raphael/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

style(nixfmt): formatting using nixfmt cli tools

Browse source
This commit is contained in:
Raphael 2025-10-09 00:09:26 +02:00
parent b804520f4c
commit fbe803b928
No known key found for this signature in database
46 changed files with 2133 additions and 1700 deletions
Download patch file Download diff file Expand all files Collapse all files

71
services/bot_discord/ada.nix
View file

@ -1,39 +1,44 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.ada;
cfg = config.service.bot_discord.ada;
in
{
config = lib.mkIf cfg {
users = {
groups.dsc_ada = {
name = "dsc_ada";
};
users.dsc_ada = {
description = "Utilisateur pour le bot Ada";
group = "dsc_ada";
home = "/opt/Ada";
isSystemUser = true;
};
};
config = lib.mkIf cfg {
users = {
groups.dsc_ada = {
name = "dsc_ada";
};
users.dsc_ada = {
description = "Utilisateur pour le bot Ada";
group = "dsc_ada";
home = "/opt/Ada";
isSystemUser = true;
};
};
systemd.services.bot_ada = {
description = "Ada (chdoe asso) discord bot public";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_ada";
WorkingDirectory = "/opt/Ada";
ExecStart = "/opt/Ada/bot.py";
EnvironmentFile = "/opt/Ada/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
systemd.services.bot_ada = {
description = "Ada (chdoe asso) discord bot public";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_ada";
WorkingDirectory = "/opt/Ada";
ExecStart = "/opt/Ada/bot.py";
EnvironmentFile = "/opt/Ada/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

71
services/bot_discord/bde.nix
View file

@ -1,39 +1,44 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.bde;
cfg = config.service.bot_discord.bde;
in
{
config = lib.mkIf cfg {
users = {
groups.dsc_bde = {
name = "dsc_bde";
};
users.dsc_bde = {
description = "Utilisateur pour le bot BDE";
group = "dsc_bde";
home = "/opt/bde";
isSystemUser = true;
};
};
config = lib.mkIf cfg {
users = {
groups.dsc_bde = {
name = "dsc_bde";
};
users.dsc_bde = {
description = "Utilisateur pour le bot BDE";
group = "dsc_bde";
home = "/opt/bde";
isSystemUser = true;
};
};
systemd.services.bot_bde = {
description = "BDE discord bot public";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_bde";
WorkingDirectory = "/opt/Bde";
ExecStart = "/opt/Bde/.venv/bin/python /opt/Bde/bot.py";
EnvironmentFile = "/opt/Bde/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
systemd.services.bot_bde = {
description = "BDE discord bot public";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_bde";
WorkingDirectory = "/opt/Bde";
ExecStart = "/opt/Bde/.venv/bin/python /opt/Bde/bot.py";
EnvironmentFile = "/opt/Bde/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

71
services/bot_discord/bot_loc.nix
View file

@ -1,39 +1,44 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.tut;
cfg = config.service.bot_discord.tut;
in
{
config = lib.mkIf cfg {
users = {
groups.dsc_loc = {
name = "dsc_loc";
};
users.dsc_loc = {
description = "Utilisateur pour le bot tut";
group = "dsc_loc";
home = "/opt/alerte_poste-master";
isSystemUser = true;
};
};
config = lib.mkIf cfg {
users = {
groups.dsc_loc = {
name = "dsc_loc";
};
users.dsc_loc = {
description = "Utilisateur pour le bot tut";
group = "dsc_loc";
home = "/opt/alerte_poste-master";
isSystemUser = true;
};
};
systemd.services.bot_loc = {
description = "loc discord bot public";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_loc";
WorkingDirectory = "/opt/alerte-poste";
ExecStart = "/opt/alerte-poste/.venv/bin/python /opt/alerte-poste/src/main.py";
EnvironmentFile = "/opt/alerte-poste/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
systemd.services.bot_loc = {
description = "loc discord bot public";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_loc";
WorkingDirectory = "/opt/alerte-poste";
ExecStart = "/opt/alerte-poste/.venv/bin/python /opt/alerte-poste/src/main.py";
EnvironmentFile = "/opt/alerte-poste/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

87
services/bot_discord/marty.nix
View file

@ -1,47 +1,52 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.marty;
cfg = config.service.bot_discord.marty;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_marty = {
name = "dsc_marty";
};
users.dsc_marty = {
description = "Utilisateur pour le bot BDE";
group = "dsc_marty";
home = "/opt/marty";
isSystemUser = true;
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_marty = {
name = "dsc_marty";
};
users.dsc_marty = {
description = "Utilisateur pour le bot BDE";
group = "dsc_marty";
home = "/opt/marty";
isSystemUser = true;
};
};
systemd.services.bot_marty = {
description = "marty discord bot";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_marty";
WorkingDirectory = "/opt/marty";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
ExecStartPre = [
"${pkgs.nodejs}/bin/npm install"
"${pkgs.nodejs}/bin/npm run build"
];
ExecStart = "${pkgs.nodejs}/bin/npm run start-prod";
EnvironmentFile = "/opt/marty/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
systemd.services.bot_marty = {
description = "marty discord bot";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_marty";
WorkingDirectory = "/opt/marty";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
ExecStartPre = [
"${pkgs.nodejs}/bin/npm install"
"${pkgs.nodejs}/bin/npm run build"
];
ExecStart = "${pkgs.nodejs}/bin/npm run start-prod";
EnvironmentFile = "/opt/marty/.env";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

77
services/bot_discord/master.nix
View file

@ -1,41 +1,46 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.master;
cfg = config.service.bot_discord.master;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
go
];
users = {
groups.dsc_master = {
name = "dsc_master";
};
users.dsc_master = {
description = "Utilisateur pour le bot master";
group = "dsc_master";
home = "/opt/master";
isSystemUser = true;
};
};
systemd.services.yagpdb = {
description = "Enium discord master bot";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_master";
WorkingDirectory = "/opt/yagpdb/cmd/yagpdb";
ExecStart = "/opt/yagpdb/cmd/yagpdb/yagpdb -all -pa";
EnvironmentFile = "/opt/yagpdb/cmd/yagpdb/sampleenvfile";
Restart = "on-failure";
RestartSec = 5;
};
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
go
];
users = {
groups.dsc_master = {
name = "dsc_master";
};
users.dsc_master = {
description = "Utilisateur pour le bot master";
group = "dsc_master";
home = "/opt/master";
isSystemUser = true;
};
};
systemd.services.yagpdb = {
description = "Enium discord master bot";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "dsc_master";
WorkingDirectory = "/opt/yagpdb/cmd/yagpdb";
ExecStart = "/opt/yagpdb/cmd/yagpdb/yagpdb -all -pa";
EnvironmentFile = "/opt/yagpdb/cmd/yagpdb/sampleenvfile";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

69
services/bot_discord/music.nix
View file

@ -1,37 +1,42 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.music;
cfg = config.service.bot_discord.music;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_music = {
name = "dsc_music";
};
users.dsc_music = {
description = "Utilisateur pour le bot music";
group = "dsc_music";
home = "/opt/music";
isSystemUser = true;
};
};
systemd.services.music = {
description = "Enium discord bot for music";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "dsc_music";
WorkingDirectory = "/opt/music";
ExecStart = "${pkgs.nodejs}/bin/npm start";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
Restart = "on-failure";
RestartSec = 5;
};
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_music = {
name = "dsc_music";
};
users.dsc_music = {
description = "Utilisateur pour le bot music";
group = "dsc_music";
home = "/opt/music";
isSystemUser = true;
};
};
systemd.services.music = {
description = "Enium discord bot for music";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "dsc_music";
WorkingDirectory = "/opt/music";
ExecStart = "${pkgs.nodejs}/bin/npm start";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

69
services/bot_discord/tempvoc.nix
View file

@ -1,37 +1,42 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.tempvoc;
cfg = config.service.bot_discord.tempvoc;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_tempvoc = {
name = "dsc_tempvoc";
};
users.dsc_tempvoc = {
description = "Utilisateur pour le bot tempvoc";
group = "dsc_tempvoc";
home = "/opt/tempvoc";
isSystemUser = true;
};
};
systemd.services.tempvoc = {
description = "Enium discord bot for tempvoc";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "dsc_tempvoc";
WorkingDirectory = "/opt/tempvoc";
ExecStart = "${pkgs.nodejs}/bin/npm start";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
Restart = "on-failure";
RestartSec = 5;
};
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_tempvoc = {
name = "dsc_tempvoc";
};
users.dsc_tempvoc = {
description = "Utilisateur pour le bot tempvoc";
group = "dsc_tempvoc";
home = "/opt/tempvoc";
isSystemUser = true;
};
};
systemd.services.tempvoc = {
description = "Enium discord bot for tempvoc";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "dsc_tempvoc";
WorkingDirectory = "/opt/tempvoc";
ExecStart = "${pkgs.nodejs}/bin/npm start";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

69
services/bot_discord/ticket.nix
View file

@ -1,37 +1,42 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.bot_discord.ticket;
cfg = config.service.bot_discord.ticket;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_ticket = {
name = "dsc_ticket";
};
users.dsc_ticket = {
description = "Utilisateur pour le bot ticket";
group = "dsc_ticket";
home = "/opt/ticket";
isSystemUser = true;
};
};
systemd.services.ticket = {
description = "Service for ticket";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "dsc_ticket";
WorkingDirectory = "/opt/ticket";
ExecStart = "${pkgs.nodejs}/bin/npm start";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
Restart = "on-failure";
RestartSec = 5;
};
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
];
users = {
groups.dsc_ticket = {
name = "dsc_ticket";
};
users.dsc_ticket = {
description = "Utilisateur pour le bot ticket";
group = "dsc_ticket";
home = "/opt/ticket";
isSystemUser = true;
};
};
systemd.services.ticket = {
description = "Service for ticket";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "dsc_ticket";
WorkingDirectory = "/opt/ticket";
ExecStart = "${pkgs.nodejs}/bin/npm start";
Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin";
Restart = "on-failure";
RestartSec = 5;
};
};
};
}

161
services/discord.nix
View file

@ -1,84 +1,89 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
master_bot = import ./bot_discord/master.nix {
inherit config pkgs lib;
};
music_bot = import ./bot_discord/music.nix {
inherit config pkgs lib;
};
tempvoc_bot = import ./bot_discord/tempvoc.nix {
inherit config pkgs lib;
};
ada_bot = import ./bot_discord/ada.nix {
inherit config pkgs lib;
};
tut_bot = import ./bot_discord/bot_loc.nix {
inherit config pkgs lib;
};
bde_bot = import ./bot_discord/bde.nix {
inherit config pkgs lib;
};
marty_bot = import ./bot_discord/marty.nix {
inherit config pkgs lib;
};
ticket_bot = import ./bot_discord/ticket.nix {
inherit config pkgs lib;
};
cfg = config.service.bot_discord;
master_bot = import ./bot_discord/master.nix {
inherit config pkgs lib;
};
music_bot = import ./bot_discord/music.nix {
inherit config pkgs lib;
};
tempvoc_bot = import ./bot_discord/tempvoc.nix {
inherit config pkgs lib;
};
ada_bot = import ./bot_discord/ada.nix {
inherit config pkgs lib;
};
tut_bot = import ./bot_discord/bot_loc.nix {
inherit config pkgs lib;
};
bde_bot = import ./bot_discord/bde.nix {
inherit config pkgs lib;
};
marty_bot = import ./bot_discord/marty.nix {
inherit config pkgs lib;
};
ticket_bot = import ./bot_discord/ticket.nix {
inherit config pkgs lib;
};
cfg = config.service.bot_discord;
in
{
imports = [
ada_bot
bde_bot
tut_bot
master_bot
music_bot
tempvoc_bot
ticket_bot
marty_bot
];
imports = [
ada_bot
bde_bot
tut_bot
master_bot
music_bot
tempvoc_bot
ticket_bot
marty_bot
];
options.service.bot_discord = {
master = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable master bot";
};
ada = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable ada bot";
};
tut = lib.mkOption {
type = lib.types.bool;
default = false;
description = "enable tut bot";
};
bde = lib.mkOption {
type = lib.types.bool;
default = false;
description = "enable bde bot";
};
marty = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable marty bot";
};
music = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable music bot";
};
tempvoc = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable tempvoc bot";
};
ticket = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable ticket bot";
};
};
options.service.bot_discord = {
master = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable master bot";
};
ada = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable ada bot";
};
tut = lib.mkOption {
type = lib.types.bool;
default = false;
description = "enable tut bot";
};
bde = lib.mkOption {
type = lib.types.bool;
default = false;
description = "enable bde bot";
};
marty = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable marty bot";
};
music = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable music bot";
};
tempvoc = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable tempvoc bot";
};
ticket = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable ticket bot";
};
};
}

35
services/forty_two.nix
View file

@ -1,21 +1,26 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
irc = import ./forty_two/irc.nix {
inherit config pkgs lib;
};
cfg = config.service.forty_two;
irc = import ./forty_two/irc.nix {
inherit config pkgs lib;
};
cfg = config.service.forty_two;
in
{
imports = [
irc
];
imports = [
irc
];
options.service.forty_two = {
irc = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the ft_irc server";
};
};
options.service.forty_two = {
irc = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the ft_irc server";
};
};
}

83
services/forty_two/irc.nix
View file

@ -1,45 +1,50 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.forty_two.irc;
cfg = config.service.forty_two.irc;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
llvmPackages.clang
llvmPackages.clang-tools
gnumake
];
users = {
groups.ft_irc = {
name = "ft_irc";
};
users.ft_irc = {
description = "Utilisateur the ft_irc server";
group = "ft_irc";
home = "/opt/irc/";
isSystemUser = true;
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
llvmPackages.clang
llvmPackages.clang-tools
gnumake
];
users = {
groups.ft_irc = {
name = "ft_irc";
};
users.ft_irc = {
description = "Utilisateur the ft_irc server";
group = "ft_irc";
home = "/opt/irc/";
isSystemUser = true;
};
};
systemd.services.ft_irc = {
description = "Upload our irc on my own server";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "ft_irc";
WorkingDirectory = "/opt/irc";
ExecStartPre = "${pkgs.git}/bin/git pull";
ExecStart = "/opt/irc/ircserv 4243 irc";
Restart = "on-failure";
RestartSec = 30;
RemainAfterExit = false;
};
};
};
systemd.services.ft_irc = {
description = "Upload our irc on my own server";
after = [
"network.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
Type = "simple";
User = "ft_irc";
WorkingDirectory = "/opt/irc";
ExecStartPre = "${pkgs.git}/bin/git pull";
ExecStart = "/opt/irc/ircserv 4243 irc";
Restart = "on-failure";
RestartSec = 30;
RemainAfterExit = false;
};
};
};
}

17
services/games.nix
View file

@ -1,12 +1,23 @@
{ inputs, config, pkgs, lib, ... }:
{
inputs,
config,
pkgs,
lib,
...
}:
let
enium-pv = import ./games/minecraft.nix {
inherit inputs config pkgs lib;
inherit
inputs
config
pkgs
lib
;
};
cfg = config.service;
in
{
{
imports = [
enium-pv
];

64
services/games/minecraft.nix
View file

@ -1,36 +1,42 @@
{ inputs, config, pkgs, lib, ... }:
{
inputs,
config,
pkgs,
lib,
...
}:
let
cfg = config.service.games.enium-pv;
cfg = config.service.games.enium-pv;
in
{
imports = [
inputs.minecraft.nixosModules.minecraft-servers
];
imports = [
inputs.minecraft.nixosModules.minecraft-servers
];
config = lib.mkIf cfg {
nixpkgs.overlays = [
inputs.minecraft.overlay
];
services.minecraft-servers = {
enable = true;
eula = true;
config = lib.mkIf cfg {
nixpkgs.overlays = [
inputs.minecraft.overlay
];
services.minecraft-servers = {
enable = true;
eula = true;
servers.enium-pv = {
enable = true;
package = pkgs.fabricServers.fabric-1_20_1;
jvmOpts = "-Xms4092M -Xmx4092M";
serverProperties = {
difficulty = 3;
gamemode = 0;
max-players = 42;
motd = "§l §3 Enium Survival§r\n§l §b Whitelisted Server";
server-port = 64421;
spawn-protection=16;
white-list = true;
};
restart = "no";
};
};
};
servers.enium-pv = {
enable = true;
package = pkgs.fabricServers.fabric-1_20_1;
jvmOpts = "-Xms4092M -Xmx4092M";
serverProperties = {
difficulty = 3;
gamemode = 0;
max-players = 42;
motd = "§l §3 Enium Survival§r\n§l §b Whitelisted Server";
server-port = 64421;
spawn-protection = 16;
white-list = true;
};
restart = "no";
};
};
};
}

166
services/self_host.nix
View file

@ -1,71 +1,107 @@
{ inputs, config, pkgs, lib, ... }:
{
inputs,
config,
pkgs,
lib,
...
}:
let
htop = import ./self_host/htop.nix {
inherit inputs config pkgs lib;
};
mail = import ./self_host/mail.nix {
inherit inputs config pkgs lib;
};
monitor = import ./self_host/monitor.nix {
inherit inputs config pkgs lib;
};
teamspeak = import ./self_host/teamspeak.nix {
inherit inputs config pkgs lib;
};
ollama = import ./self_host/ollama.nix {
inherit inputs config pkgs lib;
};
nextcloud = import ./self_host/nextcloud.nix {
inherit inputs config pkgs lib;
};
cfg = config.service.selfhost;
htop = import ./self_host/htop.nix {
inherit
inputs
config
pkgs
lib
;
};
mail = import ./self_host/mail.nix {
inherit
inputs
config
pkgs
lib
;
};
monitor = import ./self_host/monitor.nix {
inherit
inputs
config
pkgs
lib
;
};
teamspeak = import ./self_host/teamspeak.nix {
inherit
inputs
config
pkgs
lib
;
};
ollama = import ./self_host/ollama.nix {
inherit
inputs
config
pkgs
lib
;
};
nextcloud = import ./self_host/nextcloud.nix {
inherit
inputs
config
pkgs
lib
;
};
cfg = config.service.selfhost;
in
{
imports = [
nextcloud
mail
htop
ollama
teamspeak
monitor
];
imports = [
nextcloud
mail
htop
ollama
teamspeak
monitor
];
config = {
services.nginx = {
enable = true;
};
};
options.service.selfhost = {
htop = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the htop";
};
teamspeak = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the teamspeak";
};
ollama = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the ollama";
};
mail = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the mail";
};
monitor = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the monitor";
};
nextcloud = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the nextcloud";
};
};
config = {
services.nginx = {
enable = true;
};
};
options.service.selfhost = {
htop = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the htop";
};
teamspeak = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the teamspeak";
};
ollama = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the ollama";
};
mail = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the mail";
};
monitor = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the monitor";
};
nextcloud = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the nextcloud";
};
};
}

35
services/self_host/htop.nix
View file

@ -1,21 +1,26 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.monitor;
cfg = config.service.selfhost.monitor;
in
{
config = lib.mkIf cfg {
services = {
glances.enable = true;
config = lib.mkIf cfg {
services = {
glances.enable = true;
nginx.virtualHosts."htop.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:61208";
proxyWebsockets = true;
};
};
};
};
nginx.virtualHosts."htop.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:61208";
proxyWebsockets = true;
};
};
};
};
}

77
services/self_host/mail.nix
View file

@ -1,42 +1,47 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.mail;
cfg = config.service.selfhost.mail;
in
{
config = lib.mkIf cfg {
services.rspamd.enable = true;
mailserver = {
enable = true;
stateVersion = 3;
fqdn = "mail.enium.eu";
domains = [
"enium.eu"
];
loginAccounts = {
"no-reply@enium.eu" = {
hashedPasswordFile = "/root/mail-passwd.txt";
};
};
certificateScheme = "acme-nginx";
};
config = lib.mkIf cfg {
services.rspamd.enable = true;
mailserver = {
enable = true;
stateVersion = 3;
fqdn = "mail.enium.eu";
domains = [
"enium.eu"
];
loginAccounts = {
"no-reply@enium.eu" = {
hashedPasswordFile = "/root/mail-passwd.txt";
};
};
certificateScheme = "acme-nginx";
};
services = {
roundcube = {
enable = true;
hostName = "mail.enium.eu";
extraConfig = ''
$config['smtp_host'] = "tls://mail.enium.eu";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
nginx = {
virtualHosts."mail.enium.eu" = {
forceSSL = true;
enableACME = true;
};
};
};
};
services = {
roundcube = {
enable = true;
hostName = "mail.enium.eu";
extraConfig = ''
$config['smtp_host'] = "tls://mail.enium.eu";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
nginx = {
virtualHosts."mail.enium.eu" = {
forceSSL = true;
enableACME = true;
};
};
};
};
}

341
services/self_host/monitor.nix
View file

@ -1,170 +1,189 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.monitor;
monitored = [ "nginx" "grafana" ];
email = "raphael@enium.eu";
cfg = config.service.selfhost.monitor;
monitored = [
"nginx"
"grafana"
];
email = "raphael@enium.eu";
in
{
config = lib.mkIf cfg {
services.grafana = {
enable = true;
package = pkgs.grafana;
dataDir = "/var/lib/grafana";
};
environment.etc."process-exporter.json".text = builtins.toJSON {
procMatchers = lib.map (svc: {
name = svc;
cmdline = [
"${svc}:"
];
}) monitored;
};
systemd.services.process_exporter = {
description = "Prometheus Process Exporter";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json";
Restart = "always";
};
};
services.prometheus = {
enable = true;
checkConfig = false;
exporters = {
blackbox = {
enable = true;
configFile = pkgs.writeText "blackbox-exporter.yml" ''
modules:
http_2xx:
prober: http
timeout: 5s
http:
valid_http_versions: ["HTTP/1.1", "HTTP/2.0"]
valid_status_codes: []
method: GET
no_follow_redirects: false
fail_if_not_ssl: false
'';
};
node.enable = true;
systemd.enable = true;
};
scrapeConfigs = [
{
job_name = "systemd_exporter";
metrics_path = "/metrics";
static_configs = [{
targets = [
"127.0.0.1:9558"
];
}];
}
{
job_name = "node_exporter";
static_configs = [{
targets = [
"127.0.0.1:9100"
];
}];
}
{
job_name = "process_exporter";
metrics_path = "/metrics";
scheme = "http";
static_configs = [{
targets = [
"127.0.0.1:9256"
];
}];
}
{
job_name = "blackbox_http_probe";
metrics_path = "/probe";
params = {
module = [
"http_2xx"
];
};
static_configs = [{
targets = [
"https://raphael.parodi.pro"
"https://nextcloud.enium.eu"
"https://htop.enium.eu"
"https://monitor.enium.eu"
"https://ollama.enium.eu"
"http://relance-pas-stp.me:4242"
];
}];
relabel_configs = [
{ source_labels = [ "__address__" ];
target_label = "__param_target";
}
{ source_labels = [ "__param_target" ];
target_label = "instance";
}
{ target_label = "__address__";
replacement = "127.0.0.1:9115";
}
];
proxy_url = "http://127.0.0.1:9115";
}
];
ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ];
};
environment.etc."prometheus/services.rules".text = ''
groups:
- name: services
rules:
- alert: nginxServiceDown
expr: process_up{job="process_exporter",name="nginx"} == 0
for: 1m
labels:
severity: critical
annotations:
summary: "Processus nginx arrêté"
description: "Le processus nginx ne tourne plus depuis >1m."
config = lib.mkIf cfg {
services.grafana = {
enable = true;
package = pkgs.grafana;
dataDir = "/var/lib/grafana";
};
- alert: nginxServiceUp
expr: process_up{job="process_exporter",name="nginx"} == 1
for: 1m
labels:
severity: info
annotations:
summary: "Processus nginx rétabli"
description: "Le processus nginx tourne de nouveau."
environment.etc."process-exporter.json".text = builtins.toJSON {
procMatchers = lib.map (svc: {
name = svc;
cmdline = [
"${svc}:"
];
}) monitored;
};
- alert: grafanaServiceDown
expr: process_up{job="process_exporter",name="grafana"} == 0
for: 1m
labels:
severity: critical
annotations:
summary: "Processus grafana arrêté"
description: "Le processus grafana ne tourne plus depuis >1m."
systemd.services.process_exporter = {
description = "Prometheus Process Exporter";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json";
Restart = "always";
};
};
- alert: grafanaServiceUp
expr: process_up{job="process_exporter",name="grafana"} == 1
for: 1m
labels:
severity: info
annotations:
summary: "Processus grafana rétabli"
description: "Le processus grafana tourne de nouveau."
'';
services.prometheus = {
enable = true;
checkConfig = false;
exporters = {
blackbox = {
enable = true;
configFile = pkgs.writeText "blackbox-exporter.yml" ''
modules:
http_2xx:
prober: http
timeout: 5s
http:
valid_http_versions: ["HTTP/1.1", "HTTP/2.0"]
valid_status_codes: []
method: GET
no_follow_redirects: false
fail_if_not_ssl: false
'';
};
node.enable = true;
systemd.enable = true;
};
scrapeConfigs = [
{
job_name = "systemd_exporter";
metrics_path = "/metrics";
static_configs = [
{
targets = [
"127.0.0.1:9558"
];
}
];
}
{
job_name = "node_exporter";
static_configs = [
{
targets = [
"127.0.0.1:9100"
];
}
];
}
{
job_name = "process_exporter";
metrics_path = "/metrics";
scheme = "http";
static_configs = [
{
targets = [
"127.0.0.1:9256"
];
}
];
}
{
job_name = "blackbox_http_probe";
metrics_path = "/probe";
params = {
module = [
"http_2xx"
];
};
static_configs = [
{
targets = [
"https://raphael.parodi.pro"
"https://nextcloud.enium.eu"
"https://htop.enium.eu"
"https://monitor.enium.eu"
"https://ollama.enium.eu"
"http://relance-pas-stp.me:4242"
];
}
];
relabel_configs = [
{
source_labels = [ "__address__" ];
target_label = "__param_target";
}
{
source_labels = [ "__param_target" ];
target_label = "instance";
}
{
target_label = "__address__";
replacement = "127.0.0.1:9115";
}
];
proxy_url = "http://127.0.0.1:9115";
}
];
ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ];
};
services.nginx.virtualHosts."monitor.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3000";
proxyWebsockets = true;
};
};
};
environment.etc."prometheus/services.rules".text = ''
groups:
- name: services
rules:
- alert: nginxServiceDown
expr: process_up{job="process_exporter",name="nginx"} == 0
for: 1m
labels:
severity: critical
annotations:
summary: "Processus nginx arrêté"
description: "Le processus nginx ne tourne plus depuis >1m."
- alert: nginxServiceUp
expr: process_up{job="process_exporter",name="nginx"} == 1
for: 1m
labels:
severity: info
annotations:
summary: "Processus nginx rétabli"
description: "Le processus nginx tourne de nouveau."
- alert: grafanaServiceDown
expr: process_up{job="process_exporter",name="grafana"} == 0
for: 1m
labels:
severity: critical
annotations:
summary: "Processus grafana arrêté"
description: "Le processus grafana ne tourne plus depuis >1m."
- alert: grafanaServiceUp
expr: process_up{job="process_exporter",name="grafana"} == 1
for: 1m
labels:
severity: info
annotations:
summary: "Processus grafana rétabli"
description: "Le processus grafana tourne de nouveau."
'';
services.nginx.virtualHosts."monitor.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:3000";
proxyWebsockets = true;
};
};
};
}

71
services/self_host/nextcloud.nix
View file

@ -1,38 +1,43 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.nextcloud;
dataDir = "/mnt/data/nextcloud";
cfg = config.service.selfhost.nextcloud;
dataDir = "/mnt/data/nextcloud";
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
php
];
services = {
nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud31;
hostName = "nextcloud.enium.eu";
datadir = "/mnt/data/nextcloud/";
config = {
adminpassFile = "/etc/nextcloud-pass.txt";
adminuser = "OwnedByTheEniumTeam";
dbtype = "sqlite";
};
settings = {
trusted_domains = [
"192.168.1.254"
];
default_phone_region = "FR";
};
};
nginx.virtualHosts."nextcloud.enium.eu".enableACME = true;
nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true;
nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = ''
fastcgi_pass unix:/run/phpfpm-nextcloud.sock;
'';
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
php
];
services = {
nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud31;
hostName = "nextcloud.enium.eu";
datadir = "/mnt/data/nextcloud/";
config = {
adminpassFile = "/etc/nextcloud-pass.txt";
adminuser = "OwnedByTheEniumTeam";
dbtype = "sqlite";
};
settings = {
trusted_domains = [
"192.168.1.254"
];
default_phone_region = "FR";
};
};
nginx.virtualHosts."nextcloud.enium.eu".enableACME = true;
nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true;
nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = ''
fastcgi_pass unix:/run/phpfpm-nextcloud.sock;
'';
};
};
}

55
services/self_host/ollama.nix
View file

@ -1,31 +1,36 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.ollama;
cfg = config.service.selfhost.ollama;
in
{
config = lib.mkIf cfg {
services = {
ollama = {
enable = true;
loadModels = [
"qwen2.5:3b"
];
acceleration = "cuda";
};
config = lib.mkIf cfg {
services = {
ollama = {
enable = true;
loadModels = [
"qwen2.5:3b"
];
acceleration = "cuda";
};
open-webui = {
enable = true;
port = 13007;
};
nginx.virtualHosts."ollama.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:13007";
proxyWebsockets = true;
};
};
};
};
open-webui = {
enable = true;
port = 13007;
};
nginx.virtualHosts."ollama.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:13007";
proxyWebsockets = true;
};
};
};
};
}

39
services/self_host/teamspeak.nix
View file

@ -1,23 +1,28 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.selfhost.monitor;
cfg = config.service.selfhost.monitor;
in
{
config = lib.mkIf cfg {
services = {
teamspeak3 = {
enable = true;
};
config = lib.mkIf cfg {
services = {
teamspeak3 = {
enable = true;
};
nginx.virtualHosts."ts.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:9987";
proxyWebsockets = true;
};
};
};
};
nginx.virtualHosts."ts.enium.eu" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:9987";
proxyWebsockets = true;
};
};
};
};
}

69
services/web.nix
View file

@ -1,35 +1,46 @@
{ inputs, config, pkgs, lib, ... }:
{
inputs,
config,
pkgs,
lib,
...
}:
let
portefolio = import ./web/portefolio.nix {
inherit inputs config pkgs lib;
};
cfg = config.service.web;
portefolio = import ./web/portefolio.nix {
inherit
inputs
config
pkgs
lib
;
};
cfg = config.service.web;
in
{
imports = [
portefolio
];
imports = [
portefolio
];
config = {
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "raphael@parodi.pro";
certs = {
"raphael.parodi.pro" = {};
};
};
};
options.service.web = {
portefolio = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the portefolio";
};
};
config = {
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "raphael@parodi.pro";
certs = {
"raphael.parodi.pro" = { };
};
};
};
options.service.web = {
portefolio = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Enable the portefolio";
};
};
}

79
services/web/portefolio.nix
View file

@ -1,43 +1,48 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.service.web.portefolio;
cfg = config.service.web.portefolio;
in
{
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
pnpm
];
users = {
groups.web_portefolio = {
name = "web_portefolio";
};
users.web_portefolio = {
description = "Utilisateur pour le bot BDE";
group = "web_portefolio";
home = "/opt/portefolio/";
isSystemUser = true;
};
};
config = lib.mkIf cfg {
environment.systemPackages = with pkgs; [
nodejs
pnpm
];
users = {
groups.web_portefolio = {
name = "web_portefolio";
};
users.web_portefolio = {
description = "Utilisateur pour le bot BDE";
group = "web_portefolio";
home = "/opt/portefolio/";
isSystemUser = true;
};
};
services.nginx = {
virtualHosts."raphael.parodi.pro" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/opt/portefolio/dist";
index = "index.html";
extraConfig = ''
try_files $uri /index.html;
'';
};
};
};
security.acme = {
certs = {
"raphael.parodi.pro" = {};
};
};
};
services.nginx = {
virtualHosts."raphael.parodi.pro" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = "/opt/portefolio/dist";
index = "index.html";
extraConfig = ''
try_files $uri /index.html;
'';
};
};
};
security.acme = {
certs = {
"raphael.parodi.pro" = { };
};
};
};
}