Drezil/nixos-nas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
nixos-nas/configuration.nix
root@nixos-nas 34495ccc71 kodi & tv-wakeup
2025-06-11 19:23:58 +00:00

147 lines
4.6 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, pkgs, ... }:
let
hdmiHandler = pkgs.writeShellScript "hdmi-handler" ''
#!/usr/bin/env bash
PORT="/sys/class/drm/card0-HDMI-A-1/status"
USER="nicole"
read status < "$PORT"
if [[ "$status" == "connected" ]]; then
runuser -l "$USER" -c "systemctl --user start kodi.service"
# runuser -l "$USER" -c "systemctl --user start vm-viewer@ha-vm.service"
else
runuser -l "$USER" -c "systemctl --user stop vm-viewer@ha-vm.service" || true
runuser -l "$USER" -c "systemctl --user stop kodi.service"
fi
'';
in
{
imports = [ ./hardware/hardware-configuration.nix ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.kernelModules = [ "overlay" "vmd" ];
boot.initrd.systemd.tmpfiles.settings."nixdirs" = {
"/nix".d = { mode = "0755"; type = "d"; user = "root"; group = "root";};
"/nix/.ro-store".d = { mode = "0755"; type = "d"; user = "root"; group = "root";};
"/nix/.rw-store".d = { mode = "0755"; type = "d"; user = "root"; group = "root";};
};
boot.zfs.extraPools = ["tank"];
networking.hostName = "nix-nas";
networking.hostId = "39373132"; # via: head -c4 /etc/machine-id | od -An -tx4
fileSystems."/" =
{ device = "rpool/root";
fsType = "zfs";
neededForBoot = true;
};
fileSystems."/nix" =
{ device = "rpool/nix";
fsType = "zfs";
neededForBoot = true;
};
fileSystems."/home" =
{ device = "tank/home";
fsType = "zfs";
};
fileSystems."/tank" =
{ device = "tank/media";
fsType = "zfs";
};
swapDevices = [ ];
users.users.nicole = {
isNormalUser = true;
hashedPassword = "$6$p73d5mOLoSuJGOol$KRlszaPXZK9/frADlfR3kAr/57DD5f4.CPTGNNX80QWEWFE5y.bM1WiZwmRHiAlrws3q/zCDQ6AqeSyCUX.8U/";
extraGroups = [ "wheel" "docker" "libvirtd" ];
linger = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAsiKDWCwyf1usprg3K6Zk0xE9S4DX6+Bc4+nIOZGmf drezil@Manticore"
];
};
system.stateVersion = "25.05"; # ← einmalig festnageln
security.sudo.wheelNeedsPassword = false;
services.openssh.enable = true;
services.zfs.autoScrub.enable = true; # Snapshots & Details kommen später
systemd.services.zfs-prune-snapshots = {
description = "Remove ZFS snapshots older than policy";
serviceConfig.ExecStart = "/run/current-system/sw/bin/zfs-prune-snapshots -r --keep=2w";
startAt = "daily";
};
# Wir pinnen den Kernel, bis ZFS 2.3.x für 6.13 bereit ist
boot.kernelPackages = pkgs.linuxPackages_6_12;
environment.systemPackages = with pkgs; [ git vim zfs virt-viewer kodi ];
#### Virtualisation
virtualisation.docker.enable = true;
virtualisation.libvirtd.enable = true;
users.groups.docker.members = [ "nicole" ];
programs.virt-manager.enable = true;
#### nix-Cache
# --- Binary-Cache
services.nix-serve = {
enable = true;
secretKeyFile = "/var/cache/nix/secret-key";
openFirewall = true;
port = 5000;
};
nix.settings = {
substituters = [ "http://nix-nas:5000" "https://cache.nixos.org" ];
trusted-public-keys = [
"nas-cache:rgCDn9SwmvxvhjiEiRgrjAuAEyRiJT/aBIlywetuypM="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" # Standard-Key vom upstream Cache
];
secret-key-files = [ "/var/cache/nix/secret-key" ];
};
##########################################################################
### Kodi & TV-Detect #####################################################
##########################################################################
### UDEV-Regel + Skript ##################################################
services.udev.extraRules = ''
ACTION=="change", SUBSYSTEM=="drm", ENV{HOTPLUG}=="1", RUN+="${hdmiHandler}"
'';
## Kodi GBM/Wayland Stand-alone ###################################
systemd.user.services.kodi = {
description = "Kodi Media Center (stand-alone)";
# wird nur manuell/über den Udev-Hook gestartet → kein wantedBy nötig
# wantedBy = [ "default.target" ]; # auskommentieren, falls immer laufen soll
after = [ "graphical-session.target" ]; # optional
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.kodi}/bin/kodi-standalone";
Restart = "on-failure";
};
};
### Virt-Viewer Template-Unit (optional) #################################
systemd.user.services."vm-viewer@" = {
description = "Virt-viewer fullscreen for %i";
serviceConfig = {
ExecStart = "${pkgs.virt-viewer}/bin/virt-viewer --full-screen --wait --domain-name %i";
Restart = "on-failure";
};
};
}
Reference in New Issue View Git Blame Copy Permalink