diff options
Diffstat (limited to 'modules/services')
| -rw-r--r-- | modules/services/immich/default.nix | 55 | ||||
| -rw-r--r-- | modules/services/llm/default.nix | 70 | ||||
| -rw-r--r-- | modules/services/sftpgo/default.nix | 63 |
3 files changed, 0 insertions, 188 deletions
diff --git a/modules/services/immich/default.nix b/modules/services/immich/default.nix deleted file mode 100644 index 95da536..0000000 --- a/modules/services/immich/default.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.modules.services.immich; -in -{ - options.modules.services.immich = { - enable = mkEnableOption "immich"; - port = mkOption { - default = 2283; - type = types.int; - }; - url = mkOption { - default = null; - type = types.str; - }; - mediaDir = mkOption { - default = "/var/lib/immich"; - type = types.str; - }; - }; - - config = mkIf cfg.enable { - networking.firewall.allowedTCPPorts = mkIf (cfg.url != null) [ - 80 - 443 - ]; - - services.caddy = mkIf (cfg.url != null) { - enable = true; - virtualHosts = { - "photographs.brownbread.net".extraConfig = '' - encode zstd gzip - reverse_proxy http://localhost:${builtins.toString cfg.port} - ''; - }; - }; - - services.immich = { - enable = true; - package = pkgs.immich; - host = "localhost"; - port = cfg.port; - mediaLocation = cfg.mediaDir; - environment = { - IMMICH_LOG_LEVEL = "log"; - }; - }; - }; -} diff --git a/modules/services/llm/default.nix b/modules/services/llm/default.nix deleted file mode 100644 index e2e08a9..0000000 --- a/modules/services/llm/default.nix +++ /dev/null @@ -1,70 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; -let - cfg = config.modules.services.llm; -in -{ - options.modules.services.llm = { - enable = mkEnableOption "llm"; - port = mkOption { - default = 8080; - type = types.int; - description = "Which port the Open-WebUI server listens to."; - }; - subnet = mkOption { - default = null; - type = types.str; - description = "The network subnet allowed to acccess Open-WebUI and the ollama API"; - }; - nvidiaGpu = mkOption { - default = false; - type = types.bool; - description = "Use NVIDIA cuda for hardware acceleration."; - }; - models = mkOption { - default = [ ]; - type = types.listOf types.str; - description = "Automatically download these models."; - }; - }; - - config = mkIf cfg.enable { - services.ollama = { - enable = true; - acceleration = if cfg.nvidiaGpu then "cuda" else false; - loadModels = cfg.models; - }; - - services.open-webui = { - enable = true; - host = if cfg.subnet == null then "127.0.0.1" else "0.0.0.0"; - port = cfg.port; - }; - - # Only expose Open-WebUI and ollama API to the local network, since this - # server might have a public IPv6 address. - networking.firewall.extraCommands = - with config.services; - let - api = builtins.toString ollama.port; - web = builtins.toString open-webui.port; - in - mkIf (cfg.subnet != null) '' - iptables -A nixos-fw -p tcp --source ${cfg.subnet} --dport ${api}:${api} -j nixos-fw-accept - iptables -A nixos-fw -p tcp --source ${cfg.subnet} --dport ${web}:${web} -j nixos-fw-accept - ''; - - # Enable the proprietary NVIDIA drivers in a headless fashion. - hardware.graphics.enable = cfg.nvidiaGpu; - services.xserver.videoDrivers = mkIf cfg.nvidiaGpu [ "nvidia" ]; - hardware.nvidia = mkIf cfg.nvidiaGpu { - package = config.boot.kernelPackages.nvidiaPackages.stable; - open = false; - nvidiaPersistenced = true; - }; - }; -} diff --git a/modules/services/sftpgo/default.nix b/modules/services/sftpgo/default.nix deleted file mode 100644 index ae0af24..0000000 --- a/modules/services/sftpgo/default.nix +++ /dev/null @@ -1,63 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; -let - cfg = config.modules.services.sftpgo; -in -{ - options.modules.services.sftpgo = { - enable = mkEnableOption "sftpgo"; - port = mkOption { - default = 8080; - type = types.int; - }; - url = mkOption { - default = null; - type = types.str; - }; - dataDir = mkOption { - default = "/var/lib/sftpgo"; - type = types.str; - }; - }; - - config = - let - caddy = cfg.url != null; - in - mkIf cfg.enable { - networking.firewall.allowedTCPPorts = mkIf caddy [ - 80 - 443 - ]; - - services.caddy = mkIf caddy { - enable = true; - virtualHosts = { - ${cfg.url}.extraConfig = '' - root * /web/client - encode zstd gzip - reverse_proxy http://localhost:${builtins.toString cfg.port} - ''; - }; - }; - - services.sftpgo = { - enable = true; - package = pkgs.sftpgo; - dataDir = cfg.dataDir; - settings = { - httpd.bindings = lib.singleton { - port = cfg.port; - address = "0.0.0.0"; - enable_web_client = true; - enable_web_admin = true; - }; - }; - }; - }; -} |