christoph/flake-nixinator
1
Fork 0
Code Activity

Compare commits

base: christoph:67e4951f7d4bf7661ab9968321953f4161625b6f
Branches Tags
christoph:master
...
compare: christoph:df1a60dd0517533697243506658bbcd0e1bcaac1
Branches Tags
christoph:master

19 Commits
67e4951f7d ... df1a60dd05

Author SHA1 Message Date
Christoph Urlacher
df1a60dd05 Overlays/Rmpc: Update to v0.10.0 2025-11-12 13:25:23 +01:00
Christoph Urlacher
9fd2daccc2 Modules/Impermanence: Persist TeamSpeak 2025-11-11 16:41:46 +01:00
Christoph Urlacher
7ba125e0b0 System/Nixinator: Add fileflows node 2025-11-11 15:27:43 +01:00
Christoph Urlacher
1d2eea270e System/Servenix: Open TeamSpeak ports 2025-11-11 13:53:51 +01:00
Christoph Urlacher
3ac76cae93 Services/Teamspeak: Init with version v6.0.0.0-beta7 2025-11-11 13:16:09 +01:00
Christoph Urlacher
2d37068567 Services/Fileflows: Run as user/group 3000:3000 2025-11-10 11:30:26 +01:00
Christoph Urlacher
06a2899593 Services/Fileflows: Init with version 25.10 2025-11-08 20:50:46 +01:00
Christoph Urlacher
b895c3a1ff Home: Add handbrake 2025-11-08 20:46:50 +01:00
Christoph Urlacher
20afc8836f System/Impermanence: Persist .MakeMKV 2025-11-08 14:18:22 +01:00
Christoph Urlacher
cbeead85eb Services/TinyMediaManager: Init with version 5.2.3 2025-11-08 13:59:44 +01:00
Christoph Urlacher
8069839f38 System: Update NFS mounts after TrueNAS HDD upgrade 2025-11-08 13:03:56 +01:00
Christoph Urlacher
daa3202393 System/Nixinator: Update music NFS mount 2025-11-07 14:57:13 +01:00
Christoph Urlacher
909baf9111 System/Servenix: Update music NFS mount 2025-11-07 14:56:26 +01:00
Christoph Urlacher
341e4d703a Home/Beets: Disable lyrics plugin 2025-11-07 14:56:00 +01:00
Christoph Urlacher
a81fc48127 System: Use LTS kernel as default for all hosts 2025-11-07 13:30:14 +01:00
Christoph Urlacher
f6d5c83a8e Services/Portainer: Update to v2.33.3 2025-11-06 02:04:06 +01:00
Christoph Urlacher
695e196024 Services/Nginx: Update to v2.13.1 2025-11-06 01:43:17 +01:00
Christoph Urlacher
8ae48df307 Services/Jellyfin: Update to v10.11.2 2025-11-05 23:57:48 +01:00
Christoph Urlacher
0e893bc106 Home/Beets: Add musicbrainz auto-tagger data source 2025-11-05 20:03:11 +01:00
26 changed files with 308 additions and 49 deletions
Expand all files Collapse all files

3
home/christoph/default.nix
View File

@ -372,6 +372,8 @@
tidal-hifi
tidal-dl-ng
picard
handbrake
teamspeak6-client
# Office
kdePackages.wacomtablet # For xournalpp/krita
@ -457,6 +459,7 @@
enableFishIntegration = config.modules.fish.enable;
};
# TODO: Module
fastfetch = {
enable = true;

11
home/modules/beets/default.nix
View File

@ -50,7 +50,8 @@ in {
"edit" # edit metadata in text editor
"fetchart" # pickup local cover art or search online
"fish" # beet fish generates ~/.config/fish/completions file
"lyrics" # fetch song lyrics
# "lyrics" # fetch song lyrics
"musicbrainz" # auto tagger data source
"replaygain" # write replaygain tags for automatic loudness adjustments
];
@ -59,10 +60,10 @@ in {
sources = "filesystem coverart itunes amazon albumart"; # sources are queried in this order
};
lyrics = {
auto = "yes"; # only embeds lyrics into metadata, needed for jellyfin but useless for rmpc
synced = "yes"; # prefer synced lyrics if provided
};
# lyrics = {
# auto = "yes"; # only embeds lyrics into metadata, needed for jellyfin but useless for rmpc
# synced = "yes"; # prefer synced lyrics if provided
# };
replaygain = {
auto = "yes"; # analyze on import automatically

19
overlays/default.nix
View File

@ -26,6 +26,9 @@
# localSystem = {inherit (prev) system;};
# }).unityhub;
# Remove this after jetbrains.jdk builds again (nixpkgs issue 425328)
# jetbrains.rider = pkgs-stable.jetbrains.rider;
# neovide = prev.neovide.overrideAttrs (finalAttrs: prevAttrs: {
# version = "0.15.1";
# src = prev.fetchFromGitHub {
@ -41,8 +44,20 @@
# };
# });
# Remove this after jetbrains.jdk builds again (nixpkgs issue 425328)
# jetbrains.rider = pkgs-stable.jetbrains.rider;
rmpc = prev.rmpc.overrideAttrs (finalAttrs: prevAttrs: {
version = "0.10.0";
src = prev.fetchFromGitHub {
owner = "mierak";
repo = "rmpc";
rev = "v0.10.0";
hash = "sha256-NU8T26oPhm8L7wdO4p65cpNa0pax7/oqHGs98QDoEc0=";
};
cargoHash = "sha256-d2/4q2s/11HNE18D8d8Y2yWidhT+XsUS4J9ahnxToI0=";
cargoDeps = prev.rustPlatform.fetchCargoVendor {
inherit (finalAttrs) pname src version;
hash = finalAttrs.cargoHash;
};
});
};
in
# Composes a list of overlays and returns a single overlay function that combines them.

2
system/default.nix
View File

@ -143,7 +143,7 @@ with mylib.networking; {
# Bootloader/Kernel stuff
boot = {
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
kernelPackages = lib.mkDefault pkgs.linuxPackages;
kernelParams = ["mitigations=off"]; # I don't care
# Make /tmp volatile

2
system/modules/impermanence/default.nix
View File

@ -117,6 +117,7 @@ in {
# (mkUDir ".android" m755) # Unity
# (mkUDir ".gradle" m755) # Unity
# (mkUDir ".java" m755) # Unity/Rider
(mkUDir ".MakeMKV" m755)
(mkUDir ".mozilla/firefox" m755) # TODO: Remove this someday
(mkUDir ".mozilla/native-messaging-hosts" m755)
(mkUDir ".nix-package-search" m755)
@ -150,6 +151,7 @@ in {
(mkUDir ".config/obs-studio" m755)
(mkUDir ".config/Signal" m755)
# (mkUDir ".config/singularitygroup-hotreload" m755) # Unity
(mkUDir ".config/TeamSpeak" m755)
(mkUDir ".config/tidal-hifi" m755)
(mkUDir ".config/tidal_dl_ng" m755)
# (mkUDir ".config/unity3d" m755) # Unity

6
system/nixinator/default.nix
View File

@ -12,6 +12,9 @@
./disks.nix
../modules
# General services
../services/fileflows-node.nix
];
modules = {
@ -104,7 +107,8 @@
};
boot = {
# kernelPackages = pkgs.linuxPackages_zen;
kernelPackages = pkgs.linuxPackages_zen;
# kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
# kernelParams = [ "quiet" ];
# plymouth.enable = true;

29
system/nixinator/hardware-configuration.nix
View File

@ -35,6 +35,10 @@
"vfat"
];
supportedFilesystems = [
# "zfs" # Probably requires LTS kernel + networking.hostId
];
kernelModules = [
"kvm-amd"
"sg" # Blu-Ray drive
@ -60,6 +64,9 @@
];
};
# Required for supportedFilesystems = ["zfs"];, so pools don't get imported on the wrong machine
# networking.hostId = "611e6afb";
fileSystems = {
# NOTE: Some filesystems are managed by disko (see ./disks.nix)
@ -82,26 +89,30 @@
# Using NFS over TCP or increasing the value of the retrans option may mitigate
# some of the risks of using the soft option.
# Synology DS223j
"/home/${username}/Restic" = {
device = "192.168.86.15:/volume1/NixinatorPersistence";
fsType = "nfs";
options = ["defaults" "rw" "noatime" "_netdev" "bg" "soft"];
};
# TrueNAS
"/home/${username}/Movies" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Movie";
device = "192.168.86.20:/mnt/Seagate4TB/Movies";
fsType = "nfs";
options = ["defaults" "rw" "noatime" "_netdev" "bg" "soft"];
};
"/home/${username}/Shows" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Show";
device = "192.168.86.20:/mnt/Seagate4TB/Shows";
fsType = "nfs";
options = ["defaults" "rw" "noatime" "_netdev" "bg" "soft"];
};
"/home/${username}/Music" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Music";
fsType = "nfs";
options = ["defaults" "rw" "noatime" "_netdev" "bg" "soft"];
};
"/home/${username}/Restic" = {
device = "192.168.86.15:/volume1/NixinatorPersistence";
device = "192.168.86.20:/mnt/Seagate4TB/Music";
fsType = "nfs";
options = ["defaults" "rw" "noatime" "_netdev" "bg" "soft"];
};

27
system/servenix/default.nix
View File

@ -24,6 +24,7 @@
# General services
../services/authelia.nix
../services/fileflows.nix
../services/gitea.nix
../services/gitea-runner.nix
../services/immich.nix
@ -33,6 +34,8 @@
../services/nginx-proxy-manager.nix
../services/paperless.nix
../services/portainer-agent.nix
../services/teamspeak.nix
../services/tinymediamanager.nix
../services/whats-up-docker.nix
];
@ -58,16 +61,30 @@
};
};
# NOTE: Streams: Ports have to be opened in the VPS firewall + VPS UFW and bound in the VPS Nginx compose file.
allowedTCPPorts = [
53 # DNS
80 # HTTP
3000 # Gitea runner needs to reach local gitea instance
53 # DNS (Adguard Home)
67 # DHCP
80 # HTTP (Nginx Proxy Manager)
443 # HTTPS (Nginx Proxy Manager)
3000 # Gitea (runner needs to reach local gitea instance)
30033 # Teamspeak
10080 # Teamspeak
];
allowedUDPPorts = [
53 # DNS
53 # DNS (Adguard Home)
67 # DHCP
3000 # Gitea runner needs to reach local gitea instance
80 # HTTP (Nginx Proxy Manager)
443 # HTTPS (Nginx Proxy Manager)
3000 # Gitea (runner needs to reach local gitea instance)
30033 # Teamspeak
9987 # Teamspeak
];
};

8
system/servenix/hardware-configuration.nix
View File

@ -44,22 +44,22 @@
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};
# SG Exos Mirror Shares
# TrueNAS
"/media/Movie" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Movie";
device = "192.168.86.20:/mnt/Seagate4TB/Movies";
fsType = "nfs";
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};
"/media/Show" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Show";
device = "192.168.86.20:/mnt/Seagate4TB/Shows";
fsType = "nfs";
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};
"/media/TV-Music" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Music";
device = "192.168.86.20:/mnt/Seagate4TB/Music";
fsType = "nfs";
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};

4
system/services/authelia.nix
View File

@ -20,9 +20,7 @@ in {
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [
# "pihole"
];
dependsOn = [];
ports = [
# "9091:9091"

54
system/services/fileflows-node.nix Normal file
View File

@ -0,0 +1,54 @@
{
config,
lib,
pkgs,
...
}: let
fileflowsVersion = "25.10";
in {
virtualisation.oci-containers.containers = {
fileflows-node = {
image = "revenz/fileflows:${fileflowsVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [];
ports = [];
volumes = [
"/home/christoph/Movies:/media/movies"
"/home/christoph/Shows:/media/tvshows"
"fileflows_temp:/temp"
"/var/run/docker.sock:/var/run/docker.socl:ro"
];
hostname = "Nixinator";
environment = {
PUID = "3000";
PGID = "3000";
TZ = "Europe/Berlin";
FFNODE = "1";
ServerUrl = "https://fileflows.local.chriphost.de";
};
extraOptions = [
"--privileged"
"--device=nvidia.com/gpu=all"
# "--net=behind-nginx"
];
};
};
}

51
system/services/fileflows.nix Normal file
View File

@ -0,0 +1,51 @@
{
config,
lib,
pkgs,
...
}: let
version = "25.10";
in {
virtualisation.oci-containers.containers = {
fileflows = {
image = "revenz/fileflows:${version}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [];
ports = [];
volumes = [
"fileflows_temp:/temp"
"fileflows_data:/app/Data"
"fileflows_logs:/app/Logs"
"/media/Movie:/media/movies"
"/media/Show:/media/tvshows"
"/var/run/docker.sock:/var/run/docker.sock:ro"
];
environment = {
PUID = "3000";
PGID = "3000";
TZ = "Europe/Berlin";
};
extraOptions = [
"--privileged"
"--device=nvidia.com/gpu=all"
"--net=behind-nginx"
];
};
};
}

2
system/services/formula10.nix
View File

@ -14,7 +14,7 @@ in {
dependsOn = [];
ports = [
"55555:5000"
"55555:5000" # Bind for VPS
];
volumes = [

6
system/services/formula11.nix
View File

@ -12,12 +12,10 @@ in {
image = "gitea.vps.chriphost.de/christoph/pocketbase:${pocketbaseVersion}";
autoStart = true;
dependsOn = [
# "pihole"
];
dependsOn = [];
ports = [
"8090:8080"
"8090:8080" # Bind for VPS
];
volumes = [

2
system/services/gitea.nix
View File

@ -72,7 +72,7 @@ in {
];
ports = [
"3000:3000"
"3000:3000" # Bind for VPS
# NOTE: Set .git/config url to ssh://christoph@gitea.local.chriphost.de:222/christoph/<repo>.git
"222:222" # Gitea SSH

2
system/services/immich.nix
View File

@ -73,7 +73,7 @@ in {
];
ports = [
"2283:8080"
"2283:8080" # Bind for VPS
];
volumes = [

4
system/services/jellyfin.nix
View File

@ -4,7 +4,7 @@
pkgs,
...
}: let
jellyfinVersion = "10.10.7";
jellyfinVersion = "10.11.2";
in {
virtualisation.oci-containers.containers = {
jellyfin = {
@ -25,7 +25,7 @@ in {
];
ports = [
"8096:8096"
"8096:8096" # Bind for VPS
];
volumes = [

2
system/services/nextcloud.nix
View File

@ -112,7 +112,7 @@ in {
];
ports = [
"8080:80"
"8080:80" # Bind for VPS
];
volumes = [

2
system/services/nginx-proxy-manager.nix
View File

@ -4,7 +4,7 @@
pkgs,
...
}: let
nginxVersion = "2.12.6";
nginxVersion = "2.13.1";
in {
virtualisation.oci-containers.containers = {
nginx-proxy-manager = {

2
system/services/paperless.nix
View File

@ -125,7 +125,7 @@ in {
];
ports = [
"8000:8000"
"8000:8000" # Bind for VPS
];
volumes = [

2
system/services/portainer-agent.nix
View File

@ -5,7 +5,7 @@
...
}: let
# Match this with the portainer-ce version
portainerVersion = "2.31.3";
portainerVersion = "2.33.3";
in {
# Use the agent to connect clients to a main portainer instance
virtualisation.oci-containers.containers = {

2
system/services/portainer.nix
View File

@ -5,7 +5,7 @@
...
}: let
# Match this with the portainer agent version
portainerVersion = "2.31.3";
portainerVersion = "2.33.3";
in {
virtualisation.oci-containers.containers = {
portainer = {

2
system/services/statespaces.nix
View File

@ -14,7 +14,7 @@ in {
ports = [
# "8080:8090"
# "3111:5173"
"3111:8080"
"3111:8080" # Bind for VPS
];
volumes = [];

51
system/services/teamspeak.nix Normal file
View File

@ -0,0 +1,51 @@
{
config,
lib,
pkgs,
...
}: let
teamspeakVersion = "v6.0.0-beta7";
in {
virtualisation.oci-containers.containers = {
teamspeak = {
image = "teamspeaksystems/teamspeak6-server:${teamspeakVersion}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [];
ports = [
# Bind for VPS
"9987:9987/udp" # Voice port
"30033:30033" # File transfer
"10080:10080/tcp" # Web query
];
volumes = [
"teamspeak_data:/var/tsserver"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
TSSERVER_LICENSE_ACCEPTED = "accept";
};
extraOptions = [
# "--privileged"
# "--device=nvidia.com/gpu=all"
# "--net=behind-nginx"
];
};
};
}

54
system/services/tinymediamanager.nix Normal file
View File

@ -0,0 +1,54 @@
{
config,
lib,
pkgs,
...
}: let
version = "5.2.3";
in {
virtualisation.oci-containers.containers = {
tinymediamanager = {
image = "tinymediamanager/tinymediamanager:${version}";
autoStart = true;
login = {
# Uses DockerHub by default
# registry = "";
# DockerHub Credentials
username = "christoph.urlacher@protonmail.com";
passwordFile = "${config.sops.secrets.docker-password.path}";
};
dependsOn = [];
ports = [];
volumes = [
"tinymediamanager_data:/data"
"/media/Show:/media/tvshows"
"/media/Movie:/media/movies"
];
environment = {
PUID = "1000";
PGID = "1000";
TZ = "Europe/Berlin";
USER_ID = "1000";
GROUP_ID = "1000";
ALLOW_DIRECT_VNC = "true";
LC_ALL = "en_US.UTF-8"; # force UTF8
LANG = "en_US.UTF-8"; # force UTF8
PASSWORD = "<password>";
};
extraOptions = [
# "--privileged"
# "--device=nvidia.com/gpu=all"
"--net=behind-nginx"
];
};
};
}

8
system/thinknix/hardware-configuration.nix
View File

@ -40,22 +40,22 @@
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};
# SG Exos Mirror Shares
# TrueNAS
"/media/Movie" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Movie";
device = "192.168.86.20:/mnt/Seagate4TB/Movies";
fsType = "nfs";
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};
"/media/Show" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Show";
device = "192.168.86.20:/mnt/Seagate4TB/Shows";
fsType = "nfs";
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};
"/media/TV-Music" = {
device = "192.168.86.20:/mnt/SG Exos Mirror 18TB/Music";
device = "192.168.86.20:/mnt/Seagate4TB/Music";
fsType = "nfs";
options = ["defaults" "rw" "relatime" "_netdev" "bg" "soft"];
};