DerGrumpf/cyper-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added Octoprint; Minor config changes;

Browse Source
This commit is contained in:
DerGrumpf
2026-04-28 22:25:24 +02:00
parent a0ed95e5e7
commit 101fb29dba
6 changed files with 120 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
hosts/cyper-controller/configuration.nix
+1 -1
View File
@@ -12,8 +12,8 @@
../../nixos/roles/gitea.nix ../../nixos/roles/gitea.nix
../../nixos/roles/vaultwarden.nix ../../nixos/roles/vaultwarden.nix
../../nixos/roles/frontpage ../../nixos/roles/frontpage
../../nixos/roles/cage.nix
../../nixos/roles/paperless-ngx.nix ../../nixos/roles/paperless-ngx.nix
../../nixos/roles/octoprint.nix
]; ];
networking = { networking = {
nixos/roles/matrix/clients.nix
+30 -2
View File
@@ -126,7 +126,7 @@ let
preferred_domain = "jitsi.cyperpunk.de"; preferred_domain = "jitsi.cyperpunk.de";
}; };
element_call = { element_call = {
url = "https://call.element.io"; url = "https://element.cyperpunk.de/widgets/element-call";
use_exclusively = true; use_exclusively = true;
participant_limit = 8; participant_limit = 8;
brand = "Cyperpunk Call"; brand = "Cyperpunk Call";
@@ -140,6 +140,7 @@ let
}; };
features = { features = {
feature_group_calls = true; feature_group_calls = true;
"feature_disable_call_per_sender_encryption" = true;
}; };
} }
); );
@@ -148,10 +149,27 @@ let
cp ${elementConfig} $out/config.json cp ${elementConfig} $out/config.json
''; '';
}); });
synapseAdmin = pkgs.synapse-admin-etkecc.withConfig { synapseAdmin = pkgs.ketesa.withConfig {
restrictBaseUrl = [ "https://matrix.cyperpunk.de" ]; restrictBaseUrl = [ "https://matrix.cyperpunk.de" ];
loginFlows = [ "password" ]; loginFlows = [ "password" ];
}; };
elementCallConfigured = pkgs.element-call.overrideAttrs (old: {
postInstall = (old.postInstall or "") + ''
cp ${
builtins.toFile "element-call-config.json" (
builtins.toJSON {
default_server_config = {
"m.homeserver" = {
base_url = "https://matrix.cyperpunk.de";
server_name = "cyperpunk.de";
};
};
livekit_service_url = "https://cyperpunk.de/livekit/jwt/";
}
)
} $out/config.json
'';
});
in in
{ {
@@ -160,6 +178,7 @@ in
8010 # Element 8010 # Element
8011 # Synapse Admin 8011 # Synapse Admin
8012 # FluffyChat 8012 # FluffyChat
8013 # Element Call
]; ];
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
@@ -201,6 +220,15 @@ in
]; ];
root = "${synapseAdmin}"; root = "${synapseAdmin}";
}; };
"element-call.cyperpunk.de" = {
listen = [
{
addr = "0.0.0.0";
port = 8013;
}
];
root = "${elementCallConfigured}";
};
}; };
virtualisation.oci-containers.containers.fluffychat = { virtualisation.oci-containers.containers.fluffychat = {
nixos/roles/matrix/synapse.nix
+1
View File
@@ -35,6 +35,7 @@
"msc3779_enabled" = true; "msc3779_enabled" = true;
"msc3401_enabled" = true; "msc3401_enabled" = true;
"msc4143_enabled" = true; "msc4143_enabled" = true;
"msc4195_enabled" = true;
}; };
listeners = [ listeners = [
{ {
nixos/roles/octoprint.nix
+62
View File
@@ -0,0 +1,62 @@
{ lib, pkgs, ... }:
let
octoprint-overlay = self: super: {
octoprint = super.octoprint.override {
packageOverrides = pyself: pysuper: {
octoprint-customcss = pyself.buildPythonPackage {
pname = "OctoPrint-CustomCSS";
version = "20201210";
format = "setuptools";
src = pkgs.fetchFromGitHub {
owner = "crankeye";
repo = "OctoPrint-CustomCSS";
rev = "7a042b11055592b42b59298ad8d579b731081acd";
sha256 = "sha256-N5DjaZ2KzSi1xfmvhS8gWKAMyXz5btYqU1QSRIMkFZY=";
};
propagatedBuildInputs = [ pysuper.octoprint ];
doCheck = false;
meta = with lib; {
description = "A simple plugin for adding custom CSS to OctoPrint";
homepage = "https://github.com/crankeye/OctoPrint-CustomCSS";
license = licenses.agpl3Only;
};
};
octoprint-bedlevelvisualizer = pyself.buildPythonPackage {
pname = "OctoPrint-BedLevelVisualizer";
version = "1.1.1";
format = "setuptools";
src = pkgs.fetchFromGitHub {
owner = "jneilliii";
repo = "OctoPrint-BedLevelVisualizer";
rev = "1.1.1";
sha256 = "1v7gqyp605z3hyc1w8a2h6ir6k0vp2ccby1wwxlri6h4i2yii5z8";
};
propagatedBuildInputs = [ pysuper.octoprint ];
doCheck = false;
meta = with lib; {
description = "Visualize your bed leveling via a 3D mesh";
homepage = "https://github.com/jneilliii/OctoPrint-BedLevelVisualizer";
license = licenses.mit;
};
};
};
};
};
in
{
nixpkgs.overlays = [ octoprint-overlay ];
services.octoprint = {
enable = true;
host = "0.0.0.0";
openFirewall = true;
port = 5000;
plugins =
ps: with ps; [
octoprint-customcss
octoprint-bedlevelvisualizer
];
};
}
nixos/roles/paperless-ngx.nix
+24 -29
View File
@@ -1,37 +1,31 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
services.paperless = {
enable = true;
package = pkgs.paperless-ngx;
address = "0.0.0.0";
port = 28101;
settings = { services = {
paperless = {
enable = true;
package = pkgs.paperless-ngx;
address = "0.0.0.0";
port = 28101;
settings = {
PAPERLESS_USE_X_FORWARDED_HOST = "true";
PAPERLESS_USE_X_FORWARDED_PORT = "true";
PAPERLESS_ALLOWED_HOSTS = "ngx.cyperpunk.de,100.109.179.25,localhost";
PAPERLESS_CSRF_TRUSTED_ORIGINS = [
"https://ngx.cyperpunk.de"
"http://100.109.179.25:28101"
];
PAPERLESS_OCR_LANGUAGE = "deu+eng";
PAPERLESS_CONSUMPTION_DIR = "/var/lib/paperless/consume";
PAPERLESS_URL = "https://ngx.cyperpunk.de";
};
# Da der Proxy auf einem anderen Server (via Tailscale) liegt: exporter = {
# Erlaubt Paperless, die 'X-Forwarded-*' Header zu akzeptieren enable = true;
PAPERLESS_USE_X_FORWARDED_HOST = "true"; };
PAPERLESS_USE_X_FORWARDED_PORT = "true";
# Erlaubt den Zugriff über die Domain UND die Tailscale-IP
# Der Stern '*' ist die einfachste Lösung für private Server
PAPERLESS_ALLOWED_HOSTS = "ngx.cyperpunk.de,100.109.179.25,localhost";
# Füge die IP auch zu den vertrauenswürdigen Ursprüngen hinzu (für CSRF)
PAPERLESS_CSRF_TRUSTED_ORIGINS = [
"https://ngx.cyperpunk.de"
"http://100.109.179.25:28101"
];
# Restliche Einstellungen bleiben gleich
PAPERLESS_OCR_LANGUAGE = "deu+eng";
PAPERLESS_CONSUMPTION_DIR = "/var/lib/paperless/consume"; # Falls du den Bind-Mount nutzt
PAPERLESS_URL = "https://ngx.cyperpunk.de";
}; };
}; };
# Gruppe und Berechtigungen wie besprochen
users.users.paperless.extraGroups = [ "users" ]; users.users.paperless.extraGroups = [ "users" ];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
@@ -39,6 +33,7 @@
"z /storage/internal/paperless 0775 root users -" "z /storage/internal/paperless 0775 root users -"
]; ];
# Öffne den Port für Tailscale (oder das lokale Netz) networking.firewall.allowedTCPPorts = [
networking.firewall.allowedTCPPorts = [ 28101 ]; 28101
];
} }
secrets/secrets.yaml
+2 -2
View File
@@ -25,7 +25,7 @@ sops:
N3I5dzUwc3JtYzczMUhyT04vSHlZamMKT+FzYcDLmlEFYxm/XoBpJb8XaZzBH1v9 N3I5dzUwc3JtYzczMUhyT04vSHlZamMKT+FzYcDLmlEFYxm/XoBpJb8XaZzBH1v9
6fuez+zApathZfl14w41kAUojPWBznnxDqYtNvzVVLXwnpp3BMx+7w== 6fuez+zApathZfl14w41kAUojPWBznnxDqYtNvzVVLXwnpp3BMx+7w==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2026-04-25T01:01:15Z" lastmodified: "2026-04-28T20:24:56Z"
mac: ENC[AES256_GCM,data:LEoQilJrVhhzLdAyMz2xugOlnsu1j3XyCJbRLnMpRivbOFlqOu9dvwAJJ8gDzizOxTwh/24YD14f+njdPGNSB42O9sD9Mcb9UdB3N2pzHNaaUYQXFDHdqfxTQ93sYkwOP4KZHbMgbtzb1a/1a+G2cLhBcmIZSdOdkAzcVwUVmVY=,iv:D9xDKS2X6AiJi61/a/YbU+DvhTq5XB30HvE85i5lGvo=,tag:ztDsyGvk4KhBa6NJdOqhGg==,type:str] mac: ENC[AES256_GCM,data:ckUMW2VucN8foLbSk8iKBHOtIOSFi0eOy4d0unLlJZpaKEFO91UofHN00Gh+sfw3jG0VNRWGUhAGxQC+di4LFbITlODPkWOzY10FMAES5FSQVyKkW9gnQY/BGbHlDX63iwZ9FLQEbCg4LSVA1emVlCmZ5QEYy5bBH7LddNdnEbo=,iv:u9akYdHujAuFoSAv0Q7rcsSAn5PJZhBhkKjrBWn0XBg=,tag:GvN2Kgi2+5bTZ7t/tZASRw==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.12.2 version: 3.12.2