oqyude/nixos
1
0
Fork 0
mirror of https://github.com/oqyude/nixos.git synced 2026-06-15 22:41:52 +03:00
Code Issues Packages Projects Releases Wiki Activity

some fix

Browse Source
This commit is contained in:
Jor Oqyude
2026-03-23 18:22:21 +03:00
parent 6297df804e
commit c8c7c68c04
18 changed files with 225 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files
configurations/hardware/server.nix
+3 -3
View File
@@ -51,9 +51,9 @@
}; };
}; };
swapDevices = [ # swapDevices = [
{ device = "/dev/disk/by-partlabel/disk-main-swap"; } # { device = "/dev/disk/by-partlabel/disk-main-swap"; }
]; # ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
configurations/hardware/vds.nix
+3 -3
View File
@@ -13,9 +13,9 @@
}; };
}; };
swapDevices = [ # swapDevices = [
{ device = "/dev/disk/by-partlabel/disk-main-swap"; } # { device = "/dev/disk/by-partlabel/disk-main-swap"; }
]; # ];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
configurations/vds-new.nix
-47
View File
@@ -46,53 +46,6 @@ let
SystemMaxUse=512M SystemMaxUse=512M
''; '';
}; };
samba = {
enable = true;
openFirewall = true;
settings = {
global = {
"invalid users" = [ ];
"passwd program" = "/run/wrappers/bin/passwd %u";
security = "user";
};
nixos = {
"path" = "/etc/nixos";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
"create mask" = 755;
"directory mask" = 755;
"force user" = "${xlib.device.username}";
"force group" = "users";
};
root = {
"path" = "/";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
#"create mask" = 0644;
#"directory mask" = 0644;
"force user" = "root";
"force group" = "root";
};
"${xlib.device.username}" = {
"path" = "/home/${xlib.device.username}";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
"create mask" = 700;
"directory mask" = 700;
"force user" = "${xlib.device.username}";
"force group" = "users";
};
};
};
openssh = { openssh = {
enable = true; enable = true;
allowSFTP = true; allowSFTP = true;
configurations/vds.nix
-47
View File
@@ -46,53 +46,6 @@ let
SystemMaxUse=512M SystemMaxUse=512M
''; '';
}; };
samba = {
enable = true;
openFirewall = true;
settings = {
global = {
"invalid users" = [ ];
"passwd program" = "/run/wrappers/bin/passwd %u";
security = "user";
};
nixos = {
"path" = "/etc/nixos";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
"create mask" = 755;
"directory mask" = 755;
"force user" = "${xlib.device.username}";
"force group" = "users";
};
root = {
"path" = "/";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
#"create mask" = 0644;
#"directory mask" = 0644;
"force user" = "root";
"force group" = "root";
};
"${xlib.device.username}" = {
"path" = "/home/${xlib.device.username}";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
"create mask" = 700;
"directory mask" = 700;
"force user" = "${xlib.device.username}";
"force group" = "users";
};
};
};
openssh = { openssh = {
enable = true; enable = true;
allowSFTP = true; allowSFTP = true;
flake.lock
Generated
+24 -7
View File
@@ -173,13 +173,29 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-master": { "nixpkgs-calibre": {
"locked": { "locked": {
"lastModified": 1774276957, "lastModified": 1772956932,
"narHash": "sha256-9LOxM/xgYXLuL/BkfusCcQh0kQKbCv97DzIi+bslzzc=", "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3605980cfb31e415cae5cf57d0552dd4158ae7f1", "rev": "608d0cadfed240589a7eea422407a547ad626a14",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "608d0cadfed240589a7eea422407a547ad626a14",
"type": "github"
}
},
"nixpkgs-master": {
"locked": {
"lastModified": 1774284444,
"narHash": "sha256-w0UscE/s+KYqgZzdh3yWVzSBqEvSzByHUrIdGFf25PA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "27298c9e6596851fe781e04e54704d705d91f38b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -191,11 +207,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1773964973, "lastModified": 1774244481,
"narHash": "sha256-NV/J+tTER0P5iJhUDL/8HO5MDjDceLQPRUYgdmy5wXw=", "narHash": "sha256-4XfMXU0DjN83o6HWZoKG9PegCvKvIhNUnRUI19vzTcQ=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "812b3986fd1568f7a858f97fcf425ad996ba7d25", "rev": "4590696c8693fea477850fe379a01544293ca4e2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -299,6 +315,7 @@
"nixos-wsl": "nixos-wsl", "nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"nixpkgs-beets": "nixpkgs-beets", "nixpkgs-beets": "nixpkgs-beets",
"nixpkgs-calibre": "nixpkgs-calibre",
"nixpkgs-master": "nixpkgs-master", "nixpkgs-master": "nixpkgs-master",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"noctalia": "noctalia", "noctalia": "noctalia",
flake.nix
+1 -1
View File
@@ -8,7 +8,7 @@
# nixpkgs # nixpkgs
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
# nixpkgs-last-unstable.url = "github:NixOS/nixpkgs/6b4955211758ba47fac850c040a27f23b9b4008f"; # nixpkgs-last-unstable.url = "github:NixOS/nixpkgs/6b4955211758ba47fac850c040a27f23b9b4008f";
# nixpkgs-calibre.url = "github:NixOS/nixpkgs/e6f23dc08d3624daab7094b701aa3954923c6bbb"; nixpkgs-calibre.url = "github:NixOS/nixpkgs/608d0cadfed240589a7eea422407a547ad626a14";
nixpkgs-master.url = "github:NixOS/nixpkgs/master"; nixpkgs-master.url = "github:NixOS/nixpkgs/master";
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11";
nixpkgs-beets.url = "github:NixOS/nixpkgs/2343bbb58f99267223bc2aac4fc9ea301a155a16"; nixpkgs-beets.url = "github:NixOS/nixpkgs/2343bbb58f99267223bc2aac4fc9ea301a155a16";
home/home.nix
+3 -3
View File
@@ -15,7 +15,7 @@ let
]; ];
home = { home = {
username = username; username = username;
stateVersion = lib.mkDefault "25.05"; stateVersion = lib.mkDefault "26.05";
homeDirectory = homeDirectory =
if username == "root" then lib.mkDefault "/${username}" else lib.mkDefault "/home/${username}"; if username == "root" then lib.mkDefault "/${username}" else lib.mkDefault "/home/${username}";
enableNixpkgsReleaseCheck = false; enableNixpkgsReleaseCheck = false;
@@ -24,7 +24,7 @@ let
mkRootModule = username: { mkRootModule = username: {
home = { home = {
username = username; username = username;
stateVersion = lib.mkDefault "25.05"; stateVersion = lib.mkDefault "26.05";
homeDirectory = homeDirectory =
if username == "root" then lib.mkDefault "/${username}" else lib.mkDefault "/home/${username}"; if username == "root" then lib.mkDefault "/${username}" else lib.mkDefault "/home/${username}";
enableNixpkgsReleaseCheck = false; enableNixpkgsReleaseCheck = false;
@@ -36,7 +36,7 @@ let
]; ];
home = { home = {
username = username; username = username;
stateVersion = lib.mkDefault "25.05"; stateVersion = lib.mkDefault "26.05";
homeDirectory = homeDirectory =
if username == "root" then lib.mkDefault "/${username}" else lib.mkDefault "/home/${username}"; if username == "root" then lib.mkDefault "/${username}" else lib.mkDefault "/home/${username}";
enableNixpkgsReleaseCheck = false; enableNixpkgsReleaseCheck = false;
modules/essentials/packages.nix
+9 -12
View File
@@ -53,7 +53,9 @@ in
wget wget
tree tree
dust dust
flow-control tuckr
fresh-editor
#flow-control
# Net Diagnostic # Net Diagnostic
mtr mtr
@@ -86,24 +88,19 @@ in
# To save # To save
tuios tuios
bluetui
# Test
jocalsend jocalsend
lazydocker
dtop
tlrc tlrc
lazyssh lazyssh
mcat mcat
framework-tool-tui
bluetui
snitch snitch
devenv
whosthere whosthere
devenv
# tree-sitter # Test
tree-sitter-grammars.tree-sitter-nix # lazydocker
fresh-editor # dtop
tuckr # framework-tool-tui
]; ];
}; };
environment.variables.EDITOR = "fresh"; environment.variables.EDITOR = "fresh";
modules/essentials/settings.nix
+1 -1
View File
@@ -32,7 +32,7 @@
connect-timeout = 4; connect-timeout = 4;
auto-optimise-store = true; auto-optimise-store = true;
fallback = true; fallback = true;
allow-import-from-derivation = false; allow-import-from-derivation = true;
keep-derivations = false; keep-derivations = false;
keep-outputs = false; keep-outputs = false;
experimental-features = [ experimental-features = [
modules/server/calibre-web.nix
+2 -2
View File
@@ -6,13 +6,13 @@
... ...
}: }:
let let
stable = import inputs.nixpkgs-beets { stable = import inputs.nixpkgs-calibre {
system = "x86_64-linux"; system = "x86_64-linux";
}; };
in in
{ {
services.calibre-web = { services.calibre-web = {
# package = stable.calibre-web; package = stable.calibre-web;
enable = true; enable = true;
# dataDir = "${xlib.dirs.services-mnt-folder}/calibre-web"; # dataDir = "${xlib.dirs.services-mnt-folder}/calibre-web";
options = { options = {
modules/server/immich.nix
-4
View File
@@ -22,10 +22,6 @@ in
accelerationDevices = null; accelerationDevices = null;
machine-learning.enable = true; machine-learning.enable = true;
mediaLocation = "${xlib.dirs.services-mnt-folder}/immich"; mediaLocation = "${xlib.dirs.services-mnt-folder}/immich";
database = {
enableVectors = false;
enableVectorChord = true;
};
}; };
}; };
modules/server/nextcloud.nix
+5 -5
View File
@@ -18,14 +18,14 @@ in
nextcloud-whiteboard-server = { nextcloud-whiteboard-server = {
enable = true; enable = true;
settings = { settings = {
NEXTCLOUD_URL = "http://nextcloud.local"; NEXTCLOUD_URL = "http://nextcloud-private.local";
}; };
secrets = [ "${inputs.zeroq-credentials}/services/nextcloud/jwt-secret.txt" ]; secrets = [ "${inputs.zeroq-credentials}/services/nextcloud/jwt-secret.txt" ];
}; };
nextcloud = { nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud33; package = pkgs.nextcloud33;
hostName = "nextcloud.local"; hostName = "nextcloud-private.local";
database.createLocally = true; database.createLocally = true;
home = "${xlib.dirs.services-mnt-folder}/nextcloud"; home = "${xlib.dirs.services-mnt-folder}/nextcloud";
configureRedis = true; configureRedis = true;
@@ -49,11 +49,12 @@ in
"192.168.1.20" "192.168.1.20"
"localhost" "localhost"
"nextcloud.local" "nextcloud.local"
"nextcloud-private.local"
]; ];
trusted_proxies = [ trusted_proxies = [
"100.64.1.0" "100.64.1.0"
]; ];
overwriteprotocol = "https"; overwriteprotocol = "";
}; };
extraAppsEnable = true; extraAppsEnable = true;
appstoreEnable = false; appstoreEnable = false;
@@ -86,7 +87,6 @@ in
impersonate impersonate
mail mail
music music
#tasks?
tasks tasks
# news # news
notes notes
@@ -142,7 +142,7 @@ in
# fonts.packages = [ work.corefonts ]; # fonts.packages = [ work.corefonts ];
networking.hosts = { networking.hosts = {
"localhost" = [ "nextcloud.local" ]; "localhost" = [ "nextcloud-private.local" ];
}; };
systemd.services.nextcloud-config-collabora = systemd.services.nextcloud-config-collabora =
modules/server/nginx.nix
+108 -60
View File
@@ -5,6 +5,9 @@
xlib, xlib,
... ...
}: }:
let
server = "192.168.1.20";
in
{ {
services = { services = {
nginx = { nginx = {
@@ -14,84 +17,129 @@
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
virtualHosts = { virtualHosts = {
"nextcloud-private.local" = {
forceSSL = false;
enableACME = false;
listen = [
{
addr = "100.64.0.0";
port = 10000;
}
{
addr = "192.168.1.20";
port = 10000;
}
];
};
"nextcloud.local" = { "nextcloud.local" = {
forceSSL = false; forceSSL = false;
enableACME = false; enableACME = false;
listen = [ locations = {
{ "/" = {
addr = "100.64.0.0"; proxyPass = "http://${server}:10000";
port = 10000; proxyWebsockets = true;
} };
{ "/whiteboard" = {
addr = "192.168.1.20"; proxyPass = "http://${server}:3002";
port = 10000; proxyWebsockets = true;
} };
]; };
extraConfig = ''
client_max_body_size 5G;
'';
}; };
# "localhost:19999" = { "kuma.local" = {
# forceSSL = false;
# enableACME = false;
# listen = [
# {
# addr = "100.64.0.0";
# port = 19999;
# }
# {
# addr = "192.168.1.20";
# port = 19999;
# }
# ];
# };
"zeroq.local" = {
forceSSL = false; forceSSL = false;
enableACME = false; enableACME = false;
root = pkgs.writeTextDir "index.html" '' locations."/" = {
<!doctype html> proxyPass = "http://${server}:4001";
<html> proxyWebsockets = true;
<body> };
<pre>This server is running in backend.</pre>
</body>
</html>
'';
listen = [
{
addr = "100.64.0.0";
port = 80;
}
{
addr = "192.168.1.20";
port = 80;
}
];
}; };
# "localhost:8000" = { "health.local" = {
forceSSL = false;
enableACME = false;
locations."/" = {
proxyPass = "http://${server}:19999";
proxyWebsockets = true;
};
};
"agent.local" = {
forceSSL = false;
enableACME = false;
locations."/" = {
proxyPass = "http://${server}:3000";
proxyWebsockets = true;
};
};
"flux.local" = {
forceSSL = false;
enableACME = false;
locations."/" = {
proxyPass = "http://${server}:6061";
proxyWebsockets = true;
};
};
"immich.local" = {
forceSSL = false;
enableACME = false;
locations."/" = {
proxyPass = "http://${server}:2283";
proxyWebsockets = true;
};
extraConfig = ''
client_max_body_size 5G;
'';
};
"office.local" = {
enableACME = false;
forceSSL = false;
locations = {
"/" = {
proxyPass = "http://${server}:9980";
proxyWebsockets = true;
};
};
extraConfig = ''
client_max_body_size 5G;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
''; # absolute_redirect off;
};
"calibre.local" = {
forceSSL = false;
enableACME = false;
locations."/" = {
proxyPass = "http://${server}:8083";
proxyWebsockets = true;
};
extraConfig = ''
client_max_body_size 5G;
'';
};
# "zeroq.local" = {
# forceSSL = false; # forceSSL = false;
# enableACME = false; # enableACME = false;
# root = pkgs.writeTextDir "index.html" ''
# <!doctype html>
# <html>
# <body>
# <pre>This server is running in backend.</pre>
# </body>
# </html>
# '';
# listen = [ # listen = [
# { # {
# addr = "100.64.0.0"; # addr = "100.64.0.0";
# port = 9980; # port = 80;
# } # }
# { # {
# addr = "192.168.1.20"; # addr = "192.168.1.20";
# port = 9980; # port = 80;
# } # }
# ]; # ];
# }; # };
# "office.zeroq.ru" = {
# forceSSL = false;
# enableACME = false;
# locations."/" = {
# proxyPass = "http://onlyoffice.local:8000";
# proxyWebsockets = true;
# };
# extraConfig = ''
# # Force nginx to return relative redirects. This lets the browser
# # figure out the full URL. This ends up working better because it's in
# # front of the reverse proxy and has the right protocol, hostname & port.
# absolute_redirect off;
# '';
# };
}; };
}; };
}; };
modules/server/samba.nix
+3
View File
@@ -6,6 +6,9 @@
{ {
services.samba = { services.samba = {
enable = true; enable = true;
nmbd = {
enable = false;
};
settings = { settings = {
global = { global = {
"invalid users" = [ ]; "invalid users" = [ ];
modules/vds/default.nix
+1
View File
@@ -6,6 +6,7 @@
imports = [ imports = [
../containers/3x-ui.nix ../containers/3x-ui.nix
./nginx.nix ./nginx.nix
./samba.nix
# ./xray.nix # ./xray.nix
# ./netbird.nix # ./netbird.nix
]; ];
modules/vds/nginx.nix
+5 -7
View File
@@ -45,6 +45,10 @@ in
proxyPass = "http://localhost:2096"; proxyPass = "http://localhost:2096";
proxyWebsockets = true; proxyWebsockets = true;
}; };
"/subsjs/" = {
proxyPass = "http://localhost:2096";
proxyWebsockets = true;
};
}; };
}; };
"kuma.zeroq.ru" = { "kuma.zeroq.ru" = {
@@ -54,9 +58,6 @@ in
proxyPass = "http://${server}:4001"; proxyPass = "http://${server}:4001";
proxyWebsockets = true; proxyWebsockets = true;
}; };
extraConfig = ''
client_max_body_size 5G;
'';
}; };
"health.zeroq.ru" = { "health.zeroq.ru" = {
forceSSL = true; forceSSL = true;
@@ -117,16 +118,13 @@ in
proxyPass = "http://${server}:6061"; proxyPass = "http://${server}:6061";
proxyWebsockets = true; proxyWebsockets = true;
}; };
extraConfig = ''
client_max_body_size 5G;
'';
}; };
"office.zeroq.ru" = { "office.zeroq.ru" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations = { locations = {
"/" = { "/" = {
proxyPass = "http://${server}:9980"; # API и coauthoring proxyPass = "http://${server}:9980";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };
modules/vds/samba.nix
+56
View File
@@ -0,0 +1,56 @@
{
config,
xlib,
...
}:
{
services.samba = {
enable = true;
nmbd = {
enable = false;
};
settings = {
global = {
"invalid users" = [ ];
"passwd program" = "/run/wrappers/bin/passwd %u";
security = "user";
};
nixos = {
"path" = "/etc/nixos";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
"create mask" = 755;
"directory mask" = 755;
"force user" = "${xlib.device.username}";
"force group" = "users";
};
root = {
"path" = "/";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
#"create mask" = 0644;
#"directory mask" = 0644;
"force user" = "root";
"force group" = "root";
};
"${xlib.device.username}" = {
"path" = "/home/${xlib.device.username}";
"browseable" = "yes";
"read only" = "no";
"valid users" = "${xlib.device.username}";
"guest ok" = "no";
"writable" = "yes";
"create mask" = 700;
"directory mask" = 700;
"force user" = "${xlib.device.username}";
"force group" = "users";
};
};
};
}
modules/wsl/default.nix
+1 -1
View File
@@ -13,7 +13,7 @@
#../server/open-webui.nix #../server/open-webui.nix
#../services/tts.nix #../services/tts.nix
]; ];
environment.systemPackages = [ environment.systemPackages = [
pkgs.rovr pkgs.rovr
]; ];
} }