diff --git a/configuration.nix b/configuration.nix index 52cf27a..e96dbf2 100644 --- a/configuration.nix +++ b/configuration.nix @@ -17,7 +17,8 @@ ./services/immich.nix ./services/gitea.nix ./services/minecraft.nix - ./services/llm.nix + # ./services/llm.nix + # ./services/soulseek.nix ]; systemd.targets = { @@ -48,11 +49,12 @@ }; boot = { - # kernelPackages = pkgs.linuxPackages_6_10; - kernelPackages = pkgs.linuxPackages; + kernelPackages = pkgs.linuxPackages_latest; supportedFilesystems = [ "zfs" ]; zfs.extraPools = [ "tank" ]; + zfs.package = pkgs.zfsUnstable; + loader = { # Use the systemd-boot EFI boot loader. systemd-boot.enable = true; @@ -207,6 +209,7 @@ hostId = "0f712d56"; firewall.enable = true; useDHCP = false; + enableIPv6 = false; interfaces.${eth_interface} = { ipv4.addresses = [ @@ -215,6 +218,12 @@ prefixLength = 24; } ]; + ipv6.addresses = [ + { + address = "2603:9001:3900:f005:1779:17ed:4698:6259"; + prefixLength = 64; + } + ]; }; defaultGateway = { address = "10.1.1.1"; @@ -240,9 +249,6 @@ "render" "minecraft" - config.services.gitea.group - config.services.jellyfin.group - config.services.caddy.group ]; hashedPasswordFile = "/etc/nixos/secrets/hashedPass"; diff --git a/flake.lock b/flake.lock index e991846..e119398 100644 --- a/flake.lock +++ b/flake.lock @@ -34,22 +34,6 @@ "type": "github" } }, - "jellyfin": { - "locked": { - "lastModified": 1730145036, - "narHash": "sha256-amYxkGRsSbDe8YNgJ9x0lxDAgDvi3xxO3pRjImdy5DQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "bf8b641d2d58a80650ac486525d7ec5a306b69da", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "pull/351966/head", - "repo": "nixpkgs", - "type": "github" - } - }, "nix-minecraft": { "inputs": { "flake-compat": "flake-compat", @@ -59,11 +43,11 @@ ] }, "locked": { - "lastModified": 1730426071, - "narHash": "sha256-2BkSiHqyWikpz9HSgTBk5kikaQ5m0Rs60C9KA2kf53o=", + "lastModified": 1731375802, + "narHash": "sha256-CvWPEzrl2EA3xrtg9X6K8aqV7T5r0SaDz6PLpGA0yIY=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "4b371c3d119493051d081ff5b6cff689a97ad1a1", + "rev": "b873a123366b9a62f9262414ada8d83b03f1f0bf", "type": "github" }, "original": { @@ -74,11 +58,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730368399, - "narHash": "sha256-F8vJtG389i9fp3k2/UDYHMed3PLCJYfxCqwiVP7b9ig=", + "lastModified": 1731403644, + "narHash": "sha256-T9V7CTucjRZ4Qc6pUEV/kpgNGzQbHWfGcfK6JJLfUeI=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "da14839ac5f38ee6adbdb4e6db09b5eef6d6ccdc", + "rev": "f6581f1c3b137086e42a08a906bdada63045f991", "type": "github" }, "original": { @@ -90,16 +74,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1730200266, - "narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=", + "lastModified": 1731432729, + "narHash": "sha256-xMIgn4+PJrb9IQh/Llq4EOmeoHnz2rDWSqlF2BDPkNQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd", + "rev": "9c66a68772c91490d7991b5136873e09e75d517d", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "master", "repo": "nixpkgs", "type": "github" } @@ -126,7 +110,6 @@ }, "root": { "inputs": { - "jellyfin": "jellyfin", "nix-minecraft": "nix-minecraft", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index f7eb8b0..778678a 100644 --- a/flake.nix +++ b/flake.nix @@ -2,14 +2,13 @@ description = "Flake for server muffin"; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - # nixpkgs.url = "github:NixOS/nixpkgs/master"; + # nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/master"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; quadlet-nix.url = "github:SEIAROTg/quadlet-nix"; quadlet-nix.inputs.nixpkgs.follows = "nixpkgs"; - jellyfin.url = "github:NixOS/nixpkgs/pull/351966/head"; nix-minecraft.url = "github:Infinidoge/nix-minecraft"; nix-minecraft.inputs.nixpkgs.follows = "nixpkgs"; diff --git a/services/caddy.nix b/services/caddy.nix index 1f13e27..755291f 100644 --- a/services/caddy.nix +++ b/services/caddy.nix @@ -1,4 +1,4 @@ -{ config, service_configs, ... }: +{ config, service_configs, username, ... }: { services.caddy = { enable = true; @@ -38,4 +38,8 @@ networking.firewall.allowedUDPPorts = [ service_configs.ports.https ]; + + users.users.${username}.extraGroups = [ + config.services.caddy.group + ]; } diff --git a/services/gitea.nix b/services/gitea.nix index e930e61..59b586f 100644 --- a/services/gitea.nix +++ b/services/gitea.nix @@ -1,6 +1,7 @@ { config, service_configs, + username, ... }: { @@ -39,4 +40,9 @@ } ]; }; + + + users.users.${username}.extraGroups = [ + config.services.gitea.group + ]; } diff --git a/services/jellyfin.nix b/services/jellyfin.nix index 1abca40..c1804bc 100644 --- a/services/jellyfin.nix +++ b/services/jellyfin.nix @@ -3,6 +3,7 @@ config, service_configs, inputs, + username, ... }: { @@ -17,9 +18,6 @@ # used for local streaming openFirewall = true; - # https://github.com/NixOS/nixpkgs/pull/351966 - # package = inputs.jellyfin.legacyPackages.${pkgs.system}.jellyfin; - dataDir = service_configs.jellyfin.dir; cacheDir = config.services.jellyfin.dataDir + "_cache"; }; @@ -28,4 +26,8 @@ "video" "render" ]; + + users.users.${username}.extraGroups = [ + config.services.jellyfin.group + ]; } diff --git a/services/minecraft.nix b/services/minecraft.nix index c9dc551..7b55357 100644 --- a/services/minecraft.nix +++ b/services/minecraft.nix @@ -61,11 +61,6 @@ in sha512 = "3326d278e57cc2d7bdb4348570c3876ed096af872e166241209ef5ac7c823829596a81570db029ac751e5a11b7686046f72119f259365350ca2eba10037f6d24"; }; - krypton = pkgs.fetchurl { - url = "https://cdn.modrinth.com/data/fQEb0iXm/versions/Acz3ttTp/krypton-0.2.8.jar"; - sha512 = "5f8cf96c79bfd4d893f1d70da582e62026bed36af49a7fa7b1e00fb6efb28d9ad6a1eec147020496b4fe38693d33fe6bfcd1eebbd93475612ee44290c2483784"; - }; - tick-stasis = pkgs.fetchurl { url = "https://cdn.modrinth.com/data/t6XBQ2xn/versions/fDbxgNHz/tick-stasis-1.1.1.jar"; sha512 = "346fae7e0f1a62636525a9331643ac4343b781c240db6ef9bafe1b3a295d24d131d2b4b20cef8edc33835e9069fcaf1c2e2b3ce9ced9a2ec6e4e3d82770f52c6"; @@ -90,6 +85,11 @@ in url = "https://cdn.modrinth.com/data/Y8o1j1Sf/versions/6FB2l9zd/better-fabric-console-mc1.21.1-1.2.0.jar"; sha512 = "3120f168a201a0d7eee55dc34788f0b1134754895d86ceca082f72b16902a00fc70ca05c73712b1d45bae8b74176af30a1821e636ba528f2abd60d94b1f35297"; }; + + vivecraft = pkgs.fetchurl { + url = "https://cdn.modrinth.com/data/wGoQDPN5/versions/55ml9ENB/vivecraft-1.21.1-1.1.14-b2-fabric.jar"; + sha512 = "6241183987d6197a5e2b4b17f86db2ee9c594f0b6ec335153f1733c2c9ace9f21d07007150a9082e2834deead68b2c287e9443b23be5cd09a366db3f1593975b"; + }; } ); }; diff --git a/services/quadlet.nix b/services/quadlet.nix index cfad5af..f619c85 100644 --- a/services/quadlet.nix +++ b/services/quadlet.nix @@ -23,7 +23,6 @@ volumes = [ "${service_configs.gluetun.dir}:/gluetun:z" ]; podmanArgs = [ "--device=/dev/net/tun" - "--security-opt label=disable" ]; }; @@ -36,6 +35,7 @@ environments = { WEBUI_PORT = service_configs.ports.torrent; DOCKER_MODS = "ghcr.io/gabe565/linuxserver-mod-vuetorrent"; + # PUID = config.users.users.${config.services.jellyfin.user}.uid; PGID = config.users.groups.${config.services.jellyfin.group}.gid; }; diff --git a/services/soulseek.nix b/services/soulseek.nix new file mode 100644 index 0000000..6a068c3 --- /dev/null +++ b/services/soulseek.nix @@ -0,0 +1,14 @@ +{pkgs, ...}: +{ + services.slskd = { + enable = true; + openFirewall = true; + domain = "www.gardling.com"; + + settings = { + shares = { + directories = ["/tank/music"]; + }; + }; + }; +}