coolneng
/
zion
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Retire monolith from all services

This commit is contained in:
coolneng 2020-06-09 21:53:20 +02:00
parent 993404088a
commit 59bb473451
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
3 changed files with 32 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
modules/datasync.nix
View File

@ -1,11 +1,7 @@
# Syncthing and Radicale configuration # Syncthing and Radicale configuration
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ syncthing radicale ];
syncthing
radicale
];
# Enable syncthing # Enable syncthing
services.syncthing = { services.syncthing = {
@ -15,44 +11,49 @@
dataDir = "/vault/syncthing"; dataDir = "/vault/syncthing";
declarative = { declarative = {
devices = { devices = {
monolith = { id = "64P2YDH-S5V7PKM-XXBOSXC-WEXUSC7-B553ELI-6IJ3CPJ-ZFB3YA5-MTKAFAH"; }; roamer = {
roamer = { id = "7CDUG25-KGBOIA7-Y73TZGA-NEHYLZP-OEOEWVN-DMS5U7K-QNNMPKY-YNGEWQL"; }; id =
panacea = { id = "UNZIABR-GEQ4AWT-XKFADLW-HW3SQ3Y-BEYZ56A-W530DLS-DXGQWKK-2QQ4RQ6"; }; "7CDUG25-KGBOIA7-Y73TZGA-NEHYLZP-OEOEWVN-DMS5U7K-QNNMPKY-YNGEWQL";
};
panacea = {
id =
"UNZIABR-GEQ4AWT-XKFADLW-HW3SQ3Y-BEYZ56A-W530DLS-DXGQWKK-2QQ4RQ6";
};
}; };
folders = { folders = {
Documents = { Documents = {
id = "wusdj-bfjkr"; id = "wusdj-bfjkr";
type = "receiveonly"; type = "receiveonly";
path = "/vault/syncthing/Documents"; path = "/vault/syncthing/Documents";
devices = [ "monolith" "roamer" "panacea" ]; devices = [ "roamer" "panacea" ];
}; };
Notes = { Notes = {
id = "kafhz-bfmzm"; id = "kafhz-bfmzm";
type = "receiveonly"; type = "receiveonly";
path = "/vault/syncthing/Notes"; path = "/vault/syncthing/Notes";
devices = [ "monolith" "roamer" "panacea" ]; devices = [ "roamer" "panacea" ];
}; };
Music = { Music = {
id = "2aqt7-vpprc"; id = "2aqt7-vpprc";
type = "receiveonly"; type = "receiveonly";
path = "/vault/syncthing/Music"; path = "/vault/syncthing/Music";
devices = [ "monolith" "roamer" "panacea" ]; devices = [ "roamer" "panacea" ];
}; };
Photos = { Photos = {
id = "mjibc-ustcg"; id = "mjibc-ustcg";
type = "receiveonly"; type = "receiveonly";
path = "/vault/syncthing/Photos"; path = "/vault/syncthing/Photos";
devices = [ "monolith" "roamer" "panacea" ]; devices = [ "roamer" "panacea" ];
}; };
Projects = { Projects = {
id = "cjhmu-avy9v"; id = "cjhmu-avy9v";
type = "receiveonly"; type = "receiveonly";
path = "/vault/syncthing/Projects"; path = "/vault/syncthing/Projects";
devices = [ "monolith" "panacea" ]; devices = [ "panacea" ];
}; };
}; };
}; };

27
modules/networking.nix
View File

@ -1,15 +1,10 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let password = builtins.readFile /var/lib/ddclient/token; let password = builtins.readFile /var/lib/ddclient/token;
in in {
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ avahi ddclient wireguard mbuffer ];
avahi
ddclient
wireguard
];
# Enable zeroconf # Enable zeroconf
services.avahi = { services.avahi = {
@ -18,11 +13,12 @@
publish = { publish = {
enable = true; enable = true;
userServices = true; userServices = true;
domain = true;
workstation = true;
}; };
reflector = true; reflector = true;
}; };
# Dynamic DNS configuration # Dynamic DNS configuration
services.ddclient = { services.ddclient = {
enable = true; enable = true;
@ -46,8 +42,8 @@
autoLoadConntrackHelpers = true; autoLoadConntrackHelpers = true;
connectionTrackingModules = [ "sane" ]; connectionTrackingModules = [ "sane" ];
extraCommands = '' extraCommands = ''
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
''; '';
}; };
# Disable IPv6 # Disable IPv6
@ -67,9 +63,9 @@
listenPort = 1194; listenPort = 1194;
privateKeyFile = "/home/coolneng/.wg/keys/privatekey"; privateKeyFile = "/home/coolneng/.wg/keys/privatekey";
peers = [ peers = [
# Monolith # Panacea
{ {
publicKey = "ka9a/VB49XMtrMw/ZJmZHThfk2Y5D/8wErLPtN+KvHE="; publicKey = "XMkTztU2Y8hw6Fu/2o4Gszij+EmNacvFMXuZyHS1n38=";
allowedIPs = [ "10.8.0.2/32" ]; allowedIPs = [ "10.8.0.2/32" ];
} }
# Roamer # Roamer
@ -77,11 +73,6 @@
publicKey = "gS5VIUFL74kTs3zxVNT/ijWyOjeAFLEqWynD0Pefh1o="; publicKey = "gS5VIUFL74kTs3zxVNT/ijWyOjeAFLEqWynD0Pefh1o=";
allowedIPs = [ "10.8.0.3/32" ]; allowedIPs = [ "10.8.0.3/32" ];
} }
# Panacea
{
publicKey = "XMkTztU2Y8hw6Fu/2o4Gszij+EmNacvFMXuZyHS1n38=";
allowedIPs = [ "10.8.0.4/32" ];
}
]; ];
}; };
}; };

22
modules/printing.nix
View File

@ -1,11 +1,7 @@
# CUPS and SANE configuration # CUPS and SANE configuration
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }: {
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [ cups sane-backends ];
cups
sane-backends
];
# Enable CUPS with Zeroconf # Enable CUPS with Zeroconf
services.printing = { services.printing = {
@ -18,20 +14,18 @@
# Enable SANE # Enable SANE
hardware.sane = { hardware.sane = {
enable = true; enable = true;
extraBackends = with pkgs; [ hplip ]; extraBackends = with pkgs; [ hplip ];
}; };
services.saned = { services.saned = {
enable = true; enable = true;
extraConfig = '' extraConfig = ''
192.168.1.0/24 192.168.1.0/24
10.8.0.2/32 10.8.0.2/32
''; '';
}; };
users.users.scanner = { users.users.scanner = { extraGroups = [ "lp" ]; };
extraGroups = [ "lp" ];
};
} }