cilly/flakes
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
flakes/hosts/hazel/default.nix

91 lines
2 KiB
Nix
Raw Blame History

{ config, modules, pkgs, ... }:
let
dirs = [
["immich" "immich"]
["nextcloud" "nextcloud"]
["postgresql" "postgres"]
["redis-immich" "redis-immich"]
];
rules = builtins.map (d: "d /flower/${builtins.elemAt d 0} 750 ${builtins.elemAt d 1} ${builtins.elemAt d 1}") dirs;
mounts = builtins.listToAttrs (builtins.map (d: {
name = "/var/lib/${builtins.elemAt d 0}";
value = {
depends = [ "/flower" ];
device = "/flower/${builtins.elemAt d 0}";
fsType = "none";
options = [ "bind" ];
};
}) dirs);
in
{
networking.hostName = "hazel";
system.stateVersion = "24.11";
time.timeZone = "Australia/Melbourne";
age.secrets = {
acme_dns.file = ../../secrets/acme_dns.age;
};
imports = with modules.system; with modules.services; [
home-manager-stable
base
kernel
nginx
nix-stable
packages
security
./filesystem.nix
./kernel.nix
./networking.nix
../../users/hana
];
me.environment = "headless";
services.nextcloud = {
enable = true;
package = pkgs.nextcloud31;
hostName = "cloud.lava.moe";
database.createLocally = true;
config = {
dbtype = "pgsql";
adminpassFile = "/persist/nextcloud-admin-pass";
};
https = true;
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
};
services.immich = {
enable = true;
port = 2283;
};
users.users.immich.extraGroups = [ "video" "render" ];
hardware.opengl.enable = true;
services.nginx.virtualHosts."photos.lava.moe" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://[::1]:${toString config.services.immich.port}";
proxyWebsockets = true;
recommendedProxySettings = true;
extraConfig = ''
client_max_body_size 50000M;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
send_timeout 600s;
'';
};
};
systemd.tmpfiles.rules = rules;
fileSystems = mounts;
}
Reference in a new issue View git blame Copy permalink