@@ 59,6 59,18 @@ in {
ipv6 = true;
};
+ services.qemuGuest.enable = true;
+/*
+ virtualisation.podman.enable = true;
+ virtualisation.oci-containers = {
+ backend = "podman";
+
+ containers = {
+ #invidious = import ./containers/invidious.nix;
+ };
+ };
+*/
+
# libvirtd now requires polkit to be enabled
security.polkit.enable = true;
@@ 96,6 108,7 @@ in {
443 # http/nginx
3000 # forgejo
4533 # Navidrome
+ 8300 # Invidious
8096 # Jellyfin
];
allowedUDPPorts = [ ];
@@ 128,12 141,14 @@ in {
unzip unar
git ripgrep
clang llvm gcc binutils file
+ pkg-config libusb1 # router7
go
- navidrome jellyfin
+ # navidrome jellyfin
beets-unstable unflac ffmpeg-full dos2unix
nnn # CLI file manager
step-ca step-cli
headscale
+ sqlite
];
# Some programs need SUID wrappers, can be configured further or are
@@ 171,7 186,7 @@ in {
services.nginx.virtualHosts."navidrome.mnetic.ch" = nginxProxy 4533;
services.nginx.virtualHosts."music.mnetic.ch" = nginxProxy 4533;
- services.jellyfin.enable = true;
+ services.jellyfin.enable = false;
services.nginx.virtualHosts."jellyfin.mnetic.ch" = nginxProxy 8096;
services.nginx.virtualHosts."movies.mnetic.ch" = nginxProxy 8096;
@@ 217,16 232,15 @@ in {
};
};
- services.gitea.enable = true;
- services.gitea.package = pkgs.forgejo;
- services.gitea.stateDir = "/mnt/guava/services/foregejo";
- services.gitea.settings = {
+ services.forgejo.enable = true;
+ services.forgejo.stateDir = "/mnt/guava/services/foregejo";
+ services.forgejo.settings = {
server = {
DOMAIN = "git.mnetic.ch";
- ROOT_URL = "http://git.mnetic.ch";
+ ROOT_URL = "https://git.mnetic.ch";
};
service = {
- # DISABLE_REGISTRATION = true;
+ DISABLE_REGISTRATION = false;
REGISTER_MANUAL_CONFIRM = true;
};
security = {
@@ 247,12 261,12 @@ in {
# https://forgejo.org/2023-02-27-forgejo-actions/
# https://forgejo.org/docs/v1.20/admin/actions/
- services.gitea-actions-runner.package = pkgs.unstable.gitea-actions-runner;
+ #services.gitea-actions-runner.package = pkgs.unstable.gitea-actions-runner;
services.gitea-actions-runner.instances.nas = {
enable = true;
name = config.networking.hostName;
url = "http://git.mnetic.ch";
- token = "mGULm6uyFKtMm84ExV2OrUfisaSUzoYf1pQOEDdI";
+ token = "imsvZj4JWPtERBwOhGdiMo4ljmtfa5JXGVUH0Jby";
labels = [];
};
@@ 275,7 289,7 @@ in {
];
};
- services.keycloak.enable = true;
+ services.keycloak.enable = false;
services.keycloak = {
settings = {
hostname = "keycloak.mnetic.ch";
@@ 311,6 325,11 @@ in {
'';
};
+ #services.invidious.enable = true;
+ #services.invidious = {
+ # port = 8300;
+ #};
+
# Optimise the disk storage usage
nix.settings.auto-optimise-store = true;
nix.gc = {