";
platform = "device";
device_id = "d1230b76264e483388a8fdaad4f44143";
};
in [ in [
# ENTREE
{ {
alias = "Aziz lumière"; alias = "Aziz lumière";
trigger = [ trigger = [
@ -433,6 +396,11 @@ in
value_template = "{{ state.attributes.elevation }}"; value_template = "{{ state.attributes.elevation }}";
below = min_sun_elevation; below = min_sun_elevation;
} }
{
platform = "state";
entity_id = "person.paul";
to = "home";
}
]; ];
condition = [ condition = [
{ {
@ -445,34 +413,27 @@ in
condition = "template"; condition = "template";
value_template = "{{ state_attr('sun.sun', 'elevation') < ${toString min_sun_elevation} }}"; value_template = "{{ state_attr('sun.sun', 'elevation') < ${toString min_sun_elevation} }}";
} }
]; # All lights off
action = {
scene = "scene.home";
};
}
{ {
alias = "Aziz lumière switch"; condition = "template";
trigger = { value_template = ''
type = "remote_button_short_press"; {% set domain = 'light' %}
subtype = "turn_on"; {% set state = 'off' %}
} // switch_entree; {{ states[domain] | count == states[domain] | selectattr('state','eq', state) | list | count }}
'';
}
];
action = { action = {
scene = "scene.home"; scene = "scene.home";
}; };
} }
{ {
alias = "Adios"; alias = "Adios";
trigger = [ trigger = {
{
platform = "state"; platform = "state";
entity_id = "person.paul"; entity_id = "person.paul";
to = "not_home"; to = "not_home";
} };
({
type = "remote_button_short_press";
subtype = "turn_off";
} // switch_entree)
];
action = [ action = [
{ {
service = "light.turn_off"; service = "light.turn_off";
@ -484,129 +445,6 @@ in
} }
]; ];
} }
# REMOTE
{
alias = "Button toggle";
trigger = {
type = "remote_button_short_press";
subtype = "turn_on";
} // remote;
action = {
choose = {
conditions = {
condition = "template";
value_template = ''
{% set domain = 'light' %}
{% set state = 'off' %}
{{ states[domain] | count == states[domain] | selectattr('state','eq',state) | list | count }}
'';
};
sequence = {
scene = "scene.home";
};
};
default = {
service = "light.turn_off";
entity_id = "all";
};
};
}
{
alias = "Button scene movie";
trigger = {
type = "remote_button_short_press";
subtype = "right";
} // remote;
action = {
scene = "scene.movie";
};
}
{
alias = "Button scene home";
trigger = {
type = "remote_button_short_press";
subtype = "left";
} // remote;
action = {
scene = "scene.home";
};
}
{
alias = "Button light up";
trigger = {
type = "remote_button_short_press";
subtype = "dim_up";
} // remote;
action = {
service = "light.turn_on";
entity_id = "light.salon";
data = {
brightness_step = 25;
};
};
}
{
alias = "Button light down";
trigger = {
type = "remote_button_short_press";
subtype = "dim_down";
} // remote;
action = {
service = "light.turn_on";
entity_id = "light.salon";
data = {
brightness_step = -25;
};
};
}
# CHAMBRE
{
alias = "Button scene night";
trigger = {
type = "remote_button_short_press";
subtype = "turn_on";
} // switch_chambre;
action = {
scene = "scene.night";
};
}
{
alias = "Button scene dodo";
trigger = {
type = "remote_button_short_press";
subtype = "turn_off";
} // switch_chambre;
action = {
service = "light.turn_off";
entity_id = "all";
};
}
{
alias = "Button scene lumière chambre ON";
trigger = {
type = "remote_button_long_press";
subtype = "dim_up";
} // switch_chambre;
action = {
service = "light.turn_on";
entity_id = "light.chambre";
};
}
{
alias = "Button scene lumière chambre OFF";
trigger = {
type = "remote_button_long_press";
subtype = "dim_down";
} // switch_chambre;
action = {
service = "light.turn_off";
entity_id = "light.chambre";
};
}
]; ];
}; };
}; };

57
systems/LoutreOS/web.nix
View file

@ -57,7 +57,6 @@ in
services = { services = {
phpfpm.pools.work = { phpfpm.pools.work = {
user = config.users.users.work.name; user = config.users.users.work.name;
phpPackage = pkgs.php.withExtensions ({ all, ... }: with all; [ redis filter ]);
settings = { settings = {
"listen.owner" = config.services.nginx.user; "listen.owner" = config.services.nginx.user;
"pm" = "dynamic"; "pm" = "dynamic";
@ -71,7 +70,7 @@ in
nginx = { nginx = {
enable = true; enable = true;
package = pkgs.nginx.override { package = pkgs.nginx.override {
modules = with pkgs.nginxModules; [ dav ]; modules = with pkgs.nginxModules; [ rtmp dav ];
}; };
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedOptimisation = true; recommendedOptimisation = true;
@ -183,7 +182,11 @@ in
"maxspiegel.fr" = base { "/" = { root = "/run/python-ci/nyanloutre/site-max"; }; }; "maxspiegel.fr" = base { "/" = { root = "/run/python-ci/nyanloutre/site-max"; }; };
"stream.nyanlout.re" = base { "stream.nyanlout.re" = base {
"/" = { "/" = {
proxyPass = "http://10.30.135.71"; root = "/var/www/hls/";
extraConfig = ''
add_header Cache-Control no-cache;
add_header Access-Control-Allow-Origin *;
'';
}; };
}; };
"login.nyanlout.re" = simpleReverse config.services.nginx.sso.configuration.listen.port; "login.nyanlout.re" = simpleReverse config.services.nginx.sso.configuration.listen.port;
@ -195,10 +198,10 @@ in
"jackett.nyanlout.re" = authReverse 9117; "jackett.nyanlout.re" = authReverse 9117;
"pgmanage.nyanlout.re" = authReverse config.services.pgmanage.port; "pgmanage.nyanlout.re" = authReverse config.services.pgmanage.port;
"matrix.nyanlout.re" = simpleReverse 8008; "matrix.nyanlout.re" = simpleReverse 8008;
"airsonic.nyanlout.re" = simpleReverse 4040;
"emby.nyanlout.re" = simpleReverse 8096; "emby.nyanlout.re" = simpleReverse 8096;
"ci.nyanlout.re" = simpleReverse 52350; "ci.nyanlout.re" = simpleReverse 52350;
"gitea.nyanlout.re" = simpleReverse config.services.gitea.httpPort; "gitea.nyanlout.re" = simpleReverse config.services.gitea.httpPort;
"musique.nyanlout.re" = simpleReverse config.services.navidrome.settings.Port;
"apart.nyanlout.re" = recursiveUpdate (simpleReverse config.services.home-assistant.port) { "apart.nyanlout.re" = recursiveUpdate (simpleReverse config.services.home-assistant.port) {
locations."/" = { locations."/" = {
proxyWebsockets = true; proxyWebsockets = true;
@ -211,7 +214,7 @@ in
dav_ext_methods PROPFIND OPTIONS; dav_ext_methods PROPFIND OPTIONS;
''; '';
}; };
"~ ^/(_h5ai/public/index|random).php" = { "/_h5ai/public/index.php" = {
extraConfig = '' extraConfig = ''
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${config.services.phpfpm.pools.work.socket}; fastcgi_pass unix:${config.services.phpfpm.pools.work.socket};
@ -219,14 +222,40 @@ in
include ${pkgs.nginx}/conf/fastcgi.conf; include ${pkgs.nginx}/conf/fastcgi.conf;
''; '';
}; };
} // { } // { root = "/mnt/medias/iso_linux"; };
root = "/mnt/medias/iso_linux"; };
extraConfig = '' appendConfig = let
access_log /var/log/nginx/$host.log; rootLocation = config.services.nginx.virtualHosts."stream.nyanlout.re".locations."/".root;
in ''
rtmp {
server {
listen 1935;
application live {
live on;
exec_push ${pkgs.ffmpeg}/bin/ffmpeg -i rtmp://localhost/$app/$name -async 1 -vsync -1
-c:v libx264 -c:a aac -b:v 768k -b:a 96k -vf "scale=720:trunc(ow/a/2)*2" -tune zerolatency -preset ultrafast -crf 28 -f flv rtmp://localhost/show/$name_mid
-c:v libx264 -c:a aac -b:v 1024k -b:a 128k -vf "scale=960:trunc(ow/a/2)*2" -tune zerolatency -preset ultrafast -crf 28 -f flv rtmp://localhost/show/$name_high
-c copy -f flv rtmp://localhost/show/$name_src 2>>${rootLocation}/ffmpeg-$name.log;
}
application show {
live on;
hls on;
hls_path ${rootLocation};
hls_fragment 3s;
hls_playlist_length 60s;
hls_variant _mid BANDWIDTH=448000; # Medium bitrate, SD resolution
hls_variant _high BANDWIDTH=1152000; # High bitrate, higher-than-SD resolution
hls_variant _src BANDWIDTH=4096000; # Source bitrate, source resolution
}
}
}
''; '';
}; };
};
};
postgresql = { postgresql = {
enable = true; enable = true;
@ -263,7 +292,7 @@ in
python-ci.enable = true; python-ci.enable = true;
mastodon = { mastodon = {
enable = false; enable = true;
localDomain = "social.nyanlout.re"; localDomain = "social.nyanlout.re";
configureNginx = true; configureNginx = true;
extraConfig = { extraConfig = {
@ -285,9 +314,7 @@ in
systemd.services.phpfpm-work.serviceConfig = { systemd.services.phpfpm-work.serviceConfig = {
ReadOnlyPaths = "/mnt/medias/iso_linux"; ReadOnlyPaths = "/mnt/medias/iso_linux";
ReadWritePaths = [ ReadWritePaths = "/mnt/medias/iso_linux/_h5ai";
"/mnt/medias/iso_linux/_h5ai"
];
}; };
systemd.services.site-musique = let systemd.services.site-musique = let