From fb551a15cf70c528a3be671d1797bdc65b25aca4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= Date: Sat, 3 Jan 2026 21:08:34 +0100 Subject: [PATCH] Added traefik.nix. Added git to packages. Try to get automount working. Edited secrets to get them working. --- deploy.sh | 3 +- templates/nix-config/configuration.nix | 1 + templates/nix-config/disks/content.nix | 2 +- templates/nix-config/disks/parity.nix | 2 +- templates/nix-config/sops-nix/secrets.yaml | 86 +++++++++++----------- 5 files changed, 48 insertions(+), 46 deletions(-) diff --git a/deploy.sh b/deploy.sh index cd07906..3123078 100644 --- a/deploy.sh +++ b/deploy.sh @@ -325,6 +325,7 @@ files_generation() { sed -i "s|TARGET_INTERFACE|${SENDER_EMAIL_ADDRESS}|g" final-nix-config/etc/nixos/misc/mail.nix echo -e "\n✅ Writing configuration files for the selected homelab services..." + cp templates/nix-config/podman/traefik.nix final-nix-config/etc/nixos/podman/traefik.nix envsubst < templates/podman-config/traefik/traefik.yaml > final-nix-config/mnt/config/traefik/traefik.yaml for service in "${SELECTED_SERVICES[@]}"; do @@ -527,7 +528,7 @@ EOF (envsubst < "templates/nix-config/disks/content.nix") >> final-nix-config/etc/nixos/disks/disko.nix SNAPRAID_CONTENT_FILES+=" \"/mnt/content-${j}/snapraid.content\""$'\n' SNAPRAID_DATA_DISKS+=" d${j} = \"/mnt/content-${j}\";"$'\n' - MERGERFS_REQ_DEPS+=" \"x-systemd.requires=/mnt/content-${j}\""$'\n' + MERGERFS_REQ_DEPS+=" \"x-systemd.requires-mounts-for=/mnt/content-${j}\""$'\n' done echo -e "\n✅ Generated $CONTENT_DISK_NUMBER data disk configuration(s)." j=0 diff --git a/templates/nix-config/configuration.nix b/templates/nix-config/configuration.nix index e5280dd..fe28a54 100644 --- a/templates/nix-config/configuration.nix +++ b/templates/nix-config/configuration.nix @@ -78,6 +78,7 @@ # Install packages environment.systemPackages = with pkgs; [ + git ncdu fastfetch tpm2-tss diff --git a/templates/nix-config/disks/content.nix b/templates/nix-config/disks/content.nix index 11189af..08036bd 100644 --- a/templates/nix-config/disks/content.nix +++ b/templates/nix-config/disks/content.nix @@ -18,7 +18,7 @@ type = "filesystem"; format = "xfs"; mountpoint = "/mnt/content-${j}"; - mountOptions = [ "noauto" "nofail" "x-systemd.automount" ]; + mountOptions = [ "noauto" "nofail" ]; }; }; }; diff --git a/templates/nix-config/disks/parity.nix b/templates/nix-config/disks/parity.nix index 0cf33d8..6831500 100644 --- a/templates/nix-config/disks/parity.nix +++ b/templates/nix-config/disks/parity.nix @@ -18,7 +18,7 @@ type = "filesystem"; format = "xfs"; mountpoint = "/mnt/parity-${j}"; - mountOptions = [ "noauto" "nofail" "x-systemd.automount" ]; + mountOptions = [ "noauto" "nofail" ]; }; }; }; diff --git a/templates/nix-config/sops-nix/secrets.yaml b/templates/nix-config/sops-nix/secrets.yaml index 63067dc..deab7ac 100644 --- a/templates/nix-config/sops-nix/secrets.yaml +++ b/templates/nix-config/sops-nix/secrets.yaml @@ -1,27 +1,27 @@ -ssh_public_keys: "${SSH_PUBLIC_KEY}" -sender_email_address_password: "${SENDER_EMAIL_ADDRESS_PASSWORD}" +ssh_public_keys: "$SSH_PUBLIC_KEY" +sender_email_address_password: "$SENDER_EMAIL_ADDRESS_PASSWORD" podman: frigate: | - DOMAIN_NAME="${DOMAIN_NAME}" - FRIGATE_MQTT_USER="${HOME_ASSISTANT_MQTT_USER}" - FRIGATE_MQTT_PASSWORD="${HOME_ASSISTANT_MQTT_PASSWORD}" + DOMAIN_NAME="$DOMAIN_NAME" + FRIGATE_MQTT_USER="$HOME_ASSISTANT_MQTT_USER" + FRIGATE_MQTT_PASSWORD="$HOME_ASSISTANT_MQTT_PASSWORD" gitea: | - DOMAIN_NAME="${DOMAIN_NAME}" - DB_NAME="${GITEA_DB_NAME}" - DB_USERNAME="${GITEA_DB_USERNAME}" - DB_PASSWORD="${GITEA_DB_PASSWORD}" + DOMAIN_NAME="$DOMAIN_NAME" + DB_NAME="$GITEA_DB_NAME" + DB_USERNAME="$GITEA_DB_USERNAME" + DB_PASSWORD="$GITEA_DB_PASSWORD" POSTGRES_HOST="gitea-database" POSTGRES_PORT="5432" home_assistant: | - DOMAIN_NAME="${DOMAIN_NAME}" - HOME_ASSISTANT_MQTT_USER="${HOME_ASSISTANT_MQTT_USER}" - HOME_ASSISTANT_MQTT_PASSWORD="${HOME_ASSISTANT_MQTT_PASSWORD}" + DOMAIN_NAME="$DOMAIN_NAME" + HOME_ASSISTANT_MQTT_USER="$HOME_ASSISTANT_MQTT_USER" + HOME_ASSISTANT_MQTT_PASSWORD="$HOME_ASSISTANT_MQTT_PASSWORD" immich: | - DOMAIN_NAME="${DOMAIN_NAME}" - DB_DATABASE_NAME="${IMMICH_DB_NAME}" - DB_USERNAME="${IMMICH_DB_USERNAME}" - DB_PASSWORD="${IMMICH_DB_PASSWORD}" + DOMAIN_NAME="$DOMAIN_NAME" + DB_DATABASE_NAME="$IMMICH_DB_NAME" + DB_USERNAME="$IMMICH_DB_USERNAME" + DB_PASSWORD="$IMMICH_DB_PASSWORD" IMMICH_VERSION="release" IMMICH_TRUSTED_PROXIES="172.16.50.253" REDIS_HOSTNAME="immich-redis" @@ -30,39 +30,39 @@ podman: DB_DATA_LOCATION="/mnt/config/immich/database" TZ="Europe/Paris" it_tools: | - DOMAIN_NAME="${DOMAIN_NAME}" + DOMAIN_NAME="$DOMAIN_NAME" nextcloud: | - DOMAIN_NAME="${DOMAIN_NAME}" - NEXTCLOUD_ENABLE_DRI_DEVICE="${TARGET_GRAPHICS}" + DOMAIN_NAME="$DOMAIN_NAME" + NEXTCLOUD_ENABLE_DRI_DEVICE="$TARGET_GRAPHICS" passbolt: | - DOMAIN_NAME="${DOMAIN_NAME}" - PASSBOLT_MYSQL_DATABASE="${PASSBOLT_DB_NAME}" - PASSBOLT_MYSQL_USER="${PASSBOLT_DB_USERNAME}" - PASSBOLT_MYSQL_PASSWORD="${PASSBOLT_DB_PASSWORD}" - SENDER_EMAIL_ADDRESS="${SENDER_EMAIL_ADDRESS}" - SENDER_EMAIL_ADDRESS_PASSWORD="${SENDER_EMAIL_ADDRESS_PASSWORD}" - SENDER_EMAIL_DOMAIN="${SENDER_EMAIL_DOMAIN}" - SENDER_EMAIL_PORT="${SENDER_EMAIL_PORT}" - EMAIL_ADDRESS="${EMAIL_ADDRESS}" + DOMAIN_NAME="$DOMAIN_NAME" + PASSBOLT_MYSQL_DATABASE="$PASSBOLT_DB_NAME" + PASSBOLT_MYSQL_USER="$PASSBOLT_DB_USERNAME" + PASSBOLT_MYSQL_PASSWORD="$PASSBOLT_DB_PASSWORD" + SENDER_EMAIL_ADDRESS="$SENDER_EMAIL_ADDRESS" + SENDER_EMAIL_ADDRESS_PASSWORD="$SENDER_EMAIL_ADDRESS_PASSWORD" + SENDER_EMAIL_DOMAIN="$SENDER_EMAIL_DOMAIN" + SENDER_EMAIL_PORT="$SENDER_EMAIL_PORT" + EMAIL_ADDRESS="$EMAIL_ADDRESS" TZ="Europe/Paris" pi_hole: | - DOMAIN_NAME="${DOMAIN_NAME}" - HOME_ROUTER_SUBNET="${HOME_ROUTER_SUBNET}" - HOME_ROUTER_IP="${HOME_ROUTER_IP}" - HOME_SERVER_IP="${HOME_SERVER_IP}" + DOMAIN_NAME="$DOMAIN_NAME" + HOME_ROUTER_SUBNET="$HOME_ROUTER_SUBNET" + HOME_ROUTER_IP="$HOME_ROUTER_IP" + HOME_SERVER_IP="$HOME_SERVER_IP" FTLCONF_webserver_api_password=$FTLCONF_WEBSERVER_PASSWORD TZ="Europe/Paris" traefik: | - DOMAIN_NAME="${DOMAIN_NAME}" - CF_DNS_API_TOKEN="${CF_DNS_API_TOKEN}" + DOMAIN_NAME="$DOMAIN_NAME" + CF_DNS_API_TOKEN="$CF_DNS_API_TOKEN" disks: - content-disk-1: "${CONTENT_DISK_1_KEY:-Undefined}" - content-disk-2: "${CONTENT_DISK_2_KEY:-Undefined}" - content-disk-3: "${CONTENT_DISK_3_KEY:-Undefined}" - content-disk-4: "${CONTENT_DISK_4_KEY:-Undefined}" - content-disk-5: "${CONTENT_DISK_5_KEY:-Undefined}" - content-disk-6: "${CONTENT_DISK_6_KEY:-Undefined}" - parity-disk-1: "${PARITY_DISK_1_KEY:-Undefined}" - parity-disk-2: "${PARITY_DISK_2_KEY:-Undefined}" - parity-disk-3: "${PARITY_DISK_3_KEY:-Undefined}" + content-disk-1: "$CONTENT_DISK_1_KEY" + content-disk-2: "$CONTENT_DISK_2_KEY" + content-disk-3: "$CONTENT_DISK_3_KEY" + content-disk-4: "$CONTENT_DISK_4_KEY" + content-disk-5: "$CONTENT_DISK_5_KEY" + content-disk-6: "$CONTENT_DISK_6_KEY" + parity-disk-1: "$PARITY_DISK_1_KEY" + parity-disk-2: "$PARITY_DISK_2_KEY" + parity-disk-3: "$PARITY_DISK_3_KEY"