vps-arm-2024-12-03-15-47-46

2024-12-03 15:47:46 +01:00
parent db0bc6a35d
commit 8526b26523
8 changed files with 57 additions and 23 deletions
--- a/configs/common-linux.nix
+++ b/configs/common-linux.nix
@ -6,7 +6,7 @@
  ...
 }: {
  imports = [
-    ./configs/common.nix
+    ./common.nix
  ];

  boot = {
--- a/fs-diff.sh
+++ b/fs-diff.sh
@ -8,8 +8,7 @@ OLD_TRANSID=${OLD_TRANSID#transid marker was }
 sudo btrfs subvolume find-new "/fs-diff/root" "$OLD_TRANSID" |
 sed '$d' |
 cut -f17- -d' ' |
-sort |
-uniq |
+sort |uniq |
 while read path; do
  path="/$path"
  if [ -L "$path" ]; then
--- a/machine/vps-arm/configuration.nix
+++ b/machine/vps-arm/configuration.nix
@ -5,24 +5,22 @@
  outputs,
  inputs,
  ...
-}: let
-  secrets = import ../../configs/secrets.nix;
-  be = import ../../configs/borg-exclude.nix;
-in {
+}: {
  imports = [
    ./hardware-configuration.nix
    ../../configs/common-linux.nix
    ../../configs/docker.nix
    ../../configs/user.nix

-    ../../services/atuin.nix
    ../../services/adguardhome.nix
+    ../../services/atuin.nix
    ../../services/frigate.nix
    ../../services/gitea.nix
+    ../../services/goaccess.nix
+    ../../services/headscale.nix
+    ../../services/immich.nix
    ../../services/nextcloud.nix
    ../../services/uptime-kuma.nix
-    ../../services/headscale.nix
-    ../../services/goaccess.nix
  ];

  sops = {
--- a/services/adguardhome.nix
+++ b/services/adguardhome.nix
@ -20,7 +20,7 @@ in {
          forceSSL = true;
          enableACME = true;
          locations = {
-            "/" = {proxyPass = "https://127.0.0.1:3003/";};
+            "/" = {proxyPass = "https://127.0.0.1:3004/";};
          };
        };
      };
@ -71,7 +71,7 @@ in {
          allow_unencrypted_doh = false;
          port_dns_over_tls = 853;
          port_dns_over_quic = 0;
-          port_https = 3003;
+          port_https = 3004;
          certificate_chain = "";
          private_key = "";
          certificate_path = "/var/lib/AdGuardHome/chain.pem";
--- a/services/frigate.nix
+++ b/services/frigate.nix
@ -3,9 +3,7 @@
  lib,
  pkgs,
  ...
-}: let
-  secrets = import ../configs/secrets.nix;
-in {
+}: {
  environment = {
    persistence."/persist" = {
      directories = [
--- a/services/goaccess.nix
+++ b/services/goaccess.nix
@ -3,9 +3,7 @@
  lib,
  pkgs,
  ...
-}: let
-  secrets = import ../configs/secrets.nix;
-in {
+}: {
  environment = {
    systemPackages = with pkgs; [
      goaccess
--- a/services/immich.nix
+++ b/services/immich.nix
@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  environment = {
+    persistence."/persist" = {
+      directories = [
+        "/var/lib/immich"
+        "/var/lib/redis-immich"
+      ];
+    };
+  };
+
+  services = {
+    nginx = {
+      virtualHosts = {
+        "immich.szczepan.ski" = {
+          forceSSL = true;
+          enableACME = true;
+          locations = {"/" = {proxyPass = "http://[::1]:2283/";};};
+        };
+      };
+    };
+
+    # postgresql = {
+    #   enable = true;
+    #   ensureDatabases = [
+    #     config.services.nextcloud.config.dbname
+    #   ];
+    #   ensureUsers = [
+    #     {
+    #       name = config.services..config.dbuser;
+    #       ensureDBOwnership = true;
+    #       # ensurePermissions."DATABASE ${config.services.gitea.database.name}" = "ALL PRIVILEGES";
+    #     }
+    #   ];
+    # };
+
+    immich = {
+      enable = true;
+      settings.server.externalDomain = "https://immich.szczepan.ski";
+    };
+  };
+}
--- a/services/nextcloud.nix
+++ b/services/nextcloud.nix
@ -5,11 +5,6 @@
  ...
 }: {
  environment = {
-    systemPackages = with pkgs; [
-      goaccess
-      xd
-      nyx
-    ];
    persistence."/persist" = {
      directories = [
        "/var/lib/nextcloud"