zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

fix container

Browse Source
This commit is contained in:
zuckerberg 2021-06-04 09:02:07 -04:00
parent f315600034
commit 312b1d6fa0
4 changed files with 38 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/common.nix
View File

@ -33,6 +33,8 @@
wget kakoune htop git dnsutils tmux nethogs iotop
];
nixpkgs.config.allowUnfree = true;
users.mutableUsers = false;
users.users.googlebot = {
isNormalUser = true;

8
common/pc/de.nix
View File

@ -23,14 +23,6 @@ in {
};
config = lib.mkIf cfg.enable {
# allow specific unfree packages
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"tigervnc" "font-bh-lucidatypewriter" # tigervnc
"steam" "steam-original" "steam-runtime" # TODO move to steam.nix
"discord" # TODO move to discord.nix
"chromium" "chrome-widevine-cdm" "chromium-unwrapped" # widevine support
];
# vulkan
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;

3
common/zerotier.nix
View File

@ -7,5 +7,8 @@ in {
services.zerotierone.joinNetworks = [
"565799d8f6d654c0"
];
networking.firewall.allowedUDPPorts = [
9993
];
};
}

42
machines/mitty/configuration.nix
View File

@ -26,20 +26,44 @@
services.nginx.enable = true;
zerotier.enable = true;
services.zerotier.enable = true;
containers.jellyfin = {
pia.enable = true;
zerotier.enable = true;
nixpkgs.pkgs = pkgs;
ephemeral = true;
autoStart = true;
bindMounts = {
"/var/lib" = {
hostPath = "/var/lib/";
isReadOnly = false;
};
};
bindMounts = {
"/secret" = {
hostPath = "/secret";
isReadOnly = true;
};
};
privateNetwork = true;
hostAddress = "172.16.100.1";
localAddress = "172.16.100.2";
config = { config, pkgs, ... }: {
imports = [ ../../common/common.nix ];
pia.enable = true;
services.zerotier.enable = true;
nixpkgs.pkgs = pkgs;
services.radarr.enable = true;
services.bazarr.enable = true;
services.sonarr.enable = true;
services.deluge.enable = true;
services.deluge.web.enable = true;
services.radarr.enable = true;
services.bazarr.enable = true;
services.sonarr.enable = true;
services.deluge.enable = true;
services.deluge.web.enable = true;
};
};
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-*" ];
networking.nat.externalInterface = "ens3";
security.acme.acceptTerms = true;
security.acme.email = "letsencrypt+5@tar.ninja";
}