nits

2025-02-01 11:12:31 -05:00 · 2025-02-01 11:12:31 -05:00 · ad8a012746
commit ad8a012746
parent 964041c860
6 changed files with 49 additions and 4 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -196,7 +196,6 @@
    pfetch-rs

    sbctl
-
  ];

  services.zfs = {
@ -288,7 +287,6 @@
      "render"
      "postgres"
      "owntracks"
-      "immich"
    ];
    hashedPasswordFile = "/etc/nixos/secrets/hashedPass";

--- a/disk-config.nix
+++ b/disk-config.nix
@ -0,0 +1,33 @@
+{
+  disko.devices = {
+    disk = {
+      main = {
+        # When using disko-install, we will overwrite this value from the commandline
+        device = "/dev/disk/by-id/some-disk-id";
+        type = "disk";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              type = "EF00";
+              size = "500M";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "f2fs";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/flake.nix
+++ b/flake.nix
@ -24,6 +24,11 @@
      url = "github:nix-community/home-manager/release-24.11";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+
+    disko = {
+      url = "github:nix-community/disko";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
  };

  outputs =
@ -35,6 +40,7 @@
      nixpkgs-qbt,
      home-manager,
      lanzaboote,
+      disko,
      ...
    }@inputs:
    let
@ -54,6 +60,7 @@
          ollama = 11434;
          bitmagnet = 3333;
          owntracks = 3825;
+          gitea = 2283;
        };

        https = {
@ -108,6 +115,8 @@
        };
        modules =
          [
+            ./disk-config.nix
+            disko.nixosModules.disko
            ./configuration.nix

            vpn-confinement.nixosModules.default
--- a/services/caddy.nix
+++ b/services/caddy.nix
@ -52,7 +52,7 @@ in
      "torrent.${service_configs.https.domain}".extraConfig = ''
        # tls internal
        ${import ../secrets/caddy_auth.nix}
-        reverse_proxy ${service_configs.https.wg_ip}:${builtins.toString service_configs.ports.torrent}
+        reverse_proxy ${service_configs.https.wg_ip}:${builtins.toString config.services.qbittorrent.webuiPort}
      '';

      "map.${service_configs.https.domain}".extraConfig = ''
--- a/services/gitea.nix
+++ b/services/gitea.nix
@ -18,7 +18,7 @@
      server = {
        DOMAIN = service_configs.gitea.domain;
        ROOT_URL = "https://" + config.services.gitea.settings.server.DOMAIN;
-        HTTP_PORT = 3281;
+        HTTP_PORT = service_configs.ports.gitea;
        LANDING_PAGE = "/explore/repos";
      };
      session = {
--- a/services/immich.nix
+++ b/services/immich.nix
@ -2,6 +2,7 @@
  service_configs,
  pkgs,
  config,
+  username,
  ...
 }:
 {
@ -28,4 +29,8 @@
    "video"
    "render"
  ];
+
+  users.users.${username}.extraGroups = [
+    config.services.immich.group
+  ];
 }