cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

containers/emerald: init

Browse source
This commit is contained in:
Cilly Leang 2026-03-17 18:13:53 +11:00
parent b7665d9bd5
commit 0567313fa2
Signed by: cilly
GPG key ID: 6500251E087653C9
5 changed files with 156 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

21
containers/emerald/configuration.nix Normal file
View file

@ -0,0 +1,21 @@
{ fqdn, shareFqdn, ... }: {
system.stateVersion = "25.11";
systemd.tmpfiles.rules = [
"d /persist/music 755 navidrome navidrome"
"d /persist/navidrome 755 navidrome navidrome"
];
networking.firewall.allowedTCPPorts = [ 4533 ];
networking.firewall.allowedUDPPorts = [ 4533 ];
services.navidrome = {
enable = true;
settings = {
Port = 4533;
Address = "[::]";
BaseUrl = "https://${fqdn}/";
ShareURL = shareFqdn;
DataFolder = "/persist/navidrome";
MusicFolder = "/persist/music";
};
};
}

27
containers/emerald/flake.lock generated Normal file
View file

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1773282481,
"narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

57
containers/emerald/flake.nix Normal file
View file

@ -0,0 +1,57 @@
{
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
};
outputs = { nixpkgs, ... }:
let
name = "emerald";
fqdn = "navia.lava.moe";
shareFqdn = "share.navia.lava.moe";
subnetId = "5";
subnet = x: "fd0d:1::${subnetId}:${toString x}";
host = subnet 1;
client = subnet 2;
modules = [
./configuration.nix
];
in {
nixosConfigurations.container = nixpkgs.lib.nixosSystem {
inherit modules;
};
nixosModule = { ... }: {
services.nginx.virtualHosts."${fqdn}" = {
useACMEHost = "lava.moe";
forceSSL = true;
locations."/".proxyPass = "http://[${client}]:4533";
listenAddresses = [ "10.0.0.1" "[fd0d::1]" ];
};
services.nginx.virtualHosts."${shareFqdn}" = {
useACMEHost = "lava.moe";
forceSSL = true;
locations."/".proxyPass = "http://[${client}]:4533/share";
};
systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];
containers.${name} = {
autoStart = true;
privateNetwork = true;
hostAddress6 = host;
localAddress6 = client;
# privateUsers = "pick";
nixpkgs = nixpkgs;
ephemeral = true;
config = { imports = modules; };
specialArgs = { inherit fqdn shareFqdn; };
bindMounts."persist" = {
hostPath = "/persist/containers/${name}";
mountPoint = "/persist";
isReadOnly = false;
};
# flake = "path:" + ./.;
};
};
};
}

69
flake.lock generated
View file

@ -100,6 +100,20 @@
}, },
"parent": [] "parent": []
}, },
"c-emerald": {
"inputs": {
"nixpkgs": "nixpkgs_8"
},
"locked": {
"path": "./containers/emerald",
"type": "path"
},
"original": {
"path": "./containers/emerald",
"type": "path"
},
"parent": []
},
"catppuccin": { "catppuccin": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_5"
@ -505,7 +519,7 @@
"nix-gaming": { "nix-gaming": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_8" "nixpkgs": "nixpkgs_9"
}, },
"locked": { "locked": {
"lastModified": 1770778188, "lastModified": 1770778188,
@ -589,6 +603,22 @@
} }
}, },
"nixpkgs_10": { "nixpkgs_10": {
"locked": {
"lastModified": 1770562336,
"narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d6c71932130818840fc8fe9509cf50be8c64634f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_11": {
"locked": { "locked": {
"lastModified": 1770019141, "lastModified": 1770019141,
"narHash": "sha256-VKS4ZLNx4PNrABoB0L8KUpc1fE7CLpQXQs985tGfaCU=", "narHash": "sha256-VKS4ZLNx4PNrABoB0L8KUpc1fE7CLpQXQs985tGfaCU=",
@ -701,6 +731,22 @@
} }
}, },
"nixpkgs_8": { "nixpkgs_8": {
"locked": {
"lastModified": 1773282481,
"narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": { "locked": {
"lastModified": 1770537093, "lastModified": 1770537093,
"narHash": "sha256-pF1quXG5wsgtyuPOHcLfYg/ft/QMr8NnX0i6tW2187s=", "narHash": "sha256-pF1quXG5wsgtyuPOHcLfYg/ft/QMr8NnX0i6tW2187s=",
@ -716,22 +762,6 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_9": {
"locked": {
"lastModified": 1770562336,
"narHash": "sha256-ub1gpAONMFsT/GU2hV6ZWJjur8rJ6kKxdm9IlCT0j84=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d6c71932130818840fc8fe9509cf50be8c64634f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nuscht-search": { "nuscht-search": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
@ -774,7 +804,7 @@
"pastel": { "pastel": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_10", "nixpkgs": "nixpkgs_11",
"pnpm2nix": "pnpm2nix" "pnpm2nix": "pnpm2nix"
}, },
"locked": { "locked": {
@ -838,6 +868,7 @@
"c-beryllium": "c-beryllium", "c-beryllium": "c-beryllium",
"c-citrine": "c-citrine", "c-citrine": "c-citrine",
"c-diamond": "c-diamond", "c-diamond": "c-diamond",
"c-emerald": "c-emerald",
"catppuccin": "catppuccin_2", "catppuccin": "catppuccin_2",
"catppuccin-palette": "catppuccin-palette", "catppuccin-palette": "catppuccin-palette",
"fast-syntax-highlighting": "fast-syntax-highlighting", "fast-syntax-highlighting": "fast-syntax-highlighting",
@ -846,7 +877,7 @@
"neovim-nightly": "neovim-nightly", "neovim-nightly": "neovim-nightly",
"nix-gaming": "nix-gaming", "nix-gaming": "nix-gaming",
"nix-index-database": "nix-index-database", "nix-index-database": "nix-index-database",
"nixpkgs": "nixpkgs_9", "nixpkgs": "nixpkgs_10",
"nvim-treesitter": "nvim-treesitter", "nvim-treesitter": "nvim-treesitter",
"pastel": "pastel", "pastel": "pastel",
"pure": "pure", "pure": "pure",

1
flake.nix
View file

@ -42,6 +42,7 @@
c-beryllium.url = "path:./containers/beryllium"; c-beryllium.url = "path:./containers/beryllium";
c-citrine.url = "path:./containers/citrine"; c-citrine.url = "path:./containers/citrine";
c-diamond.url = "path:./containers/diamond"; c-diamond.url = "path:./containers/diamond";
c-emerald.url = "path:./containers/emerald";
}; };
outputs = { self, agenix, catppuccin, nixpkgs, ... } @ inputs: outputs = { self, agenix, catppuccin, nixpkgs, ... } @ inputs: