chore: cleanup · devins.page/flake@7c66921

devins.page / flake

fork atom

configurations for my servers and desktops

nix nixos flake dots dotfiles

fork atom

chore: cleanup

devins.page 1 month ago 7c669218 a9435f48

+72 -43

21 changed files

expand all

hosts

bluepill

default.nix

modules

beets.nix

blocky.nix

homepage.nix

immich.nix

jellyfin.nix

mikusmp67.nix

navidrome.nix

newbeginnings7.nix

ollama.nix

restic.nix

samba.nix

slskd.nix

transmission.nix

trinity

default.nix

modules

tlp.nix

modules

nixos

default.nix

modules

fwupd.nix

ssh.nix

tailscale.nix

tlp.nix

+11 -22

hosts/bluepill/default.nix

··· 1 1 {pkgs, ...}: { 2 2 imports = [ 3 3 ./hardware.nix 4 - ../../modules/nixos/services/blocky.nix 5 - ../../modules/nixos/services/homepage.nix 6 - ../../modules/nixos/services/immich.nix 7 - ../../modules/nixos/services/jellyfin.nix 8 - ../../modules/nixos/services/mikusmp67.nix 9 - ../../modules/nixos/services/navidrome.nix 10 - ../../modules/nixos/services/newbeginnings7.nix 11 - ../../modules/nixos/services/restic.nix 12 - ../../modules/nixos/services/samba.nix 13 - ../../modules/nixos/services/slskd.nix 14 - ../../modules/nixos/services/transmission.nix 4 + ./modules/blocky.nix 5 + ./modules/homepage.nix 6 + ./modules/immich.nix 7 + ./modules/jellyfin.nix 8 + ./modules/mikusmp67.nix 9 + ./modules/navidrome.nix 10 + ./modules/newbeginnings7.nix 11 + ./modules/restic.nix 12 + ./modules/samba.nix 13 + ./modules/slskd.nix 14 + ./modules/transmission.nix 15 15 ]; 16 16 17 17 networking.hostName = "bluepill"; 18 18 networking.useNetworkd = true; 19 - 20 - environment.systemPackages = with pkgs; [ 21 - age 22 - beets 23 - (ffmpeg.override { 24 - withFdkAac = true; 25 - withUnfree = true; 26 - }) 27 - imagemagick 28 - restic 29 - ]; 30 19 31 20 system.autoUpgrade = { 32 21 enable = true;

+45

hosts/bluepill/modules/beets.nix

··· 1 + {pkgs, ...}: { 2 + environment.systemPackages = with pkgs; [ 3 + beets 4 + (ffmpeg.override { 5 + withFdkAac = true; 6 + withUnfree = true; 7 + }) 8 + imagemagick 9 + ]; 10 + 11 + environment.etc."beets/config.yaml".text = '' 12 + directory: /srv/media/music 13 + library: /srv/beets/musiclibrary.db 14 + 15 + original_date: yes 16 + import: 17 + from_scratch: yes 18 + languages: en 19 + 20 + plugins: chroma musicbrainz duplicates scrub fetchart embedart lyrics convert mbsync replaygain info 21 + lyrics: 22 + sources: lrclib * 23 + convert: 24 + auto: yes 25 + dest: /srv/media/music 26 + never_convert_lossy_files: yes 27 + format: aac 28 + formats: 29 + aac: 30 + command: /nix/store/09zrq0i5g69gwjan1b4j6np6xbhzp415-system-path/bin/ffmpeg -i $source -y -vn -c:a libfdk_aac -vbr 5 -ar 44100 $dest 31 + extension: m4a 32 + flac: 33 + command: ffmpeg -i $source -ar 44100 -sample_fmt s16 -y $dest 34 + extension: flac 35 + fetchart: 36 + cover_format: JPEG 37 + enforce_ratio: yes 38 + embedart: 39 + auto: yes 40 + maxwidth: 600 41 + quality: 90 42 + replaygain: 43 + backend: ffmpeg 44 + ''; 45 + }

+1 -1

hosts/trinity/default.nix

··· 1 1 {pkgs, ...}: { 2 2 imports = [ 3 3 ./hardware.nix 4 - ../../modules/nixos/services/tlp.nix 4 + ./modules/tlp.nix 5 5 ]; 6 6 7 7 networking.hostName = "trinity";

hosts/trinity/modules/tlp.nix

··· 1 + {...}: { 2 + services.power-profiles-daemon.enable = false; 3 + services.tlp.enable = true; 4 + }

+3 -3

modules/nixos/default.nix

··· 1 1 {lib, ...}: { 2 2 imports = [ 3 - ./services/fwupd.nix 4 - ./services/ssh.nix 5 - ./services/tailscale.nix 3 + ./modules/fwupd.nix 4 + ./modules/ssh.nix 5 + ./modules/tailscale.nix 6 6 ]; 7 7 8 8 system.stateVersion = lib.mkDefault "24.11";

modules/nixos/services/blocky.nix hosts/bluepill/modules/blocky.nix

modules/nixos/services/fwupd.nix modules/nixos/modules/fwupd.nix

modules/nixos/services/homepage.nix hosts/bluepill/modules/homepage.nix

modules/nixos/services/immich.nix hosts/bluepill/modules/immich.nix

+1 -5

modules/nixos/services/jellyfin.nix hosts/bluepill/modules/jellyfin.nix

··· 1 - { 2 - config, 3 - pkgs, 4 - ... 5 - }: { 1 + {config, ...}: { 6 2 services.jellyfin = { 7 3 enable = true; 8 4 openFirewall = true;

modules/nixos/services/mikusmp67.nix hosts/bluepill/modules/mikusmp67.nix

+2 -3

modules/nixos/services/navidrome.nix hosts/bluepill/modules/navidrome.nix

··· 1 - {...}: { 1 + {config, ...}: { 2 2 age.secrets.navidrome = { 3 3 file = ../../../secrets/navidrome.age; 4 4 owner = "navidrome"; 5 5 group = "navidrome"; 6 - path = "/etc/secrets/navidrome"; 7 6 }; 8 7 9 8 services.navidrome = { 10 9 enable = true; 11 10 openFirewall = true; 12 - environmentFile = "/etc/secrets/navidrome"; 11 + environmentFile = config.age.secrets.navidrome.path; 13 12 settings = { 14 13 MusicFolder = "/srv/media/music"; 15 14 Address = "0.0.0.0";

modules/nixos/services/newbeginnings7.nix hosts/bluepill/modules/newbeginnings7.nix

modules/nixos/services/ollama.nix hosts/bluepill/modules/ollama.nix

+3 -5

modules/nixos/services/restic.nix hosts/bluepill/modules/restic.nix

··· 3 3 file = ../../../secrets/restic.age; 4 4 owner = "root"; 5 5 group = "root"; 6 - path = "/etc/secrets/restic"; 7 6 }; 8 7 age.secrets.rclone-onedrive = { 9 8 file = ../../../secrets/rclone-onedrive.age; 10 9 owner = "root"; 11 10 group = "root"; 12 - path = "/etc/secrets/rclone-onedrive.conf"; 13 11 }; 14 12 15 13 services.restic = { ··· 21 19 backups = { 22 20 "bluepill" = { 23 21 repository = "/mnt/backup/restic/devin"; 24 - passwordFile = "/etc/secrets/restic"; 22 + passwordFile = config.age.secrets.restic.path; 25 23 initialize = true; 26 24 timerConfig = { 27 25 OnCalendar = "hourly"; ··· 42 40 }; 43 41 "bluepill-offsite" = { 44 42 repository = "rclone:onedrive:/backup/restic/devin"; 45 - passwordFile = "/etc/secrets/restic"; 46 - rcloneConfigFile = "/etc/secrets/rclone-onedrive.conf"; 43 + passwordFile = config.age.secrets.restic.path; 44 + rcloneConfigFile = config.age.secrets.rclone-onedrive.path; 47 45 initialize = true; 48 46 timerConfig = { 49 47 OnCalendar = "daily";

modules/nixos/services/samba.nix hosts/bluepill/modules/samba.nix

+1 -2

modules/nixos/services/slskd.nix hosts/bluepill/modules/slskd.nix

··· 5 5 file = ../../../secrets/slskd.age; 6 6 owner = "slskd"; 7 7 group = "slskd"; 8 - path = "/etc/secrets/slskd"; 9 8 }; 10 9 11 10 services.slskd = { 12 11 enable = true; 13 12 openFirewall = true; 14 13 domain = null; 15 - environmentFile = "/etc/secrets/slskd"; 14 + environmentFile = config.age.secrets.slskd.path; 16 15 settings = { 17 16 shares.directories = ["/srv/media/music"]; 18 17 soulseek.description = "\n- running on NixOS and slskd\n- all files are compressed from FLAC/WAV to AAC with `fdk-aac -vbr 5` (essentially the best and most transparent AAC you can possibly get)\n- tagged and organized with beets\n\nthey/he | feel free to say hi, i don't check my messages super often though. enjoy the shares, and remember to try and support artists if you can :)";

modules/nixos/services/ssh.nix modules/nixos/modules/ssh.nix

modules/nixos/services/tailscale.nix modules/nixos/modules/tailscale.nix

modules/nixos/services/tlp.nix modules/nixos/modules/tlp.nix

+1 -2

modules/nixos/services/transmission.nix hosts/bluepill/modules/transmission.nix

··· 3 3 file = ../../../secrets/transmission.age; 4 4 owner = "transmission"; 5 5 group = "transmission"; 6 - path = "/etc/secrets/transmission.json"; 7 6 }; 8 7 9 8 services.transmission = { ··· 11 10 openRPCPort = true; 12 11 openPeerPorts = true; 13 12 package = pkgs.transmission_4; 14 - credentialsFile = "/etc/secrets/transmission.json"; 13 + credentialsFile = config.age.secrets.transmission.path; 15 14 settings = { 16 15 incomplete-dir-enabled = false; 17 16 umask = "000";