martials/nixos-configuration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: martials:6686cee86648f5d14d7bffa6aa8b2cea0778f7fb
Branches Tags
martials:main
..
compare: martials:main
Branches Tags
martials:main

6 Commits
6686cee866 ... main

Author SHA1 Message Date
Martin Berg Alstad
07bc352954 [pi4] Working keycloak config 2025-09-23 16:08:53 +00:00
Martin Berg Alstad
e66d655997 🔥 [pi4] Disable Nextcloud 2025-09-23 16:08:53 +00:00
Martin Berg Alstad
79e7214c99 [pi4] Reverse-proxy to recurring-event-api 2025-09-23 16:08:53 +00:00
Martin Berg Alstad
e12545bf37 [pi4] Constraint cores to 2 in order to avoid stalling 2025-09-23 16:08:53 +00:00
Martin Berg Alstad
b28e5da9c2 [shared/desktop] Catppuccin for Zed using flake 2025-09-07 13:34:54 +02:00
Martin Berg Alstad
6cf958235e [pi4] Initial Keycloak setup 2025-09-06 15:31:05 +00:00
7 changed files with 58 additions and 17 deletions
Expand all files Collapse all files

6
hosts/pi4/default.nix
View File

@ -11,6 +11,7 @@
./hardware.nix ./hardware.nix
./headscale.nix ./headscale.nix
./home-assitant.nix ./home-assitant.nix
./keycloak.nix
./mailserver.nix ./mailserver.nix
./nextcloud.nix ./nextcloud.nix
./nginx.nix ./nginx.nix
@ -18,4 +19,9 @@
./postgres.nix ./postgres.nix
./security ./security
]; ];
nix.settings = {
cores = 2;
max-jobs = 4;
};
} }

33
hosts/pi4/keycloak.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, common, ... }:
let
port = 8086;
domain = "beta.auth.${common.domain}";
dbPassKey = "keycloak/database-pass";
in
{
services = {
keycloak = {
enable = true;
settings = {
hostname = "https://${domain}";
http-port = port;
http-enabled = true;
};
database = {
type = "postgresql";
createLocally = true;
port = config.services.postgresql.settings.port;
passwordFile = config.sops.secrets.${dbPassKey}.path;
};
initialAdminPassword = "changeme";
};
nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:${toString port}";
};
};
sops.secrets.${dbPassKey} = { };
}

2
hosts/pi4/nextcloud.nix
View File

@ -19,7 +19,7 @@ in
services = { services = {
nextcloud = { nextcloud = {
enable = true; enable = false;
autoUpdateApps.enable = true; autoUpdateApps.enable = true;

1
hosts/pi4/nginx.nix
View File

@ -84,6 +84,7 @@ in
"track.${domain}" = homelabProxy 8090; "track.${domain}" = homelabProxy 8090;
# Donetick # Donetick
"chore.${domain}" = homelabProxy 2021; "chore.${domain}" = homelabProxy 2021;
"recurring-events-api.${domain}" = homelabProxy 8095;
}; };
}; };

4
hosts/pi4/postgres.nix
View File

@ -4,8 +4,10 @@
services.postgresql = { services.postgresql = {
enable = true; enable = true;
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method #type database DBuser url auth-method
local all all trust local all all trust
# ipv4
host all all 127.0.0.1/32 trust
''; '';
}; };
} }

21
shared/desktop/home-manager/development/zed.nix
View File

@ -1,13 +1,20 @@
{ pkgs, theme, ... }: { pkgs, theme, ... }:
{ {
catppuccin.zed = {
enable = true;
flavor = theme.flavor;
icons = {
enable = true;
flavor = theme.flavor;
};
};
programs.zed-editor = { programs.zed-editor = {
enable = true; enable = true;
package = pkgs.unstable.zed-editor; package = pkgs.unstable.zed-editor;
extensions = [ extensions = [
"html" "html"
"catppuccin"
"catppuccin-icons"
"toml" "toml"
"nix" "nix"
"git-firefly" "git-firefly"
@ -33,11 +40,6 @@
features = { features = {
edit_prediction_provider = "zed"; edit_prediction_provider = "zed";
}; };
icon_theme = {
mode = theme.mode;
light = "Catppuccin Latte";
dark = "Catppuccin Mocha";
};
ui_font_family = font; ui_font_family = font;
ui_font_size = fontSize; ui_font_size = fontSize;
buffer_font_size = fontSize; buffer_font_size = fontSize;
@ -45,11 +47,6 @@
file_icons = true; file_icons = true;
git_status = true; git_status = true;
}; };
theme = {
mode = theme.mode;
light = "Catppuccin Latte";
dark = "Catppuccin Mocha";
};
lsp.nil.initialization_options.formatting.command = [ "nixfmt" ]; lsp.nil.initialization_options.formatting.command = [ "nixfmt" ];
}; };
}; };

6
shared/secrets/secrets.yaml
View File

@ -4,6 +4,8 @@ forgejo:
admin-pass: ENC[AES256_GCM,data:RGTOw0Yo5rJGEVLGsQgyk9Wc,iv:SuN770eAgFIVd4pJ6vmPIvVCMqTW/2sBUYUbqym2cHo=,tag:YlyNR/fFchdBwzCuIsWGMA==,type:str] admin-pass: ENC[AES256_GCM,data:RGTOw0Yo5rJGEVLGsQgyk9Wc,iv:SuN770eAgFIVd4pJ6vmPIvVCMqTW/2sBUYUbqym2cHo=,tag:YlyNR/fFchdBwzCuIsWGMA==,type:str]
#ENC[AES256_GCM,data:oMpYBQ30sdCTtgxEZvYxTd9oi9QM0bYp5NisMdQHYT/nF2k=,iv:H9/g7XttJScVXV38+yHdbgWNFDhBYyudjK5BKHTt5wo=,tag:FNfkKfkKWDBUAXiGXkDchw==,type:comment] #ENC[AES256_GCM,data:oMpYBQ30sdCTtgxEZvYxTd9oi9QM0bYp5NisMdQHYT/nF2k=,iv:H9/g7XttJScVXV38+yHdbgWNFDhBYyudjK5BKHTt5wo=,tag:FNfkKfkKWDBUAXiGXkDchw==,type:comment]
runner-token: ENC[AES256_GCM,data:xbULBWrqosktW7XHViLH7Sk76upH31RFQNsBcXWWN7bpRadF3tpBA/hksMyEdg==,iv:v3vzUb5wsWeKWRYWT+ks4ZWGXQRhZ+td3N3bpuwoVc8=,tag:rEVoEw/QOSs8puujsRBxXQ==,type:str] runner-token: ENC[AES256_GCM,data:xbULBWrqosktW7XHViLH7Sk76upH31RFQNsBcXWWN7bpRadF3tpBA/hksMyEdg==,iv:v3vzUb5wsWeKWRYWT+ks4ZWGXQRhZ+td3N3bpuwoVc8=,tag:rEVoEw/QOSs8puujsRBxXQ==,type:str]
keycloak:
database-pass: ENC[AES256_GCM,data:+1lXS/wmBg/klmRqmSW3bZiZ,iv:iFYNIrBzYPBwjusHlPJj6EKDmGgGFmDLhiL+SEq6gHE=,tag:8CoF/94nyhaTHpkij59NGQ==,type:str]
password-hash: ENC[AES256_GCM,data:FsGHBAw/z4tcBRObVlo//UotWHyHns0+vdJVgt2lfGiIfQG+1I60g2Tzgv/O+gz3oz41NIwAYf61SR9AfXhpnc1AxiZRlCBwMQ==,iv:oiJndSVZQ+00UPz0TuJXV+T8x9mtecrNDUaablOGffU=,tag:wQuow7C8KqelJOE9KqCxMA==,type:str] password-hash: ENC[AES256_GCM,data:FsGHBAw/z4tcBRObVlo//UotWHyHns0+vdJVgt2lfGiIfQG+1I60g2Tzgv/O+gz3oz41NIwAYf61SR9AfXhpnc1AxiZRlCBwMQ==,iv:oiJndSVZQ+00UPz0TuJXV+T8x9mtecrNDUaablOGffU=,tag:wQuow7C8KqelJOE9KqCxMA==,type:str]
mailserver: mailserver:
password-hash: ENC[AES256_GCM,data:H5PlCVuwUxIjtWbNsxb/ROkY2KiNhSwvWDvTLBfR596ijRTkaH0xtltsvHiiNHmfKERfcAXKO9EyGNHc,iv:qev1fs0PPydz8cm9D7hLp6ULgUEQJm+E0Pg86bor1to=,tag:zFnJ23NDCXeur+kvNSQV6w==,type:str] password-hash: ENC[AES256_GCM,data:H5PlCVuwUxIjtWbNsxb/ROkY2KiNhSwvWDvTLBfR596ijRTkaH0xtltsvHiiNHmfKERfcAXKO9EyGNHc,iv:qev1fs0PPydz8cm9D7hLp6ULgUEQJm+E0Pg86bor1to=,tag:zFnJ23NDCXeur+kvNSQV6w==,type:str]
@ -38,7 +40,7 @@ sops:
SGdNMnVlQlNEeVJkWmZEM1FRT2JJMGMKbZ/znJM6tFhzhHariRXMLgH/4CRZZKrb SGdNMnVlQlNEeVJkWmZEM1FRT2JJMGMKbZ/znJM6tFhzhHariRXMLgH/4CRZZKrb
YtmSdeL/Pd5YIecCpjDHDn4vQ0TBAmLaX+zVbNbRKmMZoY7777ywfA== YtmSdeL/Pd5YIecCpjDHDn4vQ0TBAmLaX+zVbNbRKmMZoY7777ywfA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-26T18:46:06Z" lastmodified: "2025-09-06T14:03:38Z"
mac: ENC[AES256_GCM,data:uMwyVVzU4KFzJqMzOIZHtCbgGq7Em2KogTDZbfU/CRcl6HGF8/+wKwUp4mYLAFwPXfOoKvSaBTDUYCy76wirWxXz8Vb3JxlfkjR+dvwT7DM1SYVzP4CV6TZlOBDrht6gCG+yaLJkc77AzT7crAW5V4IB/ZaRpBOGrNhIZeS/o+E=,iv:YTOySOIEaojbSm4GmJC8NBMFMD3cuC+u0CMu/5/1wS4=,tag:qdzCZuJpIiKN3dQIDboJjA==,type:str] mac: ENC[AES256_GCM,data:qqadwOj1/xlAdhnwPJZa4nE8nJ7pEFgDqPCDN2/YeJ0C0gGhJpC3Q7FyKrPYNllqTZE0ZtNbiSTltweJQ+RVPuDD/IYUI+Mp/FX4U2B9349F6CwUyFRDHVWuZLWcTOHoRL3PkVQ78xY46ZAXOf9irilWg2cYZZ6p3YSZhZX/E8Y=,iv:B6I3A4gj6qGqo5liJyrDw/N6diQihRytJ6YVPgFJPPM=,tag:zr0gXkQjNWm/FN54+unmRg==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2