alejandro-angulo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Misc updates

Browse source
This commit is contained in:
alejandro-angulo 2025-03-31 22:33:40 -07:00
parent 0b5ca6d22c
commit f51256c3ae
Signed by: alejandro-angulo
GPG key ID: 75579581C74554B6
5 changed files with 127 additions and 288 deletions
Download patch file Download diff file Expand all files Collapse all files

33
modules/nixos/services/homeassistant/default.nix
View file

@ -4,12 +4,19 @@
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption mkOption types;
}:
let
inherit (lib)
mkIf
mkEnableOption
mkOption
types
;
cfg = config.${namespace}.services.homeassistant;
hass_cfg = config.services.home-assistant;
in {
in
{
options.${namespace}.services.homeassistant = {
enable = mkEnableOption "home assistant";
acmeCertName = mkOption {
@ -25,14 +32,24 @@ in {
config = mkIf cfg.enable {
services.home-assistant = {
enable = true;
extraPackages = python3packages:
with python3packages; [
extraPackages =
python3packages: with python3packages; [
# postgresql support
psycopg2
# homekit support
hap-python
];
extraComponents = [
"3_day_blinds"
"motion_blinds"
"opower"
"smud"
"cast"
"homekit_controller"
"hue"
"met"
"mqtt"
@ -46,10 +63,10 @@ in {
];
config = {
default_config = {};
default_config = { };
http = {
use_x_forwarded_for = true;
trusted_proxies = ["127.0.0.1"];
trusted_proxies = [ "127.0.0.1" ];
};
recorder.db_url = "postgresql://@/hass";
@ -75,7 +92,7 @@ in {
};
services.postgresql = {
ensureDatabases = ["hass"];
ensureDatabases = [ "hass" ];
ensureUsers = [
{
name = "hass";

70
modules/nixos/services/nextcloud/default.nix
View file

@ -3,7 +3,8 @@
lib,
pkgs,
...
}: let
}:
let
cfg = config.aa.services.nextcloud;
secrets = config.age.secrets;
@ -15,7 +16,8 @@
group = "nextcloud";
};
};
in {
in
{
options.aa.services.nextcloud = with lib; {
enable = mkEnableOption "nextcloud";
acmeCertName = mkOption {
@ -29,28 +31,30 @@ in {
};
config = lib.mkIf cfg.enable {
age.secrets = builtins.listToAttrs (builtins.map (attrs: mkNextcloudSecret attrs) [
{
name = "restic/password";
path = ../../../../secrets/nextcloud_restic_password.age;
}
{
name = "restic/env";
path = ../../../../secrets/nextcloud_restic_env.age;
}
{
name = "restic/repo";
path = ../../../../secrets/nextcloud_restic_repo.age;
}
{
name = "nextcloud_admin";
path = ../../../../secrets/nextcloud_admin.age;
}
]);
age.secrets = builtins.listToAttrs (
builtins.map (attrs: mkNextcloudSecret attrs) [
{
name = "restic/password";
path = ../../../../secrets/nextcloud_restic_password.age;
}
{
name = "restic/env";
path = ../../../../secrets/nextcloud_restic_env.age;
}
{
name = "restic/repo";
path = ../../../../secrets/nextcloud_restic_repo.age;
}
{
name = "nextcloud_admin";
path = ../../../../secrets/nextcloud_admin.age;
}
]
);
services.nextcloud = {
enable = true;
package = pkgs.nextcloud30;
package = pkgs.nextcloud31;
hostName = "nextcloud.kilonull.com";
https = true;
database.createLocally = true;
@ -75,16 +79,18 @@ in {
};
# nextcloud module configures nginx, just need to specify SSL stuffs here
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = lib.mkIf (cfg.acmeCertName != "") {
forceSSL = true;
useACMEHost = cfg.acmeCertName;
};
services.nginx.virtualHosts.${config.services.nextcloud.hostName} =
lib.mkIf (cfg.acmeCertName != "")
{
forceSSL = true;
useACMEHost = cfg.acmeCertName;
};
services.restic.backups = {
nextcloud = {
user = "nextcloud";
initialize = true;
paths = [config.services.nextcloud.datadir];
paths = [ config.services.nextcloud.datadir ];
environmentFile = secrets."restic/env".path;
repositoryFile = secrets."restic/repo".path;
passwordFile = secrets."restic/password".path;
@ -93,10 +99,18 @@ in {
Persistent = true;
RandomizedDelaySec = "5h";
};
pruneOpts = ["--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 9001"];
pruneOpts = [
"--keep-daily 7"
"--keep-weekly 5"
"--keep-monthly 12"
"--keep-yearly 9001"
];
};
};
networking.firewall.allowedTCPPorts = [80 443];
networking.firewall.allowedTCPPorts = [
80
443
];
};
}