Merge branch 'master' into ttrss
This commit is contained in:
commit
dc12c1bf70
|
@ -1,8 +1,5 @@
|
||||||
{ inputs, ... }:
|
{ inputs, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
|
||||||
"${inputs.self}/modules/docker"
|
|
||||||
];
|
|
||||||
virtualisation.oci-containers = {
|
virtualisation.oci-containers = {
|
||||||
backend = "docker";
|
backend = "docker";
|
||||||
containers."heimdall" = {
|
containers."heimdall" = {
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ ... }:
|
{ config, inputs, ... }:
|
||||||
{
|
{
|
||||||
networking = {
|
networking = {
|
||||||
firewall.allowedTCPPorts = [
|
firewall.allowedTCPPorts = [
|
||||||
|
@ -11,4 +11,26 @@
|
||||||
67 # DHCP
|
67 # DHCP
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
age.secrets.piholeEnv.file = "${inputs.self}/scrts/pihole_env.age";
|
||||||
|
virtualisation.oci-containers = {
|
||||||
|
containers."pihole" = {
|
||||||
|
image = "pihole/pihole";
|
||||||
|
autoStart = true;
|
||||||
|
environment = {
|
||||||
|
TZ = "Europe/Zurich";
|
||||||
|
ServerIP = "10.7.89.2";
|
||||||
|
DNS1 = "127.0.0.1#5335"; # we're using the local unboud server here
|
||||||
|
RATE_LIMIT = "10000/60";
|
||||||
|
};
|
||||||
|
environmentFiles = [ config.age.secrets.piholeEnv.path ];
|
||||||
|
volumes = [
|
||||||
|
"/var/lib/pihole/etc-pihole:/etc/pihole/"
|
||||||
|
"/var/lib/pihole/etc-dnsmasq.d:/etc/dnsmasq.d/"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--network=host"
|
||||||
|
"--cap-add=NET_ADMIN"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,8 +1,5 @@
|
||||||
{ inputs, config, ... }:
|
{ inputs, config, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
|
||||||
"${inputs.self}/modules/docker"
|
|
||||||
];
|
|
||||||
age.secrets.plexClaim.file = "${inputs.self}/scrts/plex_claim.age";
|
age.secrets.plexClaim.file = "${inputs.self}/scrts/plex_claim.age";
|
||||||
networking = {
|
networking = {
|
||||||
firewall.allowedTCPPorts = [
|
firewall.allowedTCPPorts = [
|
||||||
|
|
|
@ -1,4 +1,12 @@
|
||||||
{ hostname, inputs, custom, pkgs, time, ... }:
|
{ hostname
|
||||||
|
, inputs
|
||||||
|
, custom
|
||||||
|
, path ? "/home/${custom.username}"
|
||||||
|
, pkgs
|
||||||
|
, tag ? "home-dir"
|
||||||
|
, time
|
||||||
|
, ...
|
||||||
|
}:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
"${inputs.self}/modules/telegram-notifications"
|
"${inputs.self}/modules/telegram-notifications"
|
||||||
|
@ -24,7 +32,7 @@
|
||||||
script = ''
|
script = ''
|
||||||
${pkgs.restic}/bin/restic backup \
|
${pkgs.restic}/bin/restic backup \
|
||||||
--exclude-file=${inputs.self}/modules/restic/excludes.txt \
|
--exclude-file=${inputs.self}/modules/restic/excludes.txt \
|
||||||
--tag home-dir /home/${custom.username}
|
--tag ${tag} ${path}
|
||||||
|
|
||||||
${pkgs.restic}/bin/restic forget \
|
${pkgs.restic}/bin/restic forget \
|
||||||
--tag home-dir \
|
--tag home-dir \
|
||||||
|
|
|
@ -3,9 +3,6 @@ let
|
||||||
whitelist = builtins.toFile "whitelist.txt" ''*'';
|
whitelist = builtins.toFile "whitelist.txt" ''*'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
|
||||||
"${inputs.self}/modules/docker"
|
|
||||||
];
|
|
||||||
virtualisation.oci-containers = {
|
virtualisation.oci-containers = {
|
||||||
backend = "docker";
|
backend = "docker";
|
||||||
containers."rss-brige" = {
|
containers."rss-brige" = {
|
||||||
|
|
BIN
scrts/pihole_env.age
Normal file
BIN
scrts/pihole_env.age
Normal file
Binary file not shown.
|
@ -34,5 +34,6 @@ in
|
||||||
{
|
{
|
||||||
"plex_claim.age".publicKeys = defaultKeys ++ [ plex ];
|
"plex_claim.age".publicKeys = defaultKeys ++ [ plex ];
|
||||||
"ttrss_env.age".publicKeys = defaultKeys ++ [ ttrss ];
|
"ttrss_env.age".publicKeys = defaultKeys ++ [ ttrss ];
|
||||||
|
"pihole_env.age".publicKeys = defaultKeys ++ [ pihole ];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,8 @@
|
||||||
inherit hostname inputs;
|
inherit hostname inputs;
|
||||||
})
|
})
|
||||||
(import "${inputs.self}/modules/restic-server-client" {
|
(import "${inputs.self}/modules/restic-server-client" {
|
||||||
|
path = "/var/lib/pihole";
|
||||||
|
tag = "pihole";
|
||||||
time = "05:00"; inherit custom hostname inputs pkgs;
|
time = "05:00"; inherit custom hostname inputs pkgs;
|
||||||
})
|
})
|
||||||
"${inputs.self}/modules/docker"
|
"${inputs.self}/modules/docker"
|
||||||
|
|
|
@ -6,8 +6,11 @@
|
||||||
inherit hostname inputs;
|
inherit hostname inputs;
|
||||||
})
|
})
|
||||||
(import "${inputs.self}/modules/restic-server-client" {
|
(import "${inputs.self}/modules/restic-server-client" {
|
||||||
|
path = "/var/lib/plex";
|
||||||
|
tag = "plex";
|
||||||
time = "03:30"; inherit custom hostname inputs pkgs;
|
time = "03:30"; inherit custom hostname inputs pkgs;
|
||||||
})
|
})
|
||||||
|
"${inputs.self}/modules/docker"
|
||||||
"${inputs.self}/modules/media-share"
|
"${inputs.self}/modules/media-share"
|
||||||
"${inputs.self}/modules/plex"
|
"${inputs.self}/modules/plex"
|
||||||
];
|
];
|
||||||
|
|
Loading…
Reference in New Issue
Block a user