Andrea Ciceri
52298435cd
- new host `devbox`
- `flake-parts` module to manage agenix secrets
- Searx -> Google again 😩 (it was too slow)
- WIP `git-workspace` module for `home-manager`
- `cgit` module
- `spotify-adblocked` packaged
103 lines
2.3 KiB
Nix
103 lines
2.3 KiB
Nix
{
|
|
fleetFlake,
|
|
fleetModules,
|
|
lib,
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: {
|
|
imports =
|
|
[
|
|
./hardware-configuration.nix
|
|
]
|
|
++ (fleetModules [
|
|
"common"
|
|
"ssh"
|
|
"ccr"
|
|
"cgit"
|
|
]);
|
|
|
|
ccr.enable = true;
|
|
|
|
services.rock5b-fan-control.enable = true;
|
|
|
|
services.nginx.enable = true;
|
|
services.nginx.virtualHosts."localhost" = {
|
|
cgit = {
|
|
enable = true;
|
|
virtual-root = "/";
|
|
include = [
|
|
(builtins.toFile "cgitrc-extra-1" ''
|
|
repo.url=test-repo.git
|
|
repo.path=/srv/git/test-repo.
|
|
repo.desc=the master foo repository
|
|
repo.owner=fooman@example.com
|
|
css=/custom.css
|
|
'')
|
|
(builtins.toFile "cgitrc-extra-2" ''
|
|
# Allow http transport git clone
|
|
enable-http-clone=1
|
|
'')
|
|
];
|
|
};
|
|
};
|
|
|
|
fileSystems."/mnt/film" = {
|
|
device = "//ccr.ydns.eu/film";
|
|
fsType = "cifs";
|
|
options = let
|
|
credentials = pkgs.writeText "credentials" ''
|
|
username=guest
|
|
password=
|
|
'';
|
|
in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"];
|
|
};
|
|
fileSystems."/mnt/archivio" = {
|
|
device = "//ccr.ydns.eu/archivio";
|
|
fsType = "cifs";
|
|
options = let
|
|
credentials = pkgs.writeText "credentials" ''
|
|
username=guest
|
|
password=
|
|
'';
|
|
in ["credentials=${credentials},x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"];
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
kodi-rock5b
|
|
cifs-utils
|
|
];
|
|
|
|
users.extraUsers.kodi = {
|
|
isNormalUser = true;
|
|
uid = 1002;
|
|
extraGroups = ["video" "input"];
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
8080 # kodi control
|
|
80
|
|
];
|
|
|
|
programs.bash.loginShellInit = ''
|
|
[[ "$(tty)" == '/dev/tty1' ]] && \
|
|
[[ "$(whoami)" == 'kodi' ]] && \
|
|
${pkgs.kodi-rock5b}/bin/kodi-standalone
|
|
|
|
'';
|
|
|
|
# Waiting for https://github.com/NixOS/nixpkgs/issues/140304
|
|
services.getty = let
|
|
script = pkgs.writeText "login-program.sh" ''
|
|
if [[ "$(tty)" == '/dev/tty1' ]]; then
|
|
${pkgs.shadow}/bin/login -f kodi;
|
|
else
|
|
${pkgs.shadow}/bin/login;
|
|
fi
|
|
'';
|
|
in {
|
|
loginProgram = "${pkgs.bash}/bin/sh";
|
|
loginOptions = toString script;
|
|
extraArgs = ["--skip-login"];
|
|
};
|
|
}
|