m3tam3re/self-host-playbook-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

playbook base initial skeleton

Browse Source
This commit is contained in:
m3tam3re
2025-03-12 14:28:01 +01:00
commit b97263495b
14 changed files with 471 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
modules/core.nix Normal file
View File

@ -0,0 +1,95 @@
{pkgs, ...}: {
imports = [
./hardware-configuration.nix
];
# Enable flakes and nix commands
nix = {
settings = {
experimental-features = ["nix-command" "flakes"];
# Enable automatic garbage collection
auto-optimise-store = true;
};
# Automatic cleanup of old generations
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
};
# Boot configuration
boot.loader.grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
# Your base configuration here
system.autoUpgrade = {
enable = true;
allowReboot = true;
dates = "04:00";
flake = "path:/etc/nixos/current";
randomizedDelaySec = "45min";
flags = [
"--update-input nixpkgs"
"--update-input base-config"
];
};
# Other base configurations...
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
MaxAuthTries = 3;
LoginGraceTime = "30s";
};
ports = [2222];
};
# System packages
environment.systemPackages = with pkgs; [
# Docker tools
docker
docker-compose
# System utilities
neovim
git
unstable.gum
just
jq
(pkgs.writeShellScriptBin "shp" ''
exec sudo ${pkgs.just}/bin/just -f /etc/self-host-playbook/justfile "$@"
'')
];
# Enable Docker with recommended settings
virtualisation = {
docker = {
enable = true;
# Enable docker daemon to start on boot
enableOnBoot = true;
# Use overlay2 storage driver
storageDriver = "overlay2";
# Enable live restore
liveRestore = true;
};
oci-containers = {
backend = "docker";
};
};
environment.etc = {
# Main justfile
"self-host-playbook/justfile".source = ../justfiles/main.just;
# Tier justfiles
"self-host-playbook/tiers/core.just".source = ../justfiles/tiers/core.just;
"self-host-playbook/tiers/starter.just".source = ../justfiles/tiers/starter.just;
};
# System state version (do not change)
system.stateVersion = "24.11";
}

26
modules/hardware-configuration.nix Normal file
View File

@ -0,0 +1,26 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

37
modules/services.nix Normal file
View File

@ -0,0 +1,37 @@
# modules/services.nix
{
config,
lib,
tier ? "starter",
...
}:
with lib; let
tiers = {
starter = {
services = ["portainer" "caddy" "n8n"];
description = "Basic management tools";
};
premium = {
services = ["portainer" "caddy" "n8n" "baserow"];
description = "Automation and database tools";
};
};
in {
imports =
map
(serviceName: import ../services/${serviceName})
tiers.${tier}.services;
options.services.selfHostPlaybook = {
enable = mkEnableOption "self host playbook";
tier = mkOption {
type = types.enum ["starter" "premium"];
default = "starter";
description = "Service tier to enable";
};
};
config = mkIf config.services.selfHostPlaybook.enable {
# Add any additional configuration here if needed
};
}