nixos-config/machines/weilite/default.nix

88 lines
1.8 KiB
Nix

{ config, pkgs, lib, modulesPath, ... }:
with lib;
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
config = {
networking.hostName = "weilite";
commonSettings = {
auth.enable = true;
nix = {
enable = true;
enableMirrors = true;
};
};
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
kernelModules = [ "kvm-intel" ];
};
environment.systemPackages = [
pkgs.virtiofsd
];
systemd.mounts = [
{ what = "XinPhotos";
where = "/mnt/XinPhotos";
type = "virtiofs";
wantedBy = [ "immich-server.service" ];
}
];
services.openssh.ports = [ 22 2222 ];
services.immich = {
enable = true;
mediaLocation = "/mnt/XinPhotos/immich";
host = "127.0.0.1";
port = 3001;
openFirewall = true;
machine-learning.enable = false;
environment = {
IMMICH_MACHINE_LEARNING_ENABLED = "false";
};
};
services.dae = {
enable = true;
configFile = "/var/lib/dae/config.dae";
};
services.tailscale = {
enable = true;
openFirewall = true;
permitCertUid = "caddy";
};
services.caddy = {
enable = true;
virtualHosts."weilite.coho-tet.ts.net:8080".extraConfig = ''
reverse_proxy 127.0.0.1:${toString config.services.immich.port}
'';
};
time.timeZone = "Asia/Shanghai";
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "btrfs";
};
fileSystems."/boot" = {
device = "/dev/sda1";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
system.stateVersion = "24.11";
};
}