servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Added excalidraw selfhosted

Browse Source
This commit is contained in:
uttarayan21
2025-07-30 06:44:52 +05:30
parent 411902ff7d
commit 0bdf23cd4a
4 changed files with 65 additions and 92 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
nixos/mirai/configuration.nix
View File

@@ -1,6 +1,7 @@
{ {
config, config,
pkgs, pkgs,
device,
... ...
}: { }: {
imports = [ imports = [
@@ -9,6 +10,18 @@
./mirai.nix ./mirai.nix
# ./docker.nix # ./docker.nix
]; ];
virtualisation.docker.enable = true;
# virtualisation.podman = {
# enable = true;
# dockerSocket.enable = true;
# defaultNetwork.dnsname.enable = true;
# };
users.extraUsers.${device.user}.extraGroups = ["docker"];
environment.systemPackages = with pkgs; [
arion
];
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
sops = { sops = {
defaultSopsFile = ../../secrets/secrets.yaml; defaultSopsFile = ../../secrets/secrets.yaml;

12
nixos/mirai/services/default.nix
View File

@@ -3,21 +3,21 @@
./atuin.nix ./atuin.nix
./authelia.nix ./authelia.nix
./caddy.nix ./caddy.nix
./excalidraw.nix
./fail2ban.nix ./fail2ban.nix
./flaresolverr.nix
./gitea.nix ./gitea.nix
./homepage.nix ./homepage.nix
./immich.nix
./llama.nix ./llama.nix
./lldap.nix
./minecraft.nix ./minecraft.nix
./nextcloud.nix ./nextcloud.nix
./tailscale.nix
./prowlarr.nix ./prowlarr.nix
./flaresolverr.nix
./searxng.nix
./immich.nix
./lldap.nix
./resolved.nix ./resolved.nix
./searxng.nix
./tailscale.nix
# ./home-assistant.nix
# ./jellyfin.nix # ./jellyfin.nix
# ./ldap.nix # ./ldap.nix
# ./llama.nix # ./llama.nix

46
nixos/mirai/services/excalidraw.nix Normal file
View File

@@ -0,0 +1,46 @@
{...}: {
# virtualisation.arion = {
# projects = {
# excalidraw = {
# excalidraw = {
# service.image = "ghcr.io/excalidraw/excalidraw:latest";
# service.volumes = [
# "/etc/localtime:/etc/localtime:ro"
# "/run/dbus:/run/dbus:ro"
# ];
# };
# };
# };
# };
virtualisation.oci-containers = {
backend = "docker";
containers = {
excalidraw = {
image = "excalidraw/excalidraw:latest";
ports = ["127.0.0.1:5959:80"];
volumes = [];
};
};
};
services.caddy.virtualHosts."draw.darksailor.dev".extraConfig = ''
forward_auth localhost:5555 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy localhost:5959
'';
services.authelia = {
instances.darksailor = {
settings = {
access_control = {
rules = [
{
domain = "draw.darksailor.dev";
policy = "one_factor";
}
];
};
};
};
};
}

86
nixos/mirai/services/home-assistant.nix
View File

@@ -1,86 +0,0 @@
{pkgs, ...}: {
services = {
home-assistant = {
enable = true;
extraComponents = [
"esphome"
"met"
"radio_browser"
"wiz"
"homekit"
"homekit_controller"
];
customComponents = [
pkgs.home-assistant-custom-components.auth-header
];
config = {
default_config = {};
homeassistant = {
external_url = "https://home.darksailor.dev";
name = "Home Assistant";
time_zone = "Asia/Kolkata";
};
http = {
server_host = "::1";
trusted_proxies = ["::1"];
use_x_forwarded_for = true;
};
auth_header = {
username_header = "Remote-User";
};
};
};
caddy = {
virtualHosts."home.darksailor.dev".extraConfig = ''
forward_auth localhost:5555 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
reverse_proxy localhost:8123
'';
};
};
networking.firewall.allowedTCPPorts = [
8888
5555
5432
5000
7070
6600
2019
22
21064
48829
11434
3000
8123
5432
443
22
80
55447
25565
21064
40000
];
networking.firewall.allowedUDPPorts = [
5353
41641
68
5353
5353
41641
47663
53040
443
1900
1900
5555
];
networking.firewall.allowedTCPPortRanges = [
{
from = 21063;
to = 21070;
}
];
}