kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

enable smartd monitoring, increase upload limit, rekey

Browse Source
This commit is contained in:
Kopatz
2025-02-10 11:19:09 +01:00
parent d341e7c0fc
commit 68b5d9ce38
33 changed files with 175 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
modules/nix/settings.nix
View File

@@ -12,18 +12,23 @@ in {
};
config = mkIf cfg.enable {
nix.optimise.automatic = cfg.optimise;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.registry.nixpkgs.flake = pkgsVersion;
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
systemd.services.nix-daemon.serviceConfig.OOMScoreAdjust =
lib.mkDefault 250;
nix = {
optimise.automatic = cfg.optimise;
settings.experimental-features = [ "nix-command" "flakes" ];
registry.nixpkgs.flake = pkgsVersion;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
};
nix.extraOptions = ''
min-free = ${toString (100 * 1024 * 1024)}
max-free = ${toString (1024 * 1024 * 1024)}
'';
#nix.nixPath = [ "nixpkgs=flake:nixpkgs" ];
nixpkgs.config.allowUnfree = true;
##home-manager.users.${config.mainUser.name}.home.sessionVariables = {

31
modules/services/default.nix
View File

@@ -2,23 +2,24 @@
{
imports = [
./acme.nix
./caldav.nix
./opensnitch.nix
./github-runner.nix
./adguard.nix
./dnsmasq.nix
./games
./gitolite.nix
./ente.nix
./kubernetes.nix
./kavita.nix
./nginx.nix
./fileshelter.nix
./wireguard.nix
./kop-monitor.nix
./kop-fileshare.nix
./adam-site.nix
./adguard.nix
./caldav.nix
./dnsmasq.nix
./ente.nix
./fileshelter.nix
./games
./github-runner.nix
./gitolite.nix
./kavita.nix
./kop-fileshare.nix
./kop-monitor.nix
./kubernetes.nix
./nginx.nix
./opensnitch.nix
./plausible.nix
./smartd.nix
./syncthing.nix
./wireguard.nix
];
}

3
modules/services/kavita.nix
View File

@@ -110,7 +110,8 @@ in {
${mangal} inline -S Manganato --query "Terror_man" --manga first --download
${mangal} inline -S Manganato --query "I_Stole_the_Number_One_Ranker" --manga first --download
${mangal} inline -S Manganato --query "hidan_no_aria" --manga first --download
${mangal} inline -S AsuraScans --query "the_max_level" --manga first --download
${mangal} inline -S AsuraScans --query "the_max_level_hero" --manga first --download
${mangal} inline -S Manganato --query "Parallel_City" --manga first --download
'';
serviceConfig = {
PrivateTmp = true;

2
modules/services/nginx.nix
View File

@@ -59,7 +59,7 @@ in {
"/stash" = {
basicAuthFile = config.age.secrets.stash-auth.path;
extraConfig = ''
client_max_body_size 5000M;
client_max_body_size 20000M;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;

44
modules/services/smartd.nix Normal file
View File

@@ -0,0 +1,44 @@
{ config, pkgs, inputs, system, lib, ... }:
let
notifyScript = pkgs.writeScript "smartd-notify.sh" ''
#!${pkgs.runtimeShell}
source ${config.age.secrets.webhook-smartd.path}
MSG=$(
${pkgs.coreutils}/bin/cat <<EOF
Problem detected with disk: $SMARTD_DEVICESTRING
Warning message from smartd is:
$SMARTD_FULLMESSAGE
EOF
)
JSON=$(${pkgs.jq}/bin/jq -n --arg msg "$MSG" '{content: $msg}')
${pkgs.curl}/bin/curl --request POST \
--url "$WEBHOOK_URL" \
--header 'Content-Type: application/json' \
--data "$JSON"
'';
cfg = config.custom.services.smartd;
in {
options.custom.services.smartd = {
enable = lib.mkEnableOption "Enables smartd monitoring";
};
config = lib.mkIf cfg.enable {
age.secrets.webhook-smartd = {
file = ../../secrets/webhook.age;
mode = "444";
};
services.smartd = {
enable = true;
autodetect = true;
notifications = {
x11.enable = false;
wall.enable = false;
mail.enable = false;
};
defaults.autodetected =
"-a -o on -s (S/../.././02|L/../../7/04) -m <nomailer> -M exec ${notifyScript} -M test";
};
};
}