Smayzy/nix-config
1
1
Fork 0
Code Issues Pull Requests Actions Wiki Activity

add cyberchef and correct things in nixos containers
All checks were successful
nixos config pipeline / show-flake (push) Successful in 31s
Details
nixos config pipeline / deploy (push) Successful in 7s
Details

Browse Source
This commit is contained in:
smayzy 2025-08-30 20:27:24 +02:00
parent 325a193a38
commit 9037f01470
8 changed files with 100 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
hosts/desktop1/configuration.nix
View File

@ -20,6 +20,21 @@
hyprland.enable = true;
kde.enable = true;
docker.enable = true;
containers = {
nixos = {
};
docker = {
cyberchef = {
enable = true;
port = 6900;
};
};
networking = {
bridge = "br0";
dns = [ "192.168.1.202" ];
gateway = "192.168.1.254";
};
};
};
home-manager = {

29
hosts/server1/configuration.nix
View File

@ -15,16 +15,29 @@
smayzy = {
server.enable = true;
containers.nixos= {
httpd = {
enable = true;
containers = {
networking = {
bridge = "br0";
ip = "192.168.1.201/24";
dns = [ "192.168.1.202" ];
gateway = "192.168.1.254";
};
unbound = {
enable = true;
bridge = "br0";
ip = "192.168.1.202/24";
nixos = {
httpd = {
enable = true;
bridge = "br0";
ip = "192.168.1.201/24";
};
unbound = {
enable = true;
bridge = "br0";
ip = "192.168.1.202/24";
};
};
docker = {
cyberchef = {
enable = true;
port = 6900;
};
};
};
};

2
modules/nix/containers/default.nix
View File

@ -2,6 +2,8 @@
{
imports = [
./nixos
./nixos.nix
./docker
./docker.nix
];
}

27
modules/nix/containers/docker/cyberchef.nix Normal file
View File

@ -0,0 +1,27 @@
{ lib, config, ... }:
let
inherit (lib) mkIf mkOption types;
cfg = config.smayzy.containers.docker.cyberchef;
in
{
options.smayzy.containers.docker.cyberchef = {
enable = mkOption {
type = types.bool;
default = false;
description = "cyberchef docker ct";
};
port = mkOption {
type = types.int;
default = 80;
description = "cyberchef's port";
};
};
config = mkIf cfg.enable {
virtualisation.oci-containers.containers = {
cyberchef = {
image = "ghcr.io/gchq/cyberchef";
ports = [ "${toString cfg.port}:80" ];
};
};
};
}

6
modules/nix/containers/docker/default.nix Normal file
View File

@ -0,0 +1,6 @@
{ ... }:
{
imports = [
./cyberchef.nix
];
}

23
modules/nix/containers/nixos.nix Normal file
View File

@ -0,0 +1,23 @@
{
lib,
...
}:
let
inherit (lib) mkOption types;
in
{
options.smayzy.containers.networking = {
bridge = mkOption {
type = types.str;
description = "the bridge to use e.g. (br0)";
};
dns = mkOption {
type = types.listOf types.str;
description = "the dns servers to use e.g. [ 1.1.1.1 8.8.8.8 ]";
};
gateway = mkOption {
type = types.str;
description = "the gateway to use e.g. (10.10.10.255)";
};
};
}

3
modules/nix/containers/nixos/httpd.nix
View File

@ -2,6 +2,7 @@
let
inherit (lib) mkIf mkOption types;
cfg = config.smayzy.containers.nixos.httpd;
net = config.smayzy.containers.networking;
in
{
options.smayzy.containers.nixos.httpd = {
@ -32,6 +33,8 @@ in
services.httpd = {
enable = true;
};
networking.defaultGateway = net.gateway;
networking.nameservers = net.dns;
networking.firewall.allowedTCPPorts = [ 80 ];
};
};

3
modules/nix/containers/nixos/unbound.nix
View File

@ -2,6 +2,7 @@
let
inherit (lib) mkIf mkOption types;
cfg = config.smayzy.containers.nixos.unbound;
net = config.smayzy.containers.networking;
in
{
options.smayzy.containers.nixos.unbound = {
@ -61,6 +62,8 @@ in
};
};
};
networking.defaultGateway = net.gateway;
networking.nameservers = net.dns;
networking.firewall.allowedTCPPorts = [ 53 ];
networking.firewall.allowedUDPPorts = [ 53 ];
};