zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

fix container

Browse Source
This commit is contained in:
zuckerberg 2021-06-04 09:02:07 -04:00
parent f315600034
commit 312b1d6fa0
4 changed files with 38 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/common.nix
View File

@ -33,6 +33,8 @@
wget kakoune htop git dnsutils tmux nethogs iotop wget kakoune htop git dnsutils tmux nethogs iotop
]; ];
nixpkgs.config.allowUnfree = true;
users.mutableUsers = false; users.mutableUsers = false;
users.users.googlebot = { users.users.googlebot = {
isNormalUser = true; isNormalUser = true;

8
common/pc/de.nix
View File

@ -23,14 +23,6 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# allow specific unfree packages
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"tigervnc" "font-bh-lucidatypewriter" # tigervnc
"steam" "steam-original" "steam-runtime" # TODO move to steam.nix
"discord" # TODO move to discord.nix
"chromium" "chrome-widevine-cdm" "chromium-unwrapped" # widevine support
];
# vulkan # vulkan
hardware.opengl.driSupport = true; hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true; hardware.opengl.driSupport32Bit = true;

3
common/zerotier.nix
View File

@ -7,5 +7,8 @@ in {
services.zerotierone.joinNetworks = [ services.zerotierone.joinNetworks = [
"565799d8f6d654c0" "565799d8f6d654c0"
]; ];
networking.firewall.allowedUDPPorts = [
9993
];
}; };
} }

42
machines/mitty/configuration.nix
View File

@ -26,20 +26,44 @@
services.nginx.enable = true; services.nginx.enable = true;
zerotier.enable = true; services.zerotier.enable = true;
containers.jellyfin = { containers.jellyfin = {
pia.enable = true; ephemeral = true;
zerotier.enable = true; autoStart = true;
nixpkgs.pkgs = pkgs; bindMounts = {
"/var/lib" = {
hostPath = "/var/lib/";
isReadOnly = false;
};
};
bindMounts = {
"/secret" = {
hostPath = "/secret";
isReadOnly = true;
};
};
privateNetwork = true;
hostAddress = "172.16.100.1";
localAddress = "172.16.100.2";
config = { config, pkgs, ... }: {
imports = [ ../../common/common.nix ];
pia.enable = true;
services.zerotier.enable = true;
nixpkgs.pkgs = pkgs;
services.radarr.enable = true; services.radarr.enable = true;
services.bazarr.enable = true; services.bazarr.enable = true;
services.sonarr.enable = true; services.sonarr.enable = true;
services.deluge.enable = true; services.deluge.enable = true;
services.deluge.web.enable = true; services.deluge.web.enable = true;
};
}; };
networking.nat.enable = true;
networking.nat.internalInterfaces = [ "ve-*" ];
networking.nat.externalInterface = "ens3";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
security.acme.email = "letsencrypt+5@tar.ninja"; security.acme.email = "letsencrypt+5@tar.ninja";
} }