dp/nixcfg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

Add leviathan

Browse Source
This commit is contained in:
Daniel Patterson
2025-08-25 01:18:32 +01:00
parent fdf7719a4e
commit 8367b03304
11 changed files with 378 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

190
hosts/leviathan/configuration.nix Normal file
View File

@@ -0,0 +1,190 @@
{
config,
lib,
pkgs,
...
}: let
zfsCompatibleKernelPackages =
lib.filterAttrs (
name: kernelPackages:
(builtins.match "linux_[0-9]+_[0-9]+" name)
!= null
&& (builtins.tryEval kernelPackages).success
&& (!kernelPackages.${config.boot.zfs.package.kernelModuleAttribute}.meta.broken)
)
pkgs.linuxKernel.packages;
latestKernelPackage = lib.last (
lib.sort (a: b: (lib.versionOlder a.kernel.version b.kernel.version)) (
builtins.attrValues zfsCompatibleKernelPackages
)
);
in {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../common
(import ../../modules).leviathan
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = lib.mkForce latestKernelPackage;
boot.supportedFilesystems = ["zfs"];
networking = {
useDHCP = false;
hostName = "leviathan";
hostId = "abcd1234";
interfaces.enp1s0.useDHCP = true;
interfaces.br0.useDHCP = true;
nameservers = [
"1.1.1.1"
];
firewall.allowedTCPPorts = [8000 8123 8095];
bridges.br0.interfaces = ["enp1s0"];
# interfaces.br0 = {
# useDHCP = false;
# ipv4.addresses = [{
# address = "192.168.1.200";
# prefixLength = 24;
# }];
# };
};
environment.systemPackages = with pkgs; [
helix
kitty # For terminfo
lazygit
];
containers.radarr = {
autoStart = true;
bindMounts = {
"/data" = {
hostPath = "/store/media";
mountPoint = "/store/media";
isReadOnly = false;
};
};
config = {
config,
pkgs,
lib,
...
}: {
services.radarr = {
enable = true;
user = "root";
group = "root";
};
system.stateVersion = "24.11";
};
};
services.openssh.settings.PermitRootLogin = "yes";
security.rtkit.enable = true;
users.groups."media".name = "media";
services = {
copyparty = {
enable = true;
settings = {
i = "100.64.214.3";
};
accounts = {
};
volumes = {
"/" = {
path = "/srv/copyparty";
access = {
rw = "*";
};
};
};
};
jellyfin = {
enable = true;
group = "media";
};
music-assistant = {
enable = true;
providers = [
"builtin_player"
"chromecast"
"hass"
"hass_players"
"soundcloud"
"spotify"
"spotify_connect"
"ytmusic"
];
};
pipewire = {
enable = true;
pulse.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
wireplumber.enable = true;
};
};
programs.virt-manager.enable = true;
virtualisation = {
libvirtd = {
enable = true;
allowedBridges = ["br0"];
};
oci-containers = {
backend = "podman";
containers.homeassistant = {
volumes = ["home-assistant:/config"];
environment.TZ = "Europe/Berlin";
image = "ghcr.io/home-assistant/home-assistant:2025.10.2";
extraOptions = [
# Use the host network namespace for all sockets
"--network=host"
# Pass devices into the container, so Home Assistant can discover and make use of them
"--device=/dev/ttyUSB0:/dev/ttyUSB0"
];
};
};
};
# systemd.services.libvirt-default-network = {
# description = "Start libvirt bridge network";
# after = ["libvirtd.service"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = true;
# ExecStart = "${pkgs.libvirt}/bin/virsh net-start bridged-network";
# ExecStop = "${pkgs.libvirt}/bin/virsh net-destroy bridged-network";
# User = "root";
# };
# };
# systemd.services.libvirt-home-assistant = {
# description = "Start home assistant VM";
# after = ["libvirt-default-network.service"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = true;
# ExecStart = "${pkgs.libvirt}/bin/virsh start hass";
# ExecStop = "${pkgs.libvirt}/bin/virsh destroy hass";
# User = "root";
# };
# };
system.stateVersion = "25.05"; # Did you read the comment?
}