home lab init

2025-06-03 23:07:46 +02:00 · 2025-06-03 23:07:46 +02:00 · 7278922625
commit 7278922625
65 changed files with 27336 additions and 0 deletions
--- a/nixos/modules/docker-host.nix
+++ b/nixos/modules/docker-host.nix
@ -0,0 +1,77 @@
+{ config, pkgs, lib, ... }:
+
+let
+  # ── Adjust these to your NAS settings ──────────────────────────────────────────
+  nasServer     = "192.168.1.100";          # your NAS IP or hostname
+  nasExportPath = "/export/docker-volumes"; # path on the NAS
+  nasMountPoint = "/mnt/nas";               # where to mount inside VM
+
+  # ── Where we drop your Compose file and run it ────────────────────────────────
+  composeDir  = "/etc/docker-compose-app";
+  composeText = lib.readFile ./docker-compose.yml;
+in {
+  ##############################################################################
+  # A) NETWORKING
+  #    (If you want DHCP, remove this block and let cloud-init assign an IP.)
+  ##############################################################################
+  # networking.interfaces.enp0s25 = {
+  #   useDHCP = false;
+  #   ipv4.addresses = [{
+  #     address = "192.168.1.50";
+  #     prefixLength = 24;
+  #   }];
+  #   ipv4.gateway = "192.168.1.1";
+  #   # optional: ipv4.dns = [ "1.1.1.1" "8.8.8.8" ];
+  # };
+
+  ##############################################################################
+  # B) MOUNT YOUR NAS VIA NFS
+  ##############################################################################
+  # fileSystems."${nasMountPoint}" = {
+  #   device = "${nasServer}:${nasExportPath}";
+  #   fsType = "nfs";
+  #   options = [ "defaults" "nofail" "x-systemd.requires=network-online.target" ];
+  # };
+  # fileSystems."${nasMountPoint}".requiredForBoot = false;
+
+  ##############################################################################
+  # C) INSTALL DOCKER & DOCKER-COMPOSE
+  ##############################################################################
+  environment.systemPackages = with pkgs; [
+    docker
+    docker-compose
+  ];
+  services.docker.enable = true;
+
+  ##############################################################################
+  # D) DROP IN YOUR docker-compose.yml
+  ##############################################################################
+  # systemd.tmpfiles.rules = [
+  #   # Ensure directory exists before we write the file.
+  #   "D! ${composeDir} 0755 root root - -"
+  # ];
+  # environment.etc."docker-compose-app/docker-compose.yml".text = composeText;
+
+  ##############################################################################
+  # E) RUN DOCKER-COMPOSE AS A SYSTEMD SERVICE
+  ##############################################################################
+  # systemd.services.dockerComposeApp = {
+  #   description = "Auto-start Docker-Compose stack for home server";
+  #   after = [ "network-online.target" "docker.service" ];
+  #   wants = [ "network-online.target" "docker.service" ];
+
+  #   serviceConfig = {
+  #     WorkingDirectory = composeDir;
+  #     ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f ${composeDir}/docker-compose.yml up";
+  #     ExecStop  = "${pkgs.docker-compose}/bin/docker-compose -f ${composeDir}/docker-compose.yml down";
+  #     Restart = "always";
+  #     RestartSec = 10;
+  #   };
+
+  #   wantedBy = [ "multi-user.target" ];
+  # };
+
+
+
+
+}
--- a/nixos/modules/docker.nix
+++ b/nixos/modules/docker.nix
@ -0,0 +1,11 @@
+{
+  config,
+  pkgs,
+  inputs,
+  ...
+}: {
+  virtualisation.docker = {
+    enable = true;
+    enableOnBoot = false;
+  };
+}
--- a/nixos/modules/forgejo.nix
+++ b/nixos/modules/forgejo.nix
@ -0,0 +1,54 @@
+{ config, pkgs, ... }:
+
+let
+  # (Optional) name your Compose app’s directory on the VM:
+  composeDir = "/etc/docker-compose-app";
+
+in {
+  # 1) Install Docker engine and Docker‐Compose binary:
+  environment.systemPackages = with pkgs; [
+    docker
+    docker-compose      # pulls in the python-based compose
+  ];
+
+  # 2) Enable the Docker daemon:
+  services.docker.enable = true;
+
+  # 3) Create a directory for your Compose file and copy it from the flake:
+  #    If your flake repo has a sibling file `docker-compose.yml`, this will drop
+  #    it into /etc/docker-compose-app/docker-compose.yml on the VM.
+  environment.etc."docker-compose-app/docker-compose.yml".text = builtins.readFile ./docker-compose.yml;
+
+  # 4) Make sure that directory exists with the right permissions:
+  systemd.tmpfiles.rules = [
+    # D     = create directory if missing, mode 0755, owner root:root
+    "D! /etc/docker-compose-app 0755 root root - -"
+  ];
+
+  # 5) Define a systemd service to run `docker-compose up`:
+  systemd.services.dockerComposeApp = {
+    description = "docker-compose stack for my application";
+    after = [ "network-online.target" "docker.service" ];
+    wants = [ "network-online.target" "docker.service" ];
+
+    serviceConfig = {
+      # Run in foreground but let systemd restart if it crashes
+      ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f ${composeDir}/docker-compose.yml up";
+      ExecStop  = "${pkgs.docker-compose}/bin/docker-compose -f ${composeDir}/docker-compose.yml down";
+      WorkingDirectory = composeDir;
+      Restart = "always";
+      RestartSec = 10;
+    };
+
+    # Make sure the directory exists before this service starts:
+    preStart = ''
+      mkdir -p ${composeDir}
+      chown root:root ${composeDir}
+    '';
+
+    wantedBy = [ "multi-user.target" ];
+  };
+
+  # 6) (Optional) If any volumes need to exist, define them here, for example:
+  #    environment.etc."docker-compose-app/data".source = "/path/to/local/data";
+}
--- a/nixos/modules/node-exporter.nix
+++ b/nixos/modules/node-exporter.nix
@ -0,0 +1,19 @@
+{ config, pkgs, ... }:
+let
+  prometheus_exporter_port = 9100;
+in
+{
+  networking.firewall.allowedTCPPorts = [ prometheus_exporter_port ];
+
+  services.prometheus = {
+    exporters = {
+      node = {
+        enable = true;
+        enabledCollectors = [ "systemd" ];
+        port = prometheus_exporter_port;
+        # /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter  --help
+        extraFlags = [ "--collector.ethtool" "--collector.softirqs" "--collector.tcpstat" "--collector.wifi" ];
+      };
+    };
+  };
+}
--- a/nixos/modules/promtail.nix
+++ b/nixos/modules/promtail.nix
@ -0,0 +1,43 @@
+{ config, pkgs, ... }:
+let
+  promtail_port = 9080;
+in
+{
+  networking.firewall.allowedTCPPorts = [ promtail_port ];
+
+  systemd.tmpfiles.rules = [
+    "d /var/lib/promtail 0755 promtail promtail -"
+  ];
+
+  services.promtail = {
+    enable = true;
+    configuration = {
+      server = {
+        http_listen_port = promtail_port;
+        grpc_listen_port = 0;
+      };
+      positions = {
+        filename = "/var/lib/promtail/positions.yaml";
+      };
+      clients = [{
+        url = "http://monitor.local:3100/loki/api/v1/push";
+      }];
+      scrape_configs = [{
+        job_name = "journal";
+        journal = {
+          path = "/var/log/journal";
+          labels = {
+            job = "promtail";
+            host = config.networking.hostName;
+            env = "proxmox";
+            instance = "${config.networking.hostName}.local";
+          };
+        };
+        relabel_configs = [{
+          source_labels = ["__journal__systemd_unit"];
+          target_label = "unit";
+        }];
+      }];
+    };
+  };
+}