improve formatting, add wireguard network to ntopng
This commit is contained in:
Stefan Kempinger
parent
9106bf3903
commit
d065751bdb
1 changed files with 60 additions and 57 deletions
|
|
@ -44,43 +44,45 @@
|
||||||
# i18n.defaultLocale = "en_US.UTF-8";
|
# i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
|
||||||
# Networking
|
# Networking
|
||||||
networking.hostName = "nixos-server";
|
networking = {
|
||||||
networking.useDHCP = false;
|
hostName = "heimserver";
|
||||||
networking.hostId = "5506a8e7";
|
useDHCP = false;
|
||||||
networking.interfaces.eth0.ipv4.addresses = [
|
hostId = "5506a8e7";
|
||||||
{
|
interfaces.eth0.ipv4.addresses = [
|
||||||
address = "192.168.69.69";
|
{
|
||||||
prefixLength = 24;
|
address = "192.168.69.69";
|
||||||
}
|
prefixLength = 24;
|
||||||
];
|
}
|
||||||
networking.defaultGateway = "192.168.69.1";
|
];
|
||||||
#networking.nameservers = [ "1.1.1.1" ];
|
defaultGateway = "192.168.69.1";
|
||||||
networking.firewall.enable = true;
|
#nameservers = [ "1.1.1.1" ];
|
||||||
networking.firewall.allowedTCPPorts = [
|
firewall.enable = true;
|
||||||
22
|
firewall.allowedTCPPorts = [
|
||||||
53
|
22
|
||||||
80
|
53
|
||||||
443
|
80
|
||||||
2222 # forgejo ssh
|
443
|
||||||
8184 # forgejo frontend
|
2222 # forgejo ssh
|
||||||
8123 # homeassistant
|
8184 # forgejo frontend
|
||||||
5580 # homeassistant matter
|
8123 # homeassistant
|
||||||
2283 # immich
|
5580 # homeassistant matter
|
||||||
3003 # immich ml
|
2283 # immich
|
||||||
1984 # frigate go2rtc
|
3003 # immich ml
|
||||||
8971 # frigate
|
1984 # frigate go2rtc
|
||||||
8554 # frigate rtsp
|
8971 # frigate
|
||||||
8555 # frigate rtsp
|
8554 # frigate rtsp
|
||||||
2055 # ntopng sink
|
8555 # frigate rtsp
|
||||||
8182 # ntopng frontend
|
2055 # ntopng sink
|
||||||
8183 # adguardhome frontend
|
8182 # ntopng frontend
|
||||||
9000
|
8183 # adguardhome frontend
|
||||||
];
|
9000
|
||||||
networking.firewall.allowedUDPPorts = [
|
];
|
||||||
53
|
firewall.allowedUDPPorts = [
|
||||||
8555 # frigate rtsp
|
53
|
||||||
2055 # ntopng sink
|
8555 # frigate rtsp
|
||||||
];
|
2055 # ntopng sink
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
# Users
|
# Users
|
||||||
users.users.root = {
|
users.users.root = {
|
||||||
|
|
@ -98,7 +100,6 @@
|
||||||
|
|
||||||
# Packages
|
# Packages
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
vim
|
|
||||||
nano
|
nano
|
||||||
wget
|
wget
|
||||||
curl
|
curl
|
||||||
|
|
@ -226,6 +227,12 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# systemd.services.forgejo.preStart =
|
||||||
|
# ''
|
||||||
|
# ${lib.getExe cfg.package} admin user create --admin --email "root@localhost" --username crazychaoz --password temp123 || true
|
||||||
|
# '';
|
||||||
|
|
||||||
|
|
||||||
# services.borgbackup.jobs."forgejo" = {
|
# services.borgbackup.jobs."forgejo" = {
|
||||||
# paths = config.services.forgejo.repositoryRoot;
|
# paths = config.services.forgejo.repositoryRoot;
|
||||||
# repo = "/backup/forgejo";
|
# repo = "/backup/forgejo";
|
||||||
|
|
@ -254,10 +261,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# systemd.services.forgejo.preStart =
|
|
||||||
# ''
|
|
||||||
# ${lib.getExe cfg.package} admin user create --admin --email "root@localhost" --username crazychaoz --password temp123 || true
|
|
||||||
# '';
|
|
||||||
|
|
||||||
# Virtualisation
|
# Virtualisation
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
|
|
@ -305,7 +308,19 @@
|
||||||
"--privileged"
|
"--privileged"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
containers.mosquitto = {
|
||||||
|
#autoStart = true;
|
||||||
|
volumes = [
|
||||||
|
"mosquitto:/mosquitto"
|
||||||
|
"/run/dbus:/run/dbus:ro"
|
||||||
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
|
];
|
||||||
|
# Note: The image will not be updated on rebuilds, unless the version label changes
|
||||||
|
image = "eclipse-mosquitto";
|
||||||
|
extraOptions = [
|
||||||
|
"--network=host"
|
||||||
|
];
|
||||||
|
};
|
||||||
containers.frigate = {
|
containers.frigate = {
|
||||||
#autoStart = true;
|
#autoStart = true;
|
||||||
volumes = [
|
volumes = [
|
||||||
|
|
@ -321,19 +336,6 @@
|
||||||
"--network=host"
|
"--network=host"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
containers.mosquitto = {
|
|
||||||
#autoStart = true;
|
|
||||||
volumes = [
|
|
||||||
"mosquitto:/mosquitto"
|
|
||||||
"/run/dbus:/run/dbus:ro"
|
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
|
||||||
];
|
|
||||||
# Note: The image will not be updated on rebuilds, unless the version label changes
|
|
||||||
image = "eclipse-mosquitto";
|
|
||||||
extraOptions = [
|
|
||||||
"--network=host"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
containers.netflow2ng = {
|
containers.netflow2ng = {
|
||||||
# Note: The image will not be updated on rebuilds, unless the version label changes
|
# Note: The image will not be updated on rebuilds, unless the version label changes
|
||||||
image = "synfinatic/netflow2ng:v0.1.0";
|
image = "synfinatic/netflow2ng:v0.1.0";
|
||||||
|
|
@ -360,7 +362,7 @@
|
||||||
interfaces = [ "tcp://0.0.0.0:5556" ];
|
interfaces = [ "tcp://0.0.0.0:5556" ];
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
--dns-mode 1
|
--dns-mode 1
|
||||||
--local-networks "185.27.122.0/24=WAN,192.168.69.0/24=LAN"'';
|
--local-networks "185.27.122.0/24=WAN,192.168.69.0/24=LAN,192.168.42.0/24=Wireguard"'';
|
||||||
};
|
};
|
||||||
|
|
||||||
services.influxdb.enable = true;
|
services.influxdb.enable = true;
|
||||||
|
|
@ -393,6 +395,7 @@
|
||||||
"nix-command"
|
"nix-command"
|
||||||
"flakes"
|
"flakes"
|
||||||
];
|
];
|
||||||
|
|
||||||
nix.gc = {
|
nix.gc = {
|
||||||
automatic = true;
|
automatic = true;
|
||||||
dates = "weekly";
|
dates = "weekly";
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue