misschloe/nix-config
1
0
Fork 0
mirror of https://github.com/harryssecret/homelab-nix.git synced 2025-08-09 23:20:18 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: misschloe:c84a24c2ac6bf8159b213aab4896af36e2839564
Branches Tags
misschloe:main
misschloe:next
..
compare: misschloe:4bdec356fa7603ac134b8dc3d2f505f57f09a311
Branches Tags
misschloe:main
misschloe:next

No commits in common. "c84a24c2ac6bf8159b213aab4896af36e2839564" and "4bdec356fa7603ac134b8dc3d2f505f57f09a311" have entirely different histories.
c84a24c2ac ... 4bdec356fa

7 changed files with 31 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

10
features/shared/ssh.nix
View file

@ -8,14 +8,4 @@
PermitRootLogin = "no"; PermitRootLogin = "no";
}; };
}; };
services.fail2ban.jails.sshd.settings = {
ssh = ''
enabled = true
port = ssh
filter = sshd
logpath = %(sshd_log)s
maxretry = 5
'';
};
} }

5
hosts/sisyphe/configuration.nix
View file

@ -142,11 +142,6 @@ in
"dotnet-sdk-wrapped-6.0.428" "dotnet-sdk-wrapped-6.0.428"
]; ];
# seems like sabnzbd needs some unfree pkgs...
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"unrar"
];
# This option defines the first version of NixOS you have installed on this particular machine, # This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

21
hosts/sisyphe/features/fail2ban.nix
View file

@ -4,25 +4,6 @@
enable = true; enable = true;
ignoreIP = [ "192.168.1.0/24" ]; ignoreIP = [ "192.168.1.0/24" ];
extraPackages = [ ]; extraPackages = [ ];
jails = { jails = { };
nextcloud = ''
enabled = true;
filter = nextcloud
port = http,https
'';
};
}; };
environment.etc = {
"fail2ban/filter.d/nextcloud.conf".text = ''
[Definition]
_groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service
'';
};
} }

1
hosts/sisyphe/features/multimedia/default.nix
View file

@ -3,7 +3,6 @@
./arr-suite.nix ./arr-suite.nix
./calibre-web.nix ./calibre-web.nix
./slskd.nix ./slskd.nix
./sabnzbd.nix
./transmission.nix ./transmission.nix
./jellyfin.nix ./jellyfin.nix
]; ];

18
hosts/sisyphe/features/multimedia/sabnzbd.nix
View file

@ -1,18 +0,0 @@
{config, pkgs, ...}:
{
services.sabnzbd = {
enable = true;
};
services.caddy.virtualHosts."http://sabnzbd.normandy.sisyphe.hypervirtual.world".extraConfig = ''
reverse_proxy 8080
'';
/*
services.prometheus.exporters.sabnzbd = {
enable = true;
servers = [
localhost
]
};*/
}

1
hosts/sisyphe/features/samba-shares.nix
View file

@ -16,6 +16,7 @@ in
config = { config = {
services.samba = { services.samba = {
enable = true; enable = true;
securityType = "user";
openFirewall = true; openFirewall = true;
settings = { settings = {
global = { global = {

31
hosts/sisyphe/features/services/nextcloud.nix
View file

@ -25,7 +25,6 @@
database.createLocally = true; database.createLocally = true;
webserver = "caddy"; webserver = "caddy";
configureRedis = true; configureRedis = true;
package = pkgs.nextcloud30;
config = { config = {
dbtype = "pgsql"; dbtype = "pgsql";
adminpassFile = config.sops.secrets.adminNextcloudPass.path; adminpassFile = config.sops.secrets.adminNextcloudPass.path;
@ -63,9 +62,37 @@
]; ];
phpOptions."opcache.interned_strings_buffer" = "23"; phpOptions."opcache.interned_strings_buffer" = "23";
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
contacts
calendar
previewgenerator
twofactor_nextcloud_notification
;
memories = pkgs.fetchNextcloudApp {
sha256 = "sha256-tzxeffvwMwthvBRG+/cLCXZkVS32rlf5v7XOKTbGoOo=";
url = "https://github.com/pulsejet/memories/releases/download/v7.3.1/memories.tar.gz";
license = "agpl3Only";
};
/*
not useful for me
registration = pkgs.fetchNextcloudApp {
sha256 = "sha256-dDaQHyHdkkd8ZammLdck2HNGqqfEaunwevdPzbWzB8Y=";
url = "https://github.com/nextcloud-releases/registration/releases/download/v2.4.0/registration-v2.4.0.tar.gz";
license = "agpl3Only";
};
*/
facerecognition = pkgs.fetchNextcloudApp {
sha256 = "sha256-FtYItN0Iy2QpSNf0GPs7fIPYgBdEuKHJGwZ7GQNySZE=";
url = "https://github.com/matiasdelellis/facerecognition/releases/download/v0.9.60/facerecognition.tar.gz";
license = "agpl3Only";
};
};
extraAppsEnable = true;
appstoreEnable = true; # why i would want appstore to be disabled ??? appstoreEnable = true; # why i would want appstore to be disabled ???
autoUpdateApps.enable = true; autoUpdateApps.enable = true;
cli.memoryLimit = "4G";
}; };
environment.systemPackages = environment.systemPackages =