Compare commits

...

2 commits

Author SHA1 Message Date
b12f 7f55c13245
users/b12f: add mezza ssh key 2024-10-30 22:43:29 +01:00
b12f cde6cb09fd
hosts/droppie: fix boot, remove unused services 2024-10-30 22:43:06 +01:00
7 changed files with 9 additions and 69 deletions

View file

@ -69,8 +69,6 @@
self.nixosModules.base
./droppie
self.nixosModules.yule
self.nixosModules.acme
self.nixosModules.proxy
self.nixosModules.persistence
];
};

View file

@ -20,6 +20,7 @@ in {
boot.kernelParams = [
"boot.shell_on_fail=1"
"nomodeset"
# Hack so that network is considered up by boot.initrd.network and postCommands gets executed.
"ip=127.0.0.1:::::lo:none"
];

View file

@ -5,7 +5,5 @@
./networking.nix
./backup-autostop.nix
./nginx.nix
./jellyfin.nix
];
}

View file

@ -13,16 +13,16 @@
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "ehci_pci" "usbhid" "usb_storage" "uas" "sd_mod"];
boot.initrd.kernelModules = ["dm-snapshot" "amdgpu"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.initrd.luks.devices = {
"cryptroot" = {
device = "/dev/sdb2";
device = "/dev/disk/by-uuid/08330ff9-581a-41e1-b8fa-757dc4c90b16";
allowDiscards = true;
};
"cryptdata".device = "/dev/sda1";
"cryptdata".device = "/dev/disk/by-uuid/bc9f00ea-027e-409b-87c9-ab5628683378";
};
fileSystems."/" = {
@ -51,10 +51,11 @@
device = "/dev/disk/by-uuid/991E-79C1";
fsType = "vfat";
neededForBoot = true;
options = [ "fmask=0022" "dmask=0022" ];
};
fileSystems."/data" = {
device = "/dev/disk/by-uuid/5fc34ef4-207b-45fb-b846-dbb01080d9fe";
device = "/dev/disk/by-uuid/391db8c4-5654-4a5c-a5c8-e34811f54786";
fsType = "ext4";
};

View file

@ -1,44 +0,0 @@
{
flake,
config,
pkgs,
lib,
...
}: {
environment.systemPackages = [
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
services.jellyfin = {
enable = true;
openFirewall = false;
};
# from https://jellyfin.org/docs/general/networking/index.html
networking.firewall.allowedUDPPorts = [1900 7359];
security.acme.certs = {
"media.b12f.io" = {};
};
services.nginx.virtualHosts = {
"media.b12f.io" = {
forceSSL = true;
useACMEHost = "media.b12f.io";
locations."/".proxyPass = "http://127.0.0.1:8096";
};
};
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
vaapiVdpau
libvdpau-va-gl
];
};
}

View file

@ -1,15 +0,0 @@
{
flake,
config,
pkgs,
lib,
...
}: {
services.nginx = {
defaultListenAddresses = [
"192.168.178.3"
"10.13.12.3"
"[fd00:b12f:acab:1312:acab:3::]"
];
};
}

View file

@ -33,8 +33,9 @@ in {
extraConfig = ''
IdentitiesOnly yes
IdentityFile /home/${psCfg.user.name}/.ssh/id_yubi_gpg.pub
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_sk-464.pub
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_sk-485.pub
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_mezza
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_sk-464
IdentityFile /home/${psCfg.user.name}/.ssh/id_ed25519_sk-485
'';
matchBlocks = {
"git.pub.solar" = {