Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

changes to home assistant, docker images, rustdesk relay

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2024-02-28 23:38:15 +01:00
parent 8650c3f6ee
commit c9e4ab6af0
15 changed files with 292 additions and 199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
hosts/fw.cloonar.com/modules/dhcp4.nix
View File

@@ -17,11 +17,6 @@
persist = true; persist = true;
type = "memfile"; type = "memfile";
}; };
dhcp-ddns = {
enable-updates = true;
qualifying-suffix = "cloonar.com.";
replace-client-name = "when-not-present";
};
rebind-timer = 2000; rebind-timer = 2000;
renew-timer = 1000; renew-timer = 1000;
subnet4 = [ subnet4 = [
@@ -42,27 +37,16 @@
name = "domain-name"; name = "domain-name";
data = "cloonar.com"; data = "cloonar.com";
} }
{
name = "domain-search";
data = "cloonar.com";
}
{ {
name = "domain-name-servers"; name = "domain-name-servers";
data = "10.42.96.1"; data = "10.42.96.1";
} }
]; ];
reservations = [ reservations = [
{
hw-address = "98:b6:e9:b6:ef:f4";
ip-address = "10.42.96.21";
server-hostname = "switch.cloonar.com";
}
{
hw-address = "c4:a7:2b:c7:ea:30";
ip-address = "10.42.96.167";
server-hostname = "metz.cloonar.com";
}
{
hw-address = "bc:33:29:ed:24:f0";
ip-address = "10.42.96.176";
server-hostname = "ps5-living.cloonar.com";
}
]; ];
} }
{ {
@@ -171,7 +155,27 @@
{ {
hw-address = "c4:a7:2b:c7:ea:30"; hw-address = "c4:a7:2b:c7:ea:30";
ip-address = "10.42.99.10"; ip-address = "10.42.99.10";
server-hostname = "metz.cloonar.com"; hostname = "metz.cloonar.multimedia";
}
{
hw-address = "f0:2f:9e:d4:3b:21";
ip-address = "10.42.99.11";
hostname = "firetv-living";
}
{
hw-address = "bc:33:29:ed:24:f0";
ip-address = "10.42.99.12";
hostname = "ps5";
}
{
hw-address = "bc:33:29:ed:24:f1";
ip-address = "10.42.99.13";
hostname = "xbox";
}
{
hw-address = "98:b6:e9:b6:ef:f4";
ip-address = "10.42.99.14";
hostname = "switch";
} }
]; ];
} }
@@ -209,7 +213,7 @@
} }
{ {
name = "domain-name"; name = "domain-name";
data = "cloonar.com"; data = "cloonar.smart";
} }
{ {
name = "domain-name-servers"; name = "domain-name-servers";
@@ -217,11 +221,6 @@
} }
]; ];
reservations = [ reservations = [
{
hw-address = "7a:5a:d6:d0:29:fe";
ip-address = "10.42.100.10";
server-hostname = "home-assistant.cloonar.com";
}
{ {
hw-address = "60:a4:23:97:4a:ec"; hw-address = "60:a4:23:97:4a:ec";
ip-address = "10.42.100.21"; ip-address = "10.42.100.21";

3
hosts/fw.cloonar.com/modules/firewall.nix
View File

@@ -87,9 +87,10 @@
iifname { "lan", "server", "vserver", "wg_cloonar" } oifname { "lan", "vb-*", "server", "vserver", "infrastructure", "multimedia", "smart", "wg_cloonar" } counter accept iifname { "lan", "server", "vserver", "wg_cloonar" } oifname { "lan", "vb-*", "server", "vserver", "infrastructure", "multimedia", "smart", "wg_cloonar" } counter accept
iifname { "lan", "server", "wg_cloonar" } oifname { "wrwks", "wg_epicenter", "wg_ghetto_at" } counter accept iifname { "lan", "server", "wg_cloonar" } oifname { "wrwks", "wg_epicenter", "wg_ghetto_at" } counter accept
iifname { "infrastructure" } oifname { "server", "vserver" } counter accept iifname { "infrastructure" } oifname { "server", "vserver" } counter accept
iifname { "lan", "wan" } udp dport { 8211, 27015 } counter accept comment "palworld"
# accept palword server # accept palword server
iifname { "wan", "lan" } oifname "podman0" udp dport { 8211, 27015 } counter accept iifname { "wan", "lan" } oifname "podman0" udp dport { 8211, 27015 } counter accept comment "palworld"
# allow all established, related # allow all established, related
ct state { established, related } accept comment "Allow established traffic" ct state { established, related } accept comment "Allow established traffic"

10
hosts/fw.cloonar.com/modules/home-assistant/ac.nix
View File

@@ -24,7 +24,7 @@
action = { action = {
service = "climate.set_hvac_mode"; service = "climate.set_hvac_mode";
target = { target = {
entity_id = "climate.livingroom_ac"; entity_id = "climate.living_room";
}; };
data = { data = {
hvac_mode = "off"; hvac_mode = "off";
@@ -37,8 +37,8 @@
trigger = { trigger = {
platform = "state"; platform = "state";
entity_id = [ entity_id = [
"climate.livingroom_ac" "climate.living_room"
"climate.bedroom_ac" "climate.bedroom"
]; ];
to = [ to = [
"heat" "heat"
@@ -70,7 +70,7 @@
{ {
service = "climate.set_hvac_mode"; service = "climate.set_hvac_mode";
target = { target = {
entity_id = "climate.bedroom_ac"; entity_id = "climate.bedroom";
}; };
data = { data = {
hvac_mode = "cold"; hvac_mode = "cold";
@@ -93,7 +93,7 @@
action = { action = {
service = "climate.set_hvac_mode"; service = "climate.set_hvac_mode";
target = { target = {
entity_id = "climate.bedroom_ac"; entity_id = "climate.bedroom";
}; };
data = { data = {
hvac_mode = "off"; hvac_mode = "off";

32
hosts/fw.cloonar.com/modules/home-assistant/battery.nix
View File

@@ -50,28 +50,28 @@
sensor_low_battery = { sensor_low_battery = {
name = "Sensor has low battery!"; name = "Sensor has low battery!";
message = '' message = ''
{%- set domains = ['sensor', 'battery'] -%} {% set domains = ['sensor', 'battery'] %}
{%- set threshold = 30 -%} {% set threshold = 30 %}
{%- set exclude_entities = ['sensor.sensors_lowest_battery_level','sensor.dominiks_iphone_battery_level'] -%} {%- set exclude_entities = ['sensor.sensors_lowest_battery_level','sensor.dominiks_iphone_battery_level','sensor.roborock_s8_pro_ultra_battery'] -%}
Sensors are below 50% battery: Sensors are below 50% battery:
{%- for domain in domains -%} {% for domain in domains %}
{%- for item in states[domain] -%} {% for item in states[domain] %}
{%- if item.entity_id not in exclude_entities -%} {% if item.entity_id not in exclude_entities %}
{%- if item.attributes.battery_level is defined -%} {% if item.attributes.battery_level is defined %}
{%- set level = item.attributes.battery_level|int -%} {% set level = item.attributes.battery_level|int %}
{% if level > 0 and level < threshold %} {% if level > 0 and level < threshold %}
- {{ item.attributes.friendly_name }} ({{ item.attributes['battery_level']|int}}%) - {{ item.attributes.friendly_name }} ({{ item.attributes['battery_level']|int}}%)
{%- endif -%} {%- endif -%}
{%- endif -%} {% endif %}
{%- if item.attributes.device_class is defined and item.attributes.device_class == 'battery' -%} {% if item.attributes.device_class is defined and item.attributes.device_class == 'battery' %}
{%- set level = item.state|int -%} {% set level = item.state|int %}
{% if level > 0 and level <= threshold %} {% if level > 0 and level <= threshold %}
- {{ item.attributes.friendly_name }} ({{ item.state|int }}%) - {{ item.attributes.friendly_name }} ({{ item.state|int }}%)
{%- endif -%} {% endif %}
{%- endif %} {% endif %}
{%- endif -%} {% endif %}
{%- endfor -%} {% endfor %}
{%- endfor -%} {% endfor %}
''; '';
entity_id = "binary_sensor.sensor_low_battery"; entity_id = "binary_sensor.sensor_low_battery";
state = "on"; state = "on";

2
hosts/fw.cloonar.com/modules/home-assistant/light.nix
View File

@@ -99,7 +99,7 @@
]; ];
} }
{ {
conditions = [ "{{ state_attr('sun.sun', 'elevation') < 5 and trigger.entity_id == 'light.bathroom_light' }}" ]; conditions = [ "{{ state_attr('sun.sun', 'elevation') < 5 and trigger.entity_id == 'light.bathroom_lights' }}" ];
sequence = [ sequence = [
{ {
service = "light.turn_on"; service = "light.turn_on";

224
hosts/fw.cloonar.com/modules/home-assistant/multimedia.nix
View File

@@ -1,34 +1,43 @@
{ {
services.home-assistant.extraComponents = [ services.home-assistant.extraComponents = [
"ping"
"broadlink" "broadlink"
"androidtv" "androidtv"
"samsungtv"
]; ];
services.home-assistant.config = { services.home-assistant.config = {
# binary_sensor = [ binary_sensor = [
# { {
# name = "ps5_living"; name = "xbox";
# platform = "command_line"; platform = "ping";
# command = "python /var/lib/hass/ps5.py -q -b 10.42.96.176"; host = "xbox.cloonar.multimedia";
# device_class = "connectivity"; count = 1;
# scan_interval = 5; scan_interval = 2;
# } }
# { {
# platform = "template"; name = "ps5";
# sensors = { platform = "ping";
# multimedia_device_on = { host = "ps5.cloonar.multimedia";
# friendly_name = "Any multimedia device on"; count = 1;
# device_class = "connectivity"; scan_interval = 2;
# value_template = '' }
# {% if is_state('binary_sensor.ps5_living', 'on') or states('media_player.fire_tv_firetv_living_cloonar_com') != 'off' or states('device_tracker.xbox') == 'home' %} {
# on platform = "template";
# {% else %} sensors = {
# off multimedia_device_on = {
# {% endif %} friendly_name = "Any multimedia device on";
# ''; device_class = "connectivity";
# }; value_template = ''
# }; {% if is_state('binary_sensor.ps5', 'on') or is_state('binary_sensor.xbox', 'on') or states('media_player.fire_tv_firetv_living_cloonar_multimedia') != 'off' %}
# } on
# ]; {% else %}
off
{% endif %}
'';
};
};
}
];
# "automation tv scene" = { # "automation tv scene" = {
# alias = "auto tv scene"; # alias = "auto tv scene";
# hide_entity = true; # hide_entity = true;
@@ -76,8 +85,8 @@
hide_entity = true; hide_entity = true;
trigger = { trigger = {
platform = "state"; platform = "state";
entity_id = "device-tracker.xbox"; entity_id = "binary_sensor.xbox";
to = "home"; to = "on";
}; };
action = [ action = [
{ {
@@ -89,70 +98,6 @@
source = "Xbox"; source = "Xbox";
}; };
} }
{
delay = 5;
}
{
service = "denonavr.get_command";
target = {
entity_id = "media_player.marantz_sr6015";
};
data = {
command = "/goform/formiPhoneAppDirect.xml?PWSTANDBY";
};
}
];
};
"automation firetv on" = {
alias = "firetv on";
hide_entity = true;
trigger = {
platform = "state";
entity_id = "media_player.fire_tv_firetv_living_cloonar_com";
from = "off";
};
action = [
{
service = "denonavr.get_command";
target = {
entity_id = "media_player.marantz_sr6015";
};
data = {
command = "/goform/formiPhoneAppDirect.xml?SIMPLAY";
};
}
{
delay = 5;
}
{
service = "denonavr.get_command";
target = {
entity_id = "media_player.marantz_sr6015";
};
data = {
command = "/goform/formiPhoneAppDirect.xml?PWSTANDBY";
};
}
];
};
# "automation ps5 on" = {
# alias = "ps5 on";
# hide_entity = true;
# trigger = {
# platform = "state";
# entity_id = "binary_sensor.ps5_living";
# to = "on";
# };
# action = [
# {
# service = "denonavr.get_command";
# target = {
# entity_id = "media_player.marantz_sr6015";
# };
# data = {
# command = "/goform/formiPhoneAppDirect.xml?SIBD";
# };
# }
# { # {
# delay = 5; # delay = 5;
# } # }
@@ -165,8 +110,48 @@
# command = "/goform/formiPhoneAppDirect.xml?PWSTANDBY"; # command = "/goform/formiPhoneAppDirect.xml?PWSTANDBY";
# }; # };
# } # }
# ]; ];
# }; };
"automation firetv on" = {
alias = "firetv on";
hide_entity = true;
trigger = {
platform = "state";
entity_id = "media_player.fire_tv_firetv_living_cloonar_multimedia";
from = "off";
};
action = [
{
service = "denonavr.get_command";
target = {
entity_id = "media_player.marantz_sr6015";
};
data = {
command = "/goform/formiPhoneAppDirect.xml?SIMPLAY";
};
}
];
};
"automation ps5 on" = {
alias = "ps5 on";
hide_entity = true;
trigger = {
platform = "state";
entity_id = "binary_sensor.ps5";
to = "on";
};
action = [
{
service = "denonavr.get_command";
target = {
entity_id = "media_player.marantz_sr6015";
};
data = {
command = "/goform/formiPhoneAppDirect.xml?SIBD";
};
}
];
};
"automation all multimedia off" = { "automation all multimedia off" = {
alias = "all multimedia off"; alias = "all multimedia off";
trigger = { trigger = {
@@ -176,18 +161,10 @@
}; };
action = [ action = [
{ {
conditions = [ "{{ states('media_player.android_tv_metz_cloonar_com') != 'off'}}" ]; service = "media_player.turn_off";
sequence = [
{
service = "androidtv.adb_command";
target = { target = {
device_id = "a5e50f268f3a2dbd0741fb8e9ff7f931"; entity_id = "media_player.android_tv_metz_cloonar_multimedia";
}; };
data = {
command = "POWER";
};
}
];
} }
{ {
service = "denonavr.get_command"; service = "denonavr.get_command";
@@ -212,47 +189,32 @@
conditions = [ conditions = [
{ {
condition = "state"; condition = "state";
entity_id = "media_player.android_tv_metz_cloonar_com"; entity_id = "media_player.android_tv_metz_cloonar_multimedia";
state = "off"; state = "off";
} }
{ {
condition = "state"; condition = "state";
entity_id = "media_player.android_tv_metz_cloonar_com"; entity_id = "media_player.android_tv_metz_cloonar_multimedia";
state = "unavailable"; state = "unavailable";
} }
]; ];
}; };
action = [ action = [
{
service = "androidtv.adb_command";
target = {
device_id = "a5e50f268f3a2dbd0741fb8e9ff7f931";
};
data = {
command = "POWER";
};
}
{
delay = 5;
}
{ {
choose = [ choose = [
{ {
conditions = [ conditions = [
{ {
condition = "state"; condition = "state";
entity_id = "media_player.android_tv_metz_cloonar_com"; entity_id = "media_player.android_tv_metz_cloonar_multimedia";
state = "off"; state = "off";
} }
]; ];
sequence = [ sequence = [
{ {
service = "androidtv.adb_command"; service = "media_player.turn_on";
target = { target = {
device_id = "a5e50f268f3a2dbd0741fb8e9ff7f931"; entity_id = "media_player.android_tv_metz_cloonar_multimedia";
};
data = {
command = "adb shell am start -a android.intent.action.VIEW -d content://android.media.tv/passthrough/com.mediatek.tvinput%2F.hdmi.HDMIInputService%2FHDMI100004";
}; };
} }
]; ];
@@ -261,7 +223,7 @@
conditions = [ conditions = [
{ {
condition = "state"; condition = "state";
entity_id = "media_player.android_tv_metz_cloonar_com"; entity_id = "media_player.android_tv_metz_cloonar_multimedia";
state = "unavailable"; state = "unavailable";
} }
]; ];
@@ -269,7 +231,7 @@
{ {
service = "remote.send_command"; service = "remote.send_command";
target = { target = {
device_id = "46988d2d424728f7355fe12b09e88e0e"; entity_id = "remote.rmproplus";
}; };
data = { data = {
num_repeats = 1; num_repeats = 1;
@@ -282,6 +244,18 @@
} }
]; ];
} }
{
delay = 5;
}
{
service = "androidtv.adb_command";
target = {
entity_id = "media_player.android_tv_metz_cloonar_multimedia";
};
data = {
command = "adb shell am start -a android.intent.action.VIEW -d content://android.media.tv/passthrough/com.mediatek.tvinput%2F.hdmi.HDMIInputService%2FHDMI100004";
};
}
]; ];
}; };
# "automation multimedia input" = { # "automation multimedia input" = {

6
hosts/fw.cloonar.com/modules/home-assistant/sleep.nix
View File

@@ -12,7 +12,7 @@
action = { action = {
service_template = "switch.turn_on"; service_template = "switch.turn_on";
data_template = { data_template = {
entity_id = "switch.coffee_switch"; entity_id = "switch.coffee";
}; };
}; };
}; };
@@ -49,6 +49,10 @@
service = "light.turn_on"; service = "light.turn_on";
entity_id = "light.bedroom_bed"; entity_id = "light.bedroom_bed";
} }
{
service = "switch.turn_off";
entity_id = "switch.coffee";
}
]; ];
} }
]; ];

6
hosts/fw.cloonar.com/modules/palworld.nix
View File

@@ -4,7 +4,7 @@
virtualisation.oci-containers.backend = "podman"; virtualisation.oci-containers.backend = "podman";
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
palworld = { palworld = {
image = "thijsvanloef/palworld-server-docker:v0.24.2"; image = "thijsvanloef/palworld-server-docker:latest";
autoStart = true; autoStart = true;
ports = [ ports = [
"8211:8211/udp" "8211:8211/udp"
@@ -19,7 +19,5 @@
}; };
}; };
sops.secrets.palworld = { sops.secrets.palworld = {};
# owner = config.systemd.services.ddclient.serviceConfig.User;
};
} }

60
hosts/fw.cloonar.com/modules/podman.nix
View File

@@ -2,6 +2,20 @@
let let
cids = import ../modules/staticids.nix; cids = import ../modules/staticids.nix;
json = pkgs.formats.json { }; json = pkgs.formats.json { };
update-containers = pkgs.writeShellScriptBin "update-containers" ''
SUDO=""
if [[ $(id -u) -ne 0 ]]; then
SUDO="sudo"
fi
images=$($SUDO ${pkgs.podman}/bin/podman ps -a --format="{{.Image}}" | sort -u)
for image in $images
do
$SUDO ${pkgs.podman}/bin/podman pull $image
done
'';
in { in {
users.groups.podman.gid = cids.gids.podman; users.groups.podman.gid = cids.gids.podman;
virtualisation = { virtualisation = {
@@ -37,27 +51,27 @@ in {
}; };
}); });
}; };
#
# systemd.sockets."netavark-dhcp-proxy" = { systemd.timers = {
# description = "Netavark DHCP proxy socket"; # ...
# socketConfig = { updatecontainers = {
# ListenStream = "%t/podman/nv-proxy.sock"; timerConfig = {
# SocketMode = 0660; Unit = "updatecontainers.service";
# }; OnCalendar = "02:00";
# wantedBy = [ "sockets.target" ]; };
# }; wantedBy = [ "timers.target" ];
# };
# systemd.services."netavark-dhcp-proxy" = { # ...
# description = "Netavark DHCP proxy service"; };
# after = [ "netavark-dhcp-proxy.socket" ];
# requires = [ "netavark-dhcp-proxy.socket" ]; systemd.services = {
# wantedBy = [ "multi-user.target" "netavark-dhcp-proxy.socket" ]; # ...
# path = [ pkgs.netavark ]; updatecontainers = {
# startLimitIntervalSec = 0; serviceConfig = {
# Type = "oneshot";
# serviceConfig = { ExecStart = "${update-containers}/bin/update-containers";
# Type = "exec"; };
# ExecStart= "${pkgs.netavark}/bin/netavark dhcp-proxy -a 30"; };
# }; # ...
# }; };
} }

31
hosts/fw.cloonar.com/modules/unbound.nix
View File

@@ -73,9 +73,10 @@ let
"\"upgrade-staging.wienbautvor.at IN A 10.254.240.110\"" "\"upgrade-staging.wienbautvor.at IN A 10.254.240.110\""
"\"upgrade-staging.wienwohntbesser.at IN A 10.254.240.110\"" "\"upgrade-staging.wienwohntbesser.at IN A 10.254.240.110\""
"\"metz.cloonar.com IN A 10.42.99.10\"" "\"metz.cloonar.multimedia IN A 10.42.99.10\""
"\"firetv-living.cloonar.com IN A 10.42.96.175\"" "\"ps5.cloonar.multimedia IN A 10.42.99.12\""
"\"ps5-living.cloonar.com IN A 10.42.96.176\"" "\"xbox.cloonar.multimedia IN A 10.42.99.13\""
"\"switch.cloonar.multimedia IN A 10.42.99.14\""
"\"shellycolorbulb-34945479bc57.cloonar.com IN A 10.42.100.130\"" "\"shellycolorbulb-34945479bc57.cloonar.com IN A 10.42.100.130\""
"\"shellycolorbulb-485519d9a1b2.cloonar.com IN A 10.42.100.131\"" "\"shellycolorbulb-485519d9a1b2.cloonar.com IN A 10.42.100.131\""
@@ -189,7 +190,7 @@ in {
function readFileUnique() { function readFileUnique() {
readFile "''\$1" ''\$2 | uniq | while IFS=, read -r address hostname readFile "''\$1" ''\$2 | uniq | while IFS=, read -r address hostname
do do
if [[ "''\${hostname}" == *.cloonar.com ]] ; then if echo "''\${1}" | grep -Eq '.*\.(cloonar.com|cloonar.multimedia|cloonar.smart)'; then
echo ''\${hostname} ''\$2 ''\${address} echo ''\${hostname} ''\$2 ''\${address}
unbound-control local_data ''\${hostname} ''\$2 ''\${address} unbound-control local_data ''\${hostname} ''\$2 ''\${address}
if [[ "''\$2" == "A" ]] ; then if [[ "''\$2" == "A" ]] ; then
@@ -199,6 +200,28 @@ in {
unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.in-addr.arpa. PTR ''\${hostname} unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.in-addr.arpa. PTR ''\${hostname}
done done
fi fi
else
if [[ "''\$2" == "A" ]] ; then
echo ''\${address} | while IFS=. read -r ip0 ip1 ip2 ip3
do
if [[ "''\${hostname}" != "" ]] && [[ "''\${hostname}" != *. ]]; then
if [[ "''\${ip2}" == 96 ]]; then
unbound-control local_data ''\${hostname}.cloonar.com ''\$2 ''\${address}
fi
if [[ "''\${ip2}" == 97 ]]; then
unbound-control local_data ''\${hostname}.cloonar.com ''\$2 ''\${address}
fi
if [[ "''\${ip2}" == 99 ]]; then
unbound-control local_data ''\${hostname}.cloonar.multimedia ''\$2 ''\${address}
fi
if [[ "''\${ip2}" == 100 ]]; then
unbound-control local_data ''\${hostname}.cloonar.smart ''\$2 ''\${address}
fi
fi
unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.ip4.arpa. PTR ''\${hostname}
unbound-control local_data ''\${ip3}.''\${ip2}.''\${ip1}.''\${ip0}.in-addr.arpa. PTR ''\${hostname}
done
fi
fi fi
done done
} }

39
hosts/fw.cloonar.com/modules/update-containers.nix Normal file
View File

@@ -0,0 +1,39 @@
{ config, pkgs, ... }:
let
update-containers = pkgs.writeShellScriptBin "update-containers" ''
SUDO=""
if [[ $(id -u) -ne 0 ]]; then
SUDO="sudo"
fi
images=$($SUDO ${pkgs.podman}/bin/podman ps -a --format="{{.Image}}" | sort -u)
for image in $images
do
$SUDO ${pkgs.podman}/bin/podman pull $image
done
'';
in {
systemd.timers = {
# ...
updatecontainers = {
timerConfig = {
Unit = "updatecontainers.service";
OnCalendar = "02:00";
};
wantedBy = [ "timers.target" ];
};
# ...
};
systemd.services = {
# ...
updatecontainers = {
serviceConfig = {
Type = "oneshot";
ExecStart = "update-containers";
};
};
# ...
};
}

13
hosts/nb-01.cloonar.com/configuration.nix
View File

@@ -3,7 +3,9 @@
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }: { config, pkgs, ... }:
{ let
unstable = import <nixos-unstable> { config = { allowUnfree = true; }; };
in {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
imports = imports =
@@ -27,10 +29,10 @@
]; ];
nixpkgs.config.permittedInsecurePackages = [ # nixpkgs.config.permittedInsecurePackages = [
"openssl-1.1.1v" # "openssl-1.1.1v"
"electron-24.8.6" # "electron-24.8.6"
]; # ];
fonts.packages = with pkgs; [ fonts.packages = with pkgs; [
open-sans open-sans
@@ -123,6 +125,7 @@
git-filter-repo git-filter-repo
ykfde ykfde
nix-prefetch-git nix-prefetch-git
unstable.rustdesk-flutter
]; ];
environment.variables = { environment.variables = {

1
hosts/nb-01.cloonar.com/modules/sway/sway.nix
View File

@@ -72,7 +72,6 @@ in {
pinentry pinentry
rbw rbw
rofi-rbw rofi-rbw
rustdesk
slurp slurp
sway sway
sway-launcher-desktop sway-launcher-desktop

2
hosts/web-01.cloonar.com/configuration.nix
View File

@@ -10,6 +10,7 @@
./modules/zammad ./modules/zammad
./modules/authelia ./modules/authelia
# ./modules/nextcloud # ./modules/nextcloud
./modules/rustdesk.nix
./modules/postgresql.nix ./modules/postgresql.nix
./modules/grafana.nix ./modules/grafana.nix
./modules/loki.nix ./modules/loki.nix
@@ -39,7 +40,6 @@
./sites/api.optiprot.cloonar.dev.nix ./sites/api.optiprot.cloonar.dev.nix
./sites/cloonar.dev.nix ./sites/cloonar.dev.nix
# ./sites/diabetes-austria.cloonar.dev.nix
./sites/paraclub.cloonar.dev.nix ./sites/paraclub.cloonar.dev.nix
./sites/api.paraclub.cloonar.dev.nix ./sites/api.paraclub.cloonar.dev.nix
./sites/tandem.paraclub.cloonar.dev.nix ./sites/tandem.paraclub.cloonar.dev.nix

39
hosts/web-01.cloonar.com/modules/rustdesk.nix Normal file
View File

@@ -0,0 +1,39 @@
{ config, pkgs, ... }:
{
virtualisation = {
podman.enable = true;
oci-containers.containers = {
rustdesk-server = {
image = "rustdesk/rustdesk-server-s6:1";
volumes = [ "/var/lib/rustdesk-server:/data" ];
environment = {
RELAY = "rustdesk.cloonar.com:21117";
};
ports = [
"21115:21115"
"21116:21116"
"21116:21116/udp"
"21118:21118"
"21117:21117"
"21119:21119"
];
};
};
};
users.users.rustdesk-server = {
isSystemUser = true;
group = "rustdesk-server";
home = "/var/lib/rustdesk-server";
createHome = true;
};
users.groups.rustdesk-server = { };
users.groups.docker.members = [ "rustdesk-server" ];
networking.firewall = {
enable = true;
allowedTCPPorts = [ 5000 21115 21116 21117 21118 21119 ];
allowedUDPPorts = [ 21116 ];
};
}