diff --git a/flake.lock b/flake.lock index 299f626..6a58e96 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "catppuccin": { "locked": { - "lastModified": 1720472194, - "narHash": "sha256-CYscFEts6tyvosc1T29nxhzIYJAj/1CCEkV3ZMzSN/c=", + "lastModified": 1721784420, + "narHash": "sha256-bgF6fN4Qgk7NErFKGuuqWXcLORsiykTYyqMUFRiAUBY=", "owner": "catppuccin", "repo": "nix", - "rev": "d75d5803852fb0833767dc969a4581ac13204e22", + "rev": "8bdb55cc1c13f572b6e4307a3c0d64f1ae286a4f", "type": "github" }, "original": { @@ -99,11 +99,11 @@ ] }, "locked": { - "lastModified": 1720734513, - "narHash": "sha256-neWQ8eNtLTd+YMesb7WjKl1SVCbDyCm46LUgP/g/hdo=", + "lastModified": 1722119539, + "narHash": "sha256-2kU90liMle0vKR8exJx1XM4hZh9CdNgZGHCTbeA9yzY=", "owner": "nix-community", "repo": "home-manager", - "rev": "90ae324e2c56af10f20549ab72014804a3064c7f", + "rev": "d0240a064db3987eb4d5204cf2400bc4452d9922", "type": "github" }, "original": { @@ -119,11 +119,11 @@ ] }, "locked": { - "lastModified": 1720926593, - "narHash": "sha256-fW6e27L6qY6s+TxInwrS2EXZZfhMAlaNqT0sWS49qMA=", + "lastModified": 1722136042, + "narHash": "sha256-x3FmT4QSyK28itMiR5zfYhUrG5nY+2dv+AIcKfmSp5A=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "5fe5b0cdf1268112dc96319388819b46dc051ef4", + "rev": "c0ca47e8523b578464014961059999d8eddd4aae", "type": "github" }, "original": { @@ -143,11 +143,11 @@ ] }, "locked": { - "lastModified": 1720920808, - "narHash": "sha256-aq9nBiDz0i+JH47YDtPcx/f5OaMMxy/JvBNLDMe97aI=", + "lastModified": 1722130475, + "narHash": "sha256-VT2GvIRL8+nNSQ/XS9N6m42VDBiNDy7Luz3wMHoPLBk=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "2571d560820e4ce23cf060a4460cebc0d9d17f60", + "rev": "25a36236f5051034e2085fb3414493c921bb1994", "type": "github" }, "original": { @@ -158,11 +158,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1720737798, - "narHash": "sha256-G/OtEAts7ZUvW5lrGMXSb8HqRp2Jr9I7reBuvCOL54w=", + "lastModified": 1722114937, + "narHash": "sha256-MOZ9woPwdpFJcHx3wic2Mlw9aztdKjMnFT3FaeLzJkM=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c5013aa7ce2c7ec90acee5d965d950c8348db751", + "rev": "e67b60fb1b2c3aad2202d95b91d4c218cf2a4fdd", "type": "github" }, "original": { @@ -174,11 +174,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1721187324, - "narHash": "sha256-QA/hwTo9TsEbtTxFjHdyIopyRqVbC3psML9D1CuSGcg=", + "lastModified": 1722178855, + "narHash": "sha256-x842DNrWlcEW4O3ghvoVDkphr8ve1AWzSU2E25Q0hMM=", "owner": "xinyangli", "repo": "nixpkgs", - "rev": "5a00e83edebdcf87790dfa0a304b092f4e3ed694", + "rev": "85549341bb07139d6d12531114d45efad79cfb60", "type": "github" }, "original": { @@ -190,11 +190,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1720691131, - "narHash": "sha256-CWT+KN8aTPyMIx8P303gsVxUnkinIz0a/Cmasz1jyIM=", + "lastModified": 1722087241, + "narHash": "sha256-2ShmEaFi0kJVOEEu5gmlykN5dwjWYWYUJmlRTvZQRpU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a046c1202e11b62cbede5385ba64908feb7bfac4", + "rev": "8c50662509100d53229d4be607f1a3a31157fa12", "type": "github" }, "original": { @@ -206,11 +206,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1720915306, - "narHash": "sha256-6vuViC56+KSr+945bCV8akHK+7J5k6n/epYg/W3I5eQ=", + "lastModified": 1721524707, + "narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "74348da2f3a312ee25cea09b98cdba4cb9fa5d5d", + "rev": "556533a23879fc7e5f98dd2e0b31a6911a213171", "type": "github" }, "original": { @@ -222,11 +222,11 @@ }, "nur": { "locked": { - "lastModified": 1720935990, - "narHash": "sha256-SAji50yPFmnQfD2XsDHk6tqEkRHDcWMpEoOlnEneqAY=", + "lastModified": 1722176547, + "narHash": "sha256-Z1nF2QaPEVdflInS3R1++mAJR0TIZ1V5hKNm8x6OjFA=", "owner": "nix-community", "repo": "NUR", - "rev": "42851361fdfde870bfd7e3c71f2ac5d3113c63d6", + "rev": "4bf1f4aecb27b07334f138eb22668c76d14ce62d", "type": "github" }, "original": { @@ -258,11 +258,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1720926522, - "narHash": "sha256-eTpnrT6yu1vp8C0B5fxHXhgKxHoYMoYTEikQx///jxY=", + "lastModified": 1722114803, + "narHash": "sha256-s6YhI8UHwQvO4cIFLwl1wZ1eS5Cuuw7ld2VzUchdFP0=", "owner": "Mic92", "repo": "sops-nix", - "rev": "0703ba03fd9c1665f8ab68cc3487302475164617", + "rev": "eb34eb588132d653e4c4925d862f1e5a227cc2ab", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 422c338..7b39af7 100644 --- a/flake.nix +++ b/flake.nix @@ -59,6 +59,7 @@ , ... }@inputs: let sharedHmModules = [ + inputs.sops-nix.homeManagerModules.sops inputs.nix-index-database.hmModules.nix-index catppuccin.homeManagerModules.catppuccin self.homeManagerModules @@ -175,6 +176,18 @@ machines/raspite/configuration.nix ] ++ sharedColmenaModules; }; + + weilite = { ... }: { + imports = [ + machines/weilite + ] ++ sharedColmenaModules; + deployment = { + targetHost = "weilite.coho-tet.ts.net"; + targetPort = 2222; + buildOnTarget = false; + }; + nixpkgs.system = "x86_64-linux"; + }; }; nixosConfigurations = { diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix new file mode 100644 index 0000000..83bd70b --- /dev/null +++ b/machines/weilite/default.nix @@ -0,0 +1,88 @@ +{ config, pkgs, lib, modulesPath, ... }: + +with lib; + +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + config = { + networking.hostName = "weilite"; + commonSettings = { + auth.enable = true; + nix = { + enable = true; + enableMirrors = true; + }; + }; + + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ]; + kernelModules = [ "kvm-intel" ]; + }; + + environment.systemPackages = [ + pkgs.virtiofsd + ]; + + systemd.mounts = [ + { what = "XinPhotos"; + where = "/mnt/XinPhotos"; + type = "virtiofs"; + wantedBy = [ "immich-server.service" ]; + } + ]; + + services.openssh.ports = [ 22 2222 ]; + + services.immich = { + enable = true; + mediaLocation = "/mnt/XinPhotos/immich"; + host = "127.0.0.1"; + port = 3001; + openFirewall = true; + machine-learning.enable = false; + environment = { + IMMICH_MACHINE_LEARNING_ENABLED = "false"; + }; + }; + + services.dae = { + enable = true; + configFile = "/var/lib/dae/config.dae"; + }; + + services.tailscale = { + enable = true; + openFirewall = true; + permitCertUid = "caddy"; + }; + + services.caddy = { + enable = true; + virtualHosts."weilite.coho-tet.ts.net:8080".extraConfig = '' + reverse_proxy 127.0.0.1:${toString config.services.immich.port} + ''; + }; + + time.timeZone = "Asia/Shanghai"; + + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = { + device = "/dev/sda1"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + system.stateVersion = "24.11"; + }; +}