aynish/helm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cd8bb0fe0fdcc563be8eee7630974c1c356ce711
helm/hosts/box/default.nix
T
Anish Lakhwara cd8bb0fe0f migrate to radicle
2026-01-21 21:55:37 -08:00

104 lines
2.8 KiB
Nix
Raw Blame History

{ self, pkgs, ... }:
{
imports = [
./configuration.nix
../profiles/core
../profiles/server
../profiles/taskd
../profiles/shaarli
../profiles/dns
../profiles/monitoring
../profiles/nfs
../profiles/gonic
../profiles/headphones
../profiles/radicale
# ../profiles/seafile # waiting for https://github.com/NixOS/nixpkgs/pull/249523 to be merged
../profiles/syncthing
../profiles/dhyan
../profiles/calibre
../profiles/wallabag
../profiles/finance
../profiles/sync/website
../profiles/sync/music
# ../profiles/grasp # private repo - disabled
# ../profiles/archivebox # requires insecure django - fix in flake.nix permittedInsecurePackages
../profiles/woodpecker-agent
../profiles/jellyfin
../profiles/ulogger-server
../profiles/immich
../profiles/jacket
../profiles/gpodder
../profiles/transmission
../profiles/raven
../profiles/radicle-node
# ../profiles/postgres_upgrade_script # one-time use
];
# Backups
age.secrets.borg-password.file = "${self}/secrets/borg-password.age";
services.postgresqlBackup = {
enable = true;
databases = [
"wallabag"
"immich"
"ulogger"
];
location = "/tank/backup/postgresql";
};
mossnet.backup = {
enable = true;
name = "mossnet";
paths = [
"/var/lib/taskserver" # taskwarrior
"/var/www/shaarli-config" # shaarli
"/tank/backup/postgresql" # postgresql backups
"/var/lib/radicale" # radicale
"/tank/syncthing/drawing" # syncthing
"/tank/books" # calibre-web
"/home/anish/usr/finance" # beancount
"/tank/postgres" # postgres data
"/tank/media/photos"
"/tank/media/music"
"/var/lib/radicle"
];
};
# opencode-manager ports
networking.firewall = {
allowedTCPPorts = [
5003 # opencode-manager backend
5173 # opencode-manager frontend
5551 # opencode server
];
allowedTCPPortRanges = [
{
from = 7000;
to = 9000;
}
]; # ports for testing user changes
};
environment.systemPackages = with pkgs; [ lm_sensors ];
# hardware.fancontrol = {
# enable = false;
# config = '''';
# };
# Secrets
age.secrets.box-wg.file = "${self}/secrets/box-wg.age";
age.secrets.box-wg.owner = "anish";
age.secrets.borg-key.file = "${self}/secrets/borg-key.age";
age.secrets.github-token.file = "${self}/secrets/github-token.age";
age.secrets.github-token.owner = "anish";
age.secrets.anthropicToken.file = "${self}/secrets/anthropicToken.age";
age.secrets.anthropicToken.owner = "anish";
mossnet.wg = {
enable = true;
ips = [ "10.0.69.4/24" ];
privateKeyFile = "/run/agenix/box-wg";
};
services.syncthing.guiAddress = "0.0.0.0:8384"; # public syncthing
system.stateVersion = "19.09";
}
Reference in New Issue View Git Blame Copy Permalink