mlaga97/mlaga97-nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
mlaga97-nix/systems/redoubt/configuration.nix
Lauren Lagarde 3a1f05c80f Add MPD and shairport server to redoubt
2025-08-17 16:17:59 -05:00

152 lines
4 KiB
Nix
Raw Blame History

{ lib, inputs, self, pkgs, pkgs-unstable, ... }: {
networking.hostName = "redoubt";
system.stateVersion = "25.05";
home-manager = {
users."lauren_lagarde" = {
home.stateVersion = "25.05";
imports = self.homeManagerModules."lauren_lagarde@tui.mlaga97.space";
};
extraSpecialArgs = { inherit self pkgs-unstable; };
};
time.timeZone = "America/Chicago";
sops.defaultSopsFile = ../../secrets.yaml;
imports = [
inputs.sops-nix.nixosModules.sops
inputs.home-manager.nixosModules.home-manager
../../nixos/features/pi.nix
# Core Features
../../nixos/features/base.nix
../../nixos/features/tui-apps.nix
../../nixos/features/openssh-server.nix
# Core Tweaks
../../nixos/tweaks/zram.nix
../../nixos/tweaks/enable_flakes.nix
../../nixos/tweaks/systemd-resolved_nonsense.nix
# Dotspace
../../secrets/dotspace.nix
../../nixos/features/stronghold-binary-cache.nix
# Users
../../users/lauren_lagarde/lauren_lagarde.nix
../../users/ashley_funkhouser/ashley_funkhouser.nix
# Features
../../nixos/features/virtualization/dockge.nix
../../nixos/features/virtualization/docker.nix
# Redoubt
../../nixos/tweaks/disable_firewall.nix
];
##############################################################################
##############################################################################
##############################################################################
# Services
services.smartd.enable = lib.mkForce false;
virtualisation.oci-containers.backend = "docker";
virtualisation.oci-containers.containers = {
dozzle = {
image = "amir20/dozzle:latest";
ports = [ "9999:8080" ];
volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ];
};
};
services.avahi = {
enable = true;
publish.enable = true;
publish.addresses = true;
publish.workstation = true;
openFirewall = true;
};
hardware.alsa.enable = true;
services.shairport-sync = {
enable = true;
openFirewall = true;
settings = {
general = {
name = "Living Room Pi";
output_backend = "alsa";
};
sessioncontrol.allow_session_interruption = "yes";
};
};
services.mpd = {
enable = true;
musicDirectory = "/Music";
extraConfig = ''
audio_output {
type "alsa"
name "Default"
mixer_type "hardware"
mixer_device "default"
mixer_control "PCM"
device "hw:0,0"
}
'';
network.listenAddress = "any";
};
systemd.mounts = [
{
type = "cifs";
options = "guest,ro,vers=3,uid=65534,gid=100,dir_mode=0775,file_mode=0664";
what = "//blockhouse.mlaga97.space/Music";
where = "/Music";
}
];
systemd.automounts = [
{
wantedBy = [ "multi-user.target" ];
automountConfig = {
TimeoutIdleSec = "60";
DeviceTimeout = "5";
MountTimeout = "5";
};
where = "/Music";
}
];
##############################################################################
##############################################################################
##############################################################################
# Networking
networking.useNetworkd = true;
systemd.network = {
enable = true;
};
##############################################################################
# Tinc
sops.secrets."dotspace/redoubt/keys/tinc/rsa_key.priv" = { sopsFile = ./secrets.yaml; };
sops.secrets."dotspace/redoubt/keys/tinc/ed25519_key.priv" = { sopsFile = ./secrets.yaml; };
systemd.network.networks."90-tinc" = {
matchConfig.Name = "tinc.dotspace";
address = [ "10.86.84.107/32" ];
routes = [ { Destination = "10.86.84.0/24"; } ];
};
services.tinc.networks.dotspace = {
name = "redoubt";
ed25519PrivateKeyFile = "/run/secrets/dotspace/redoubt/keys/tinc/ed25519_key.priv";
chroot = false;
settings.ConnectTo = [ "fortress" ];
};
}
Reference in a new issue View git blame Copy permalink