aboutsummaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/retired/blocky/default.nix97
-rw-r--r--modules/retired/forgejo/default.nix72
-rw-r--r--modules/retired/kavita/default.nix28
-rw-r--r--modules/retired/mealie/default.nix22
-rw-r--r--modules/retired/mumble/default.nix11
-rw-r--r--modules/retired/navidrome/default.nix30
-rw-r--r--modules/retired/pihole/default.nix56
-rw-r--r--modules/retired/stirling-pdf/default.nix23
-rw-r--r--modules/retired/x11/default.nix33
-rw-r--r--modules/retired/xonotic/default.nix25
10 files changed, 0 insertions, 397 deletions
diff --git a/modules/retired/blocky/default.nix b/modules/retired/blocky/default.nix
deleted file mode 100644
index 302ef8e..0000000
--- a/modules/retired/blocky/default.nix
+++ /dev/null
@@ -1,97 +0,0 @@
-{ lib, pkgs, ... }:
-{
- services.blocky = {
- enable = true;
- package = pkgs.blocky;
- settings = {
- upstreams = {
- init.strategy = "fast";
- groups.default = [
- "9.9.9.9"
- "149.112.112.112"
- ];
- };
- bootstrapDns = lib.singleton {
- upstream = "https://dns.quad9.net/dns-query";
- ips = [ "9.9.9.9" ];
- };
- ports = {
- dns = 53;
- tls = 853;
- https = 443;
- };
- blocking = {
- denylists = {
- ads = [
- "https://adaway.org/hosts.txt"
- "https://v.firebog.net/hosts/AdguardDNS.txt"
- "https://v.firebog.net/hosts/Admiral.txt"
- "https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt"
- "https://v.firebog.net/hosts/Easylist.txt"
- "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext"
- "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/UncheckyAds/hosts"
- "https://raw.githubusercontent.com/bigdargon/hostsVN/master/hosts"
- ];
- malicious = [
- "https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt"
- "https://v.firebog.net/hosts/Prigent-Crypto.txt"
- "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Risk/hosts"
- "https://phishing.army/download/phishing_army_blocklist_extended.txt"
- "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt"
- "https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt"
- "https://raw.githubusercontent.com/AssoEchap/stalkerware-indicators/master/generated/hosts"
- "https://urlhaus.abuse.ch/downloads/hostfile/"
- "https://v.firebog.net/hosts/Prigent-Malware.txt"
- ];
- other = [
- "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
- ];
- suspicious = [
- "https://raw.githubusercontent.com/PolishFiltersTeam/KADhosts/master/KADhosts.txt"
- "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.Spam/hosts"
- "https://v.firebog.net/hosts/static/w3kbl.txt"
- "https://raw.githubusercontent.com/matomo-org/referrer-spam-blacklist/master/spammers.txt"
- "https://someonewhocares.org/hosts/zero/hosts"
- "https://raw.githubusercontent.com/VeleSila/yhosts/master/hosts"
- "https://winhelp2002.mvps.org/hosts.txt"
- "https://v.firebog.net/hosts/neohostsbasic.txt"
- "https://raw.githubusercontent.com/RooneyMcNibNug/pihole-stuff/master/SNAFU.txt"
- "https://paulgb.github.io/BarbBlock/blacklists/hosts-file.txt"
- ];
- tracking-telemetry = [
- "https://v.firebog.net/hosts/Easyprivacy.txt"
- "https://v.firebog.net/hosts/Prigent-Ads.txt"
- "https://raw.githubusercontent.com/FadeMind/hosts.extras/master/add.2o7Net/hosts"
- "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt"
- "https://hostfiles.frogeye.fr/firstparty-trackers-hosts.txt"
- "https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt"
- "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/android-tracking.txt"
- "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV.txt"
- "https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/AmazonFireTV.txt"
- "https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt"
- ];
- };
- clientGroupsBlock.default = [
- "ads"
- "malicious"
- "other"
- "suspicious"
- "tracking-telemetry"
- ];
- loading = {
- concurrency = 16;
- strategy = "failOnError";
- };
- };
- };
- };
-
- networking.firewall = {
- allowedTCPPorts = [
- 53
- 443
- 853
- ];
- allowedUDPPorts = [ 53 ];
- };
-}
diff --git a/modules/retired/forgejo/default.nix b/modules/retired/forgejo/default.nix
deleted file mode 100644
index cf4e101..0000000
--- a/modules/retired/forgejo/default.nix
+++ /dev/null
@@ -1,72 +0,0 @@
-{
- inputs,
- config,
- lib,
- pkgs,
- ...
-}:
-let
- domain = "git.tdback.net";
- port = 3000;
-in
-{
- services.forgejo = {
- enable = true;
- package = pkgs.unstable.forgejo;
- stateDir = "/tank/forgejo";
- database.type = "postgres";
- lfs.enable = true;
- settings = {
- server = {
- DOMAIN = domain;
- ROOT_URL = "https://${domain}/";
- HTTP_PORT = port;
- };
- service.DISABLE_REGISTRATION = true;
- actions = {
- ENABLED = true;
- DEFAULT_ACTIONS_URL = "https://${domain}";
- };
- };
- };
-
- age.secrets.forgejoAdminPass = {
- file = "${inputs.self}/secrets/forgejoAdminPass.age";
- mode = "770";
- owner = "forgejo";
- group = "forgejo";
- };
-
- systemd.services.forgejo.preStart =
- let
- adminCmd = "${lib.getExe config.services.forgejo.package} admin user";
- password = config.age.secrets.forgejoAdminPass.path;
- user = "tdback";
- email = "tyler@tdback.net";
- in
- ''
- ${adminCmd} create --admin --email ${email} --username ${user} --password "$(tr -d '\n' < ${password})" || true
- '';
-
- services.openssh.settings.AllowUsers = [ "forgejo" ];
-
- services.caddy.virtualHosts.${domain}.extraConfig = ''
- encode zstd gzip
- reverse_proxy http://localhost:${builtins.toString port}
- '';
-
- age.secrets.forgejoRunnerToken.file = "${inputs.self}/secrets/forgejoRunnerToken.age";
- services.gitea-actions-runner = {
- package = pkgs.unstable.forgejo-runner;
- instances.default = {
- enable = true;
- name = "monolith";
- url = "https://${domain}";
- tokenFile = config.age.secrets.forgejoRunnerToken.path;
- labels = [
- "ubuntu-latest:docker://node:20-bookworm"
- "ubuntu-22.04:docker://node:20-bookworm"
- ];
- };
- };
-}
diff --git a/modules/retired/kavita/default.nix b/modules/retired/kavita/default.nix
deleted file mode 100644
index 893eaef..0000000
--- a/modules/retired/kavita/default.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ ... }:
-let
- directories = [
- "/opt/kavita"
- ];
-in
-{
- systemd.tmpfiles.rules = map (x: "d ${x} 0755 share share - -") directories;
- virtualisation.oci-containers.containers.kavita = {
- image = "jvmilazz0/kavita:latest";
- autoStart = true;
- ports = [
- "5000:5000"
- ];
- volumes = [
- "/opt/kavita/config:/kavita/config"
- "/tank/media/library/Books:/books"
- ];
- environment = {
- TZ = "America/Detroit";
- };
- };
-
- services.caddy.virtualHosts."library.tdback.net".extraConfig = ''
- encode zstd gzip
- reverse_proxy http://localhost:5000
- '';
-}
diff --git a/modules/retired/mealie/default.nix b/modules/retired/mealie/default.nix
deleted file mode 100644
index 2d869ce..0000000
--- a/modules/retired/mealie/default.nix
+++ /dev/null
@@ -1,22 +0,0 @@
-{ config, pkgs, ... }:
-let
- domain = "toasted.brownbread.net";
-in
-{
- services.mealie = {
- enable = true;
- package = pkgs.unstable.mealie;
- settings = {
- BASE_URL = domain;
- DB_ENGINE = "sqlite";
- ALLOW_SIGNUP = "false";
- SECURITY_MAX_LOGIN_ATTEMPTS = 3;
- TZ = "America/Detroit";
- };
- };
-
- services.caddy.virtualHosts.${domain}.extraConfig = ''
- encode zstd gzip
- reverse_proxy http://localhost:${builtins.toString config.services.mealie.port}
- '';
-}
diff --git a/modules/retired/mumble/default.nix b/modules/retired/mumble/default.nix
deleted file mode 100644
index fa08d64..0000000
--- a/modules/retired/mumble/default.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ pkgs, ... }:
-{
- services.murmur = {
- enable = true;
- package = pkgs.murmur;
- port = 64738;
- openFirewall = true;
- environmentFile = "/var/lib/murmur/murmurd.env";
- password = "$MURMURD_PASSWORD";
- };
-}
diff --git a/modules/retired/navidrome/default.nix b/modules/retired/navidrome/default.nix
deleted file mode 100644
index aeb8f18..0000000
--- a/modules/retired/navidrome/default.nix
+++ /dev/null
@@ -1,30 +0,0 @@
-{ ... }:
-let
- directory = "/opt/navidrome";
-in
-{
- systemd.tmpfiles.rules = builtins.map (x: "d ${x} 0755 share share - -") [ directory ];
-
- virtualisation.oci-containers.containers.navidrome = {
- image = "deluan/navidrome:latest";
- autoStart = true;
- ports = [
- "4533:4533"
- ];
- volumes = [
- "${directory}/data:/data"
- "/tank/media/music:/music:ro"
- ];
- environment = {
- ND_SCANSCHEDULE = "1h";
- ND_LOGLEVEL = "info";
- ND_SESSIONTIMEOUT = "24h";
- ND_ENABLEUSEREDITING = "false";
- };
- };
-
- services.caddy.virtualHosts."radioactive.brownbread.net".extraConfig = ''
- encode zstd gzip
- reverse_proxy http://localhost:4533
- '';
-}
diff --git a/modules/retired/pihole/default.nix b/modules/retired/pihole/default.nix
deleted file mode 100644
index 3a95f8a..0000000
--- a/modules/retired/pihole/default.nix
+++ /dev/null
@@ -1,56 +0,0 @@
-{
- inputs,
- config,
- ...
-}:
-let
- ip = "10.0.0.203";
- interface = "eno1";
- directory = "/opt/pihole";
-in
-{
- systemd.tmpfiles.rules = builtins.map (x: "d ${x} 0755 share share - -") [ directory ];
-
- virtualisation.oci-containers.containers.pihole = {
- image = "pihole/pihole:latest";
- autoStart = true;
- ports = [
- "53:53/udp"
- "53:53/tcp"
- "80:80/tcp"
- ];
- volumes = [
- "${directory}/etc:/etc/pihole"
- "${directory}/etc-dnsmasq.d:/etc/dnsmasq.d"
- ];
- environment = {
- TZ = "America/Detroit";
- FTLCONF_LOCAL_IPV4 = ip;
- INTERFACE = interface;
- };
- extraOptions = [ "--network=host" ];
- };
-
- age.secrets.piholeAdminPass = {
- file = "${inputs.self}/secrets/piholeAdminPass.age";
- mode = "770";
- owner = "share";
- group = "share";
- };
-
- systemd.services.podman-pihole.postStart =
- let
- password = config.age.secrets.piholeAdminPass.path;
- in
- ''
- podman exec -it pihole pihole -a -p "$(tr -d '\n' < ${password})"
- '';
-
- networking.firewall = {
- allowedTCPPorts = [
- 53
- 80
- ];
- allowedUDPPorts = [ 53 ];
- };
-}
diff --git a/modules/retired/stirling-pdf/default.nix b/modules/retired/stirling-pdf/default.nix
deleted file mode 100644
index 904fd6d..0000000
--- a/modules/retired/stirling-pdf/default.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ ... }:
-let
- directories = [
- "/opt/stirling"
- ];
-in
-{
- systemd.tmpfiles.rules = map (x: "d ${x} 0755 share share - -") directories;
- virtualisation.oci-containers.containers.pdf-tools = {
- image = "frooodle/s-pdf:latest";
- autoStart = true;
- ports = [
- "8060:8080"
- ];
- volumes = [
- "/opt/stirling/training-data:/usr/share/tesseract-ocr/4.00/tessdata"
- "/opt/stirling/configs:/configs"
- ];
- environment = {
- DOCKER_ENABLE_SECURITY = "false";
- };
- };
-}
diff --git a/modules/retired/x11/default.nix b/modules/retired/x11/default.nix
deleted file mode 100644
index 52e7975..0000000
--- a/modules/retired/x11/default.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ pkgs, ... }:
-{
- services = {
- xserver = {
- enable = true;
- xkb.layout = "us";
- displayManager.lightdm.enable = true;
- windowManager.bspwm.enable = true;
- };
-
- displayManager.autoLogin = {
- enable = true;
- user = "tdback";
- };
- };
-
- hardware.graphics.enable32Bit = true;
-
- environment.systemPackages = with pkgs.xorg; [
- libX11
- xset
- ];
-
- fonts.packages = with pkgs; [
- dejavu_fonts
- dina-font
- iosevka-comfy.comfy-motion-fixed
- liberation_ttf
- noto-fonts
- noto-fonts-emoji
- ubuntu_font_family
- ];
-}
diff --git a/modules/retired/xonotic/default.nix b/modules/retired/xonotic/default.nix
deleted file mode 100644
index 7ae5442..0000000
--- a/modules/retired/xonotic/default.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ pkgs, ... }:
-{
- services.xonotic = {
- enable = true;
- package = pkgs.xonotic-dedicated;
- openFirewall = true;
- settings = {
- hostname = "tdback's Xonotic Server";
- net_address = "0.0.0.0";
- port = 26000;
- sv_motd = "GLHF! Please report any issues to @tdback on irc.libera.chat";
-
- # Specify bots and player count.
- maxplayers = 8;
- minplayers = 4;
- minplayers_per_team = 2;
-
- # Configure mutators.
- g_instagib = 0;
- g_grappling_hook = 1;
- g_jetpack = 0;
- g_vampire = 0;
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-31 07:49:45 +0000