Faris/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleanup podman containers, add nextcloud

Browse Source
This commit is contained in:
Faris 2026-04-14 12:39:58 +01:00
parent 87824883a8
commit ccd462431a
5 changed files with 431 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/common.nix
View File

@ -148,6 +148,7 @@
tree
p7zip
inetutils # telnet
wl-clipboard # clipboard for vim
# media
yt-dlp

2
home/common.nix
View File

@ -45,7 +45,7 @@
historyLimit = 10000;
mouse = true;
extraConfig = ''
set -s set-clipboard on
'';
};

170
home/podman.nix
View File

@ -6,6 +6,30 @@
}:
{
systemd.user.services.podman-prune = {
Unit = {
Description = "Prune unused Podman resources for admin user";
};
Service = {
Type = "oneshot";
ExecStart = "${pkgs.podman}/bin/podman system prune -f --all";
};
};
systemd.user.timers.podman-prune = {
Unit = {
Description = "Weekly Podman prune timer";
};
Timer = {
OnCalendar = "weekly";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
services.podman.networks = {
internal_net = {
driver = "bridge";
@ -138,75 +162,6 @@
};
};
};
authentik-server = {
image = "ghcr.io/goauthentik/server:2026.2.1";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
exec = "server";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/authentik"
];
volumes = [
"/pool/services/podman/authentik/data:/data"
"/pool/services/podman/authentik/certs:/certs"
"/pool/services/podman/authentik/templates:/templates"
];
extraPodmanArgs = [
"--shm-size=256m"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
authentik-postgresql = {
image = "docker.io/postgres:16-alpine";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/authentik"
];
volumes = [
"/pool/services/podman/authentik/db:/var/lib/postgresql/data"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
authentik-worker = {
image = "ghcr.io/goauthentik/server:2026.2.1";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
exec = "worker";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/authentik"
];
volumes = [
"/pool/services/podman/authentik/data:/data"
"/pool/services/podman/authentik/certs:/certs"
"/pool/services/podman/authentik/templates:/templates"
];
extraPodmanArgs = [
"--shm-size=256m"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
caddy-local = {
image = "ghcr.io/caddybuilds/caddy-cloudflare:latest";
autoStart = true;
@ -232,6 +187,25 @@
};
};
cleanuparr = {
image = "ghcr.io/cleanuparr/cleanuparr:latest";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
environmentFile = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/cleanuparr:/config"
"/pool/media/torrents:/downloads"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
bazarr = {
image = "lscr.io/linuxserver/bazarr:latest";
autoStart = true;
@ -810,6 +784,64 @@
# };
#};
nextcloud = {
image = "docker.io/nextcloud";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/nextcloud"
];
volumes = [
"/pool/services/podman/nextcloud/app:/var/www/html"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
nextcloud-db = {
image = "docker.io/mariadb:10.6";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
exec = "--transaction-isolation=READ-COMMITTED --log-bin=binlog --binlog-format=ROW";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/nextcloud"
];
volumes = [
"/pool/services/podman/nextcloud/db:/var/lib/mysql"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
ntfy = {
image = "docker.io/binwiederhier/ntfy";
autoStart = true;
autoUpdate = "registry";
network = "internal_net";
exec = "serve";
environmentFile = [
"/pool/services/secrets/default"
"/pool/services/secrets/ntfy"
];
volumes = [
"/pool/services/podman/ntfy:/var/lib/ntfy"
];
extraConfig = {
Service = {
TimeoutStartSec = 900;
};
};
};
ntp = {
image = "docker.io/cturra/ntp";
autoStart = true;

84
hosts/server/settings.nix
View File

@ -162,45 +162,15 @@ systemd.services.podman-network-vlan50 = {
services.smartd = {
enable = true;
notifications = {
mail.enable = true;
mail.recipient = "accelarion@protonmail.com";
};
#devices = [ "DEVICESCAN -a" ]; # autodetect all drives
};
programs.msmtp = {
enable = true;
accounts.default = {
auth = true;
tls = true;
host = "smtp.protonmail.ch";
port = 587;
from = "faris@mektem.com";
user = "faris@mektem.com";
passwordeval = "cat /pool/services/secrets/mail.txt";
};
};
environment.etc."zfs/zed-notify.sh" = {
mode = "0755";
text = ''
#!/bin/sh
# ZED calls: ZED_EMAIL_PROG "subject" "recipient"
SUBJECT="$1"
TO="$2"
(echo "Subject: $SUBJECT"; echo "To: $TO"; echo ""; cat) | \
${pkgs.msmtp}/bin/msmtp "$TO"
'';
};
services.zfs.zed = {
enableMail = true;
settings = {
ZED_EMAIL_ADDR = [ "faris@mektem.com" ];
ZED_EMAIL_PROG = "/etc/zfs/zed-notify.sh"; # Or ssmtp
ZED_EMAIL_OPTS = "";
ZED_NOTIFY_INTERVAL_SECS = 3600;
ZED_NTFY_URL="https://ntfy.mektem.com";
ZED_NTFY_TOPIC="zfs";
ZED_NTFY_ACCESS_TOKEN="tk_gtjia7itxhg1qik7j58wkgey2parr";
ZED_NOTIFY_INTERVAL_SECS = 1;
ZED_NOTIFY_VERBOSE = true; # Set to false to only get alerts on degradation
};
};
@ -290,29 +260,6 @@ systemd.services.podman-network-vlan50 = {
# };
};
headscale = {
image = "docker.io/headscale/headscale:stable";
autoStart = true;
#utoUpdate = "registry";
networks = [ "vlan50" ];
cmd = [ "serve" ];
environmentFiles = [
"/pool/services/secrets/default"
];
volumes = [
"/pool/services/podman/headscale/config:/etc/headscale:ro"
"/pool/services/podman/headscale/lib:/var/lib/headscale"
];
extraOptions = [
"--ip=192.168.50.38"
];
#extraConfig = {
# Service = {
# TimeoutStartSec = 900;
# };
##};
};
matrix = {
image = "ghcr.io/element-hq/synapse";
autoStart = true;
@ -358,29 +305,6 @@ systemd.services.podman-network-vlan50 = {
# };
};
ntfy = {
image = "docker.io/binwiederhier/ntfy";
autoStart = true;
#autoUpdate = "registry";
networks = [ "vlan50" ];
cmd = [ "serve" ];
environmentFiles = [
"/pool/services/secrets/default"
"/pool/services/secrets/ntfy"
];
volumes = [
"/pool/services/podman/ntfy:/var/lib/ntfy"
];
extraOptions = [
"--ip=192.168.50.35"
];
# extraConfig = {
# Service = {
# TimeoutStartSec = 900;
# };
# };
};
privatebin = {
image = "docker.io/privatebin/nginx-fpm-alpine:latest";
autoStart = true;

324
sion=<your-cookie-value>" Normal file
View File

@ -0,0 +1,324 @@
SSUUMMMMAARRYY OOFF LLEESSSS CCOOMMMMAANNDDSS
Commands marked with * may be preceded by a number, _N.
Notes in parentheses indicate the behavior if _N is given.
A key preceded by a caret indicates the Ctrl key; thus ^K is ctrl-K.
h H Display this help.
q :q Q :Q ZZ Exit.
---------------------------------------------------------------------------
MMOOVVIINNGG
e ^E j ^N CR * Forward one line (or _N lines).
y ^Y k ^K ^P * Backward one line (or _N lines).
ESC-j * Forward one file line (or _N file lines).
ESC-k * Backward one file line (or _N file lines).
f ^F ^V SPACE * Forward one window (or _N lines).
b ^B ESC-v * Backward one window (or _N lines).
z * Forward one window (and set window to _N).
w * Backward one window (and set window to _N).
ESC-SPACE * Forward one window, but don't stop at end-of-file.
ESC-b * Backward one window, but don't stop at beginning-of-file.
d ^D * Forward one half-window (and set half-window to _N).
u ^U * Backward one half-window (and set half-window to _N).
ESC-) RightArrow * Right one half screen width (or _N positions).
ESC-( LeftArrow * Left one half screen width (or _N positions).
ESC-} ^RightArrow Right to last column displayed.
ESC-{ ^LeftArrow Left to first column.
F Forward forever; like "tail -f".
ESC-F Like F but stop when search pattern is found.
r ^R ^L Repaint screen.
R Repaint screen, discarding buffered input.
---------------------------------------------------
Default "window" is the screen height.
Default "half-window" is half of the screen height.
---------------------------------------------------------------------------
SSEEAARRCCHHIINNGG
/_p_a_t_t_e_r_n * Search forward for (_N-th) matching line.
?_p_a_t_t_e_r_n * Search backward for (_N-th) matching line.
n * Repeat previous search (for _N-th occurrence).
N * Repeat previous search in reverse direction.
ESC-n * Repeat previous search, spanning files.
ESC-N * Repeat previous search, reverse dir. & spanning files.
^O^N ^On * Search forward for (_N-th) OSC8 hyperlink.
^O^P ^Op * Search backward for (_N-th) OSC8 hyperlink.
^O^L ^Ol Jump to the currently selected OSC8 hyperlink.
ESC-u Undo (toggle) search highlighting.
ESC-U Clear search highlighting.
&_p_a_t_t_e_r_n * Display only matching lines.
---------------------------------------------------
Search is case-sensitive unless changed with -i or -I.
A search pattern may begin with one or more of:
^N or ! Search for NON-matching lines.
^E or * Search multiple files (pass thru END OF FILE).
^F or @ Start search at FIRST file (for /) or last file (for ?).
^K Highlight matches, but don't move (KEEP position).
^R Don't use REGULAR EXPRESSIONS.
^S _n Search for match in _n-th parenthesized subpattern.
^W WRAP search if no match found.
^L Enter next character literally into pattern.
---------------------------------------------------------------------------
JJUUMMPPIINNGG
g < ESC-< * Go to first line in file (or line _N).
G > ESC-> * Go to last line in file (or line _N).
p % * Go to beginning of file (or _N percent into file).
t * Go to the (_N-th) next tag.
T * Go to the (_N-th) previous tag.
{ ( [ * Find close bracket } ) ].
} ) ] * Find open bracket { ( [.
ESC-^F _<_c_1_> _<_c_2_> * Find close bracket _<_c_2_>.
ESC-^B _<_c_1_> _<_c_2_> * Find open bracket _<_c_1_>.
---------------------------------------------------
Each "find close bracket" command goes forward to the close bracket
matching the (_N-th) open bracket in the top line.
Each "find open bracket" command goes backward to the open bracket
matching the (_N-th) close bracket in the bottom line.
m_<_l_e_t_t_e_r_> Mark the current top line with <letter>.
M_<_l_e_t_t_e_r_> Mark the current bottom line with <letter>.
'_<_l_e_t_t_e_r_> Go to a previously marked position.
'' Go to the previous position.
^X^X Same as '.
ESC-m_<_l_e_t_t_e_r_> Clear a mark.
---------------------------------------------------
A mark is any upper-case or lower-case letter.
Certain marks are predefined:
^ means beginning of the file
$ means end of the file
---------------------------------------------------------------------------
CCHHAANNGGIINNGG FFIILLEESS
:e [_f_i_l_e] Examine a new file.
^X^V Same as :e.
:n * Examine the (_N-th) next file from the command line.
:p * Examine the (_N-th) previous file from the command line.
:x * Examine the first (or _N-th) file from the command line.
^O^O Open the currently selected OSC8 hyperlink.
:d Delete the current file from the command line list.
= ^G :f Print current file name.
---------------------------------------------------------------------------
MMIISSCCEELLLLAANNEEOOUUSS CCOOMMMMAANNDDSS
-_<_f_l_a_g_> Toggle a command line option [see OPTIONS below].
--_<_n_a_m_e_> Toggle a command line option, by name.
__<_f_l_a_g_> Display the setting of a command line option.
___<_n_a_m_e_> Display the setting of an option, by name.
+_c_m_d Execute the less cmd each time a new file is examined.
!_c_o_m_m_a_n_d Execute the shell command with $SHELL.
#_c_o_m_m_a_n_d Execute the shell command, expanded like a prompt.
|XX_c_o_m_m_a_n_d Pipe file between current pos & mark XX to shell command.
s _f_i_l_e Save input to a file.
v Edit the current file with $VISUAL or $EDITOR.
V Print version number of "less".
---------------------------------------------------------------------------
OOPPTTIIOONNSS
Most options may be changed either on the command line,
or from within less by using the - or -- command.
Options may be given in one of two forms: either a single
character preceded by a -, or a name preceded by --.
-? ........ --help
Display help (from command line).
-a ........ --search-skip-screen
Search skips current screen.
-A ........ --SEARCH-SKIP-SCREEN
Search starts just after target line.
-b [_N] .... --buffers=[_N]
Number of buffers.
-B ........ --auto-buffers
Don't automatically allocate buffers for pipes.
-c ........ --clear-screen
Repaint by clearing rather than scrolling.
-d ........ --dumb
Dumb terminal.
-D xx_c_o_l_o_r . --color=xx_c_o_l_o_r
Set screen colors.
-e -E .... --quit-at-eof --QUIT-AT-EOF
Quit at end of file.
-f ........ --force
Force open non-regular files.
-F ........ --quit-if-one-screen
Quit if entire file fits on first screen.
-g ........ --hilite-search
Highlight only last match for searches.
-G ........ --HILITE-SEARCH
Don't highlight any matches for searches.
-h [_N] .... --max-back-scroll=[_N]
Backward scroll limit.
-i ........ --ignore-case
Ignore case in searches that do not contain uppercase.
-I ........ --IGNORE-CASE
Ignore case in all searches.
-j [_N] .... --jump-target=[_N]
Screen position of target lines.
-J ........ --status-column
Display a status column at left edge of screen.
-k _f_i_l_e ... --lesskey-file=_f_i_l_e
Use a compiled lesskey file.
-K ........ --quit-on-intr
Exit less in response to ctrl-C.
-L ........ --no-lessopen
Ignore the LESSOPEN environment variable.
-m -M .... --long-prompt --LONG-PROMPT
Set prompt style.
-n ......... --line-numbers
Suppress line numbers in prompts and messages.
-N ......... --LINE-NUMBERS
Display line number at start of each line.
-o [_f_i_l_e] .. --log-file=[_f_i_l_e]
Copy to log file (standard input only).
-O [_f_i_l_e] .. --LOG-FILE=[_f_i_l_e]
Copy to log file (unconditionally overwrite).
-p _p_a_t_t_e_r_n . --pattern=[_p_a_t_t_e_r_n]
Start at pattern (from command line).
-P [_p_r_o_m_p_t] --prompt=[_p_r_o_m_p_t]
Define new prompt.
-q -Q .... --quiet --QUIET --silent --SILENT
Quiet the terminal bell.
-r -R .... --raw-control-chars --RAW-CONTROL-CHARS
Output "raw" control characters.
-s ........ --squeeze-blank-lines
Squeeze multiple blank lines.
-S ........ --chop-long-lines
Chop (truncate) long lines rather than wrapping.
-t _t_a_g .... --tag=[_t_a_g]
Find a tag.
-T [_t_a_g_s_f_i_l_e] --tag-file=[_t_a_g_s_f_i_l_e]
Use an alternate tags file.
-u -U .... --underline-special --UNDERLINE-SPECIAL
Change handling of backspaces, tabs and carriage returns.
-V ........ --version
Display the version number of "less".
-w ........ --hilite-unread
Highlight first new line after forward-screen.
-W ........ --HILITE-UNREAD
Highlight first new line after any forward movement.
-x [_N[,...]] --tabs=[_N[,...]]
Set tab stops.
-X ........ --no-init
Don't use termcap init/deinit strings.
-y [_N] .... --max-forw-scroll=[_N]
Forward scroll limit.
-z [_N] .... --window=[_N]
Set size of window.
-" [_c[_c]] . --quotes=[_c[_c]]
Set shell quote characters.
-~ ........ --tilde
Don't display tildes after end of file.
-# [_N] .... --shift=[_N]
Set horizontal scroll amount (0 = one half screen width).
--exit-follow-on-close
Exit F command on a pipe when writer closes pipe.
--file-size
Automatically determine the size of the input file.
--follow-name
The F command changes files if the input file is renamed.
--form-feed
Stop scrolling when a form feed character is reached.
--header=[_L[,_C[,_N]]]
Use _L lines (starting at line _N) and _C columns as headers.
--incsearch
Search file as each pattern character is typed in.
--intr=[_C]
Use _C instead of ^X to interrupt a read.
--lesskey-context=_t_e_x_t
Use lesskey source file contents.
--lesskey-src=_f_i_l_e
Use a lesskey source file.
--line-num-width=[_N]
Set the width of the -N line number field to _N characters.
--match-shift=[_N]
Show at least _N characters to the left of a search match.
--modelines=[_N]
Read _N lines from the input file and look for vim modelines.
--mouse
Enable mouse input.
--no-edit-warn
Don't warn when using v command on a file opened via LESSOPEN.
--no-keypad
Don't send termcap keypad init/deinit strings.
--no-histdups
Remove duplicates from command history.
--no-number-headers
Don't give line numbers to header lines.
--no-paste
Ignore pasted input.
--no-search-header-lines
Searches do not include header lines.
--no-search-header-columns
Searches do not include header columns.
--no-search-headers
Searches do not include header lines or columns.
--no-vbell
Disable the terminal's visual bell.
--redraw-on-quit
Redraw final screen when quitting.
--rscroll=[_C]
Set the character used to mark truncated lines.
--save-marks
Retain marks across invocations of less.
--search-options=[EFKNRW-]
Set default options for every search.
--show-preproc-errors
Display a message if preprocessor exits with an error status.
--proc-backspace
Process backspaces for bold/underline.
--PROC-BACKSPACE
Treat backspaces as control characters.
--proc-return
Delete carriage returns before newline.
--PROC-RETURN
Treat carriage returns as control characters.
--proc-tab
Expand tabs to spaces.
--PROC-TAB
Treat tabs as control characters.
--status-col-width=[_N]
Set the width of the -J status column to _N characters.
--status-line
Highlight or color the entire line containing a mark.
--use-backslash
Subsequent options use backslash as escape char.
--use-color
Enables colored text.
--wheel-lines=[_N]
Each click of the mouse wheel moves _N lines.
--wordwrap
Wrap lines at spaces.
---------------------------------------------------------------------------
LLIINNEE EEDDIITTIINNGG
These keys can be used to edit text being entered
on the "command line" at the bottom of the screen.
RightArrow ..................... ESC-l ... Move cursor right one character.
LeftArrow ...................... ESC-h ... Move cursor left one character.
ctrl-RightArrow ESC-RightArrow ESC-w ... Move cursor right one word.
ctrl-LeftArrow ESC-LeftArrow ESC-b ... Move cursor left one word.
HOME ........................... ESC-0 ... Move cursor to start of line.
END ............................ ESC-$ ... Move cursor to end of line.
BACKSPACE ................................ Delete char to left of cursor.
DELETE ......................... ESC-x ... Delete char under cursor.
ctrl-BACKSPACE ESC-BACKSPACE ........... Delete word to left of cursor.
ctrl-DELETE .... ESC-DELETE .... ESC-X ... Delete word under cursor.
ctrl-U ......... ESC (MS-DOS only) ....... Delete entire line.
UpArrow ........................ ESC-k ... Retrieve previous command line.
DownArrow ...................... ESC-j ... Retrieve next command line.
TAB ...................................... Complete filename & cycle.
SHIFT-TAB ...................... ESC-TAB Complete filename & reverse cycle.
ctrl-L ................................... Complete filename, list all.