Compare commits
2 Commits
047d5b0d9d
...
ea7501f606
| Author | SHA1 | Date |
|---|---|---|
 Felix Albrigtsen
|
ea7501f606 | |
|
Felix Albrigtsen
|
a19ab9a661 |
46
flake.lock
46
flake.lock
|
|
@ -1,5 +1,20 @@
|
|||
{
|
||||
"nodes": {
|
||||
"extra-config": {
|
||||
"locked": {
|
||||
"lastModified": 1720193877,
|
||||
"narHash": "sha256-f+ZtFQTbbmieTYLANn0AOz439/sIH+HumOAhItdYYig=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "f9817deef3d4e56a31a89ee93419a9acd278e922",
|
||||
"revCount": 9,
|
||||
"type": "git",
|
||||
"url": "file:///home/felixalb/nix-extra-config"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "file:///home/felixalb/nix-extra-config"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
|
@ -164,11 +179,11 @@
|
|||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1718086528,
|
||||
"narHash": "sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw=",
|
||||
"lastModified": 1719956923,
|
||||
"narHash": "sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "47b604b07d1e8146d5398b42d3306fdebd343986",
|
||||
"rev": "706eef542dec88cc0ed25b9075d3037564b2d164",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -180,14 +195,14 @@
|
|||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"extra-config": "extra-config",
|
||||
"home-manager": "home-manager",
|
||||
"matrix-synapse-next": "matrix-synapse-next",
|
||||
"nix-darwin": "nix-darwin",
|
||||
"nix-minecraft": "nix-minecraft",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"sops-nix": "sops-nix",
|
||||
"unstable": "unstable",
|
||||
"voyager-addons": "voyager-addons"
|
||||
"unstable": "unstable"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
|
|
@ -228,11 +243,11 @@
|
|||
},
|
||||
"unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1716948383,
|
||||
"narHash": "sha256-SzDKxseEcHR5KzPXLwsemyTR/kaM9whxeiJohbL04rs=",
|
||||
"lastModified": 1720031269,
|
||||
"narHash": "sha256-rwz8NJZV+387rnWpTYcXaRNvzUSnnF9aHONoJIYmiUQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ad57eef4ef0659193044870c731987a6df5cf56b",
|
||||
"rev": "9f4128e00b0ae8ec65918efeba59db998750ead6",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -241,21 +256,6 @@
|
|||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"voyager-addons": {
|
||||
"locked": {
|
||||
"lastModified": 1717176924,
|
||||
"narHash": "sha256-pYq/v0RNwHshSZf2OeH3P6Aa4/zHGDAJq7Z2Ah9i700=",
|
||||
"ref": "refs/heads/main",
|
||||
"rev": "15f32cc6b828c56cb6a954de0096b81f291100d9",
|
||||
"revCount": 8,
|
||||
"type": "git",
|
||||
"url": "file:///home/felixalb/voyager-addons"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "file:///home/felixalb/voyager-addons"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
|
|||
25
flake.nix
25
flake.nix
|
|
@ -14,8 +14,7 @@
|
|||
matrix-synapse-next.url = "github:dali99/nixos-matrix-modules/v0.6.0";
|
||||
nix-minecraft.url = "github:Infinidoge/nix-minecraft";
|
||||
|
||||
# voyager-addons.url = "git+ssh://git@git.feal.no:2222/felixalb/voyager-addons.git";
|
||||
voyager-addons.url = "git+file:///home/felixalb/voyager-addons";
|
||||
extra-config.url = "git+file:///home/felixalb/nix-extra-config";
|
||||
|
||||
sops-nix.url = "github:Mic92/sops-nix";
|
||||
sops-nix.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
|
@ -30,7 +29,7 @@
|
|||
, nixpkgs
|
||||
, sops-nix
|
||||
, unstable
|
||||
, voyager-addons
|
||||
, extra-config
|
||||
, ... }@inputs:
|
||||
let
|
||||
pkgs-overlay = final: prev: {
|
||||
|
|
@ -48,25 +47,6 @@
|
|||
in
|
||||
{
|
||||
nixosConfigurations = {
|
||||
voyager = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = {
|
||||
inherit inputs;
|
||||
};
|
||||
modules = [
|
||||
# Overlays-module makes "pkgs.unstable" available in configuration.nix
|
||||
({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
|
||||
|
||||
./hosts/voyager/configuration.nix
|
||||
voyager-addons.nixosModules.default
|
||||
sops-nix.nixosModules.sops
|
||||
home-manager.nixosModules.home-manager {
|
||||
home-manager.useGlobalPkgs = true;
|
||||
home-manager.useUserPackages = true;
|
||||
home-manager.users."felixalb" = import ./hosts/voyager/home.nix;
|
||||
}
|
||||
];
|
||||
};
|
||||
challenger = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = {
|
||||
|
|
@ -77,6 +57,7 @@
|
|||
({ config, pkgs, ... }: { nixpkgs.overlays = [ pkgs-overlay ]; })
|
||||
|
||||
./hosts/challenger/configuration.nix
|
||||
extra-config.nixosModules.default
|
||||
sops-nix.nixosModules.sops
|
||||
home-manager.nixosModules.home-manager {
|
||||
home-manager.useGlobalPkgs = true;
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ in {
|
|||
telescope-nvim
|
||||
|
||||
nvim-lspconfig
|
||||
copilot-vim
|
||||
# copilot-vim
|
||||
nvim-treesitter
|
||||
|
||||
coc-css
|
||||
|
|
|
|||
|
|
@ -36,9 +36,4 @@
|
|||
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
|
||||
'';
|
||||
};
|
||||
|
||||
fileSystems."/tank/media/jellyfin/Music" = {
|
||||
device = "tank/media/music";
|
||||
fsType = "zfs";
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -45,6 +45,17 @@ in {
|
|||
};
|
||||
oidc_login_filter_allowed_values = [ "nextcloud-user" ];
|
||||
oidc_login_disable_registration = false;
|
||||
|
||||
memories = {
|
||||
# exiftool = "${lib.getExe pkgs.exiftool}"; # TODO - not working, use perl
|
||||
# exiftool_no_local = false;
|
||||
vod = {
|
||||
disable = false;
|
||||
ffmpeg = "${lib.getExe pkgs.ffmpeg-headless}";
|
||||
ffprobe = "${pkgs.ffmpeg-headless}/bin/ffprobe";
|
||||
};
|
||||
};
|
||||
preview_ffmpeg_path = "${pkgs.ffmpeg-headless}/bin/ffmpeg";
|
||||
};
|
||||
|
||||
secretFile = config.sops.secrets."nextcloud/secretsjson".path;
|
||||
|
|
@ -64,7 +75,10 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [ cfg.occ ];
|
||||
environment.systemPackages = [
|
||||
cfg.occ # "occ CMD" in the docs -> "sudo -u nextcloud nextcloud-occ CMD"
|
||||
pkgs.nodejs_20 # For Recognize; Put /run/current-system/sw/bin/node in the "node_binary" field in the web UI -> Memories
|
||||
];
|
||||
|
||||
sops.secrets."nextcloud/adminpass" = {
|
||||
mode = "0440";
|
||||
|
|
@ -87,6 +101,10 @@ in {
|
|||
} ];
|
||||
};
|
||||
|
||||
systemd.services.nextcloud-cron = {
|
||||
path = [ pkgs.perl ]; # exiftool doesn't work, so make perl available instead
|
||||
};
|
||||
|
||||
systemd.services."nextcloud-setup" = {
|
||||
requires = [ "postgresql.service" ];
|
||||
after = [ "postgresql.service" ];
|
||||
|
|
@ -94,10 +112,12 @@ in {
|
|||
|
||||
systemd.services."phpfpm-nextcloud" = {
|
||||
requires = [ "tank-nextcloud.mount" ];
|
||||
path = [ pkgs.perl ];
|
||||
serviceConfig = {
|
||||
PrivateDevices = lib.mkForce false;
|
||||
WorkingDirectory = "/tank/nextcloud";
|
||||
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
PrivateTmp = true;
|
||||
ProtectClock = true;
|
||||
|
|
@ -118,4 +138,11 @@ in {
|
|||
CapabilityBoundingSet = "~CAP_FSETID ~CAP_SETFCAP ~CAP_SETUID ~CAP_SETGID ~CAP_SETPCAP ~CAP_NET_ADMIN ~CAP_SYS_ADMIN ~CAP_SYS_PTRACE ";
|
||||
};
|
||||
};
|
||||
|
||||
# Notes:
|
||||
# - Install Memories and Recognize from the app store
|
||||
# - They might need to be forced on with "nextcloud-occ app:enable memories", etc.
|
||||
# - Run "nextcloud-occ maintenance:repair" to fix broken paths
|
||||
# - Download ai models and maps with the commands given in the ui
|
||||
# - libtensorflow doesn't work properly through node, but recognize still works(?)
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue