diff --git a/home-manager/home.nix b/home-manager/home.nix index 3575825..e999d74 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -109,6 +109,7 @@ in unstablePkgs.qwen-code unstablePkgs.tauon discord + poweralertd ]; programs.ghostty = { diff --git a/home-manager/hyprland.nix b/home-manager/hyprland.nix index ef618e0..a3d231d 100644 --- a/home-manager/hyprland.nix +++ b/home-manager/hyprland.nix @@ -47,6 +47,7 @@ "systemctl --user import-environment WAYLAND_DISPLAY XDG_CURRENT_DESKTOP" "swww init &" "waybar &" + "poweralertd &" # Stylix will manage the wallpaper # "swww img /home/death916/Pictures/wallpapers/jameswebb1.jpg &" "dunst &" diff --git a/home-manager/waybar.nix b/home-manager/waybar.nix index 404fd51..4039398 100644 --- a/home-manager/waybar.nix +++ b/home-manager/waybar.nix @@ -125,6 +125,10 @@ }; "battery" = { + states = { + warning = 30; + critical = 15; + }; format = "{icon} {capacity}%"; format-charging = " {capacity}%"; format-plugged = " {capacity}%"; diff --git a/modules/containers/docker/piefed/piefed-docker.nix b/modules/containers/docker/piefed/piefed-docker.nix new file mode 100644 index 0000000..b91cc7b --- /dev/null +++ b/modules/containers/docker/piefed/piefed-docker.nix @@ -0,0 +1,220 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + # 1. Fetch the PieFed Source Code + piefedAppSrc = pkgs.fetchFromGitea { + domain = "codeberg.org"; + owner = "rimu"; + repo = "pyfedi"; + rev = "v1.5.x"; # Replace with target release branch (e.g., v1.5.x or main) + hash = lib.fakeHash; # NOTE: Replace this after the first failed build! + }; + + # 2. Define the Python Environment natively + # (If PieFed adds new dependencies in the future, add them here) + pythonEnv = pkgs.python3.withPackages ( + ps: with ps; [ + flask + gunicorn + celery + psycopg2 + redis + requests + python-dotenv + authlib + beautifulsoup4 + pillow + flask-migrate + flask-sqlalchemy + ] + ); + + # 3. Build the Layered Docker Image purely in Nix + piefedImage = pkgs.dockerTools.buildLayeredImage { + name = "piefed"; + tag = "nix-latest"; + contents = [ + pythonEnv + pkgs.bash + pkgs.coreutils + pkgs.findutils + pkgs.curl + ]; + + extraCommands = '' + mkdir -p app + cp -r ${piefedAppSrc}/* app/ + chmod -R +w app/ # Ensure app directory is writable for setup scripts + ''; + + config = { + Cmd = [ + "${pythonEnv}/bin/gunicorn" + "-w" + "4" + "-b" + "0.0.0.0:5000" + "pyfedi:app" + ]; + WorkingDir = "/app"; + Env = [ + "FLASK_APP=pyfedi.py" + "PYTHONUNBUFFERED=1" + ]; + }; + }; + +in +{ + # Enable the Docker OCI backend + virtualisation.oci-containers.backend = "docker"; + + # Ensure the host directories exist for persistent state & secrets + systemd.tmpfiles.rules = [ + "d /var/lib/piefed 0755 root root -" + "d /var/lib/piefed/pgdata 0700 root root -" + "d /var/lib/piefed/redis 0700 root root -" + "d /var/lib/piefed/media 0755 root root -" + "d /var/lib/piefed/logs 0755 root root -" + "d /var/lib/piefed/tmp 0755 root root -" + ]; + + # Create a custom Docker network so containers can resolve each other by name + # (Requires for POSTGRES_HOST=piefed-db to work) + systemd.services.docker-network-piefed = { + description = "Create Docker Network for PieFed"; + after = [ + "network.target" + "docker.service" + ]; + requires = [ "docker.service" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig.Type = "oneshot"; + script = '' + ${pkgs.docker}/bin/docker network inspect piefed-net >/dev/null 2>&1 || \ + ${pkgs.docker}/bin/docker network create piefed-net + ''; + }; + + # 4. Define the Container Architecture + virtualisation.oci-containers.containers = { + + # The Database Container + piefed-db = { + image = "postgres:15-alpine"; + environmentFiles = [ "/var/lib/piefed/.env.docker" ]; # SECRETS LOADED HERE + volumes = [ "/var/lib/piefed/pgdata:/var/lib/postgresql/data" ]; + extraOptions = [ "--network=piefed-net" ]; + }; + + # The Redis Container + piefed-redis = { + image = "redis:7-alpine"; + volumes = [ "/var/lib/piefed/redis:/data" ]; + extraOptions = [ "--network=piefed-net" ]; + }; + + # The Main Web App (built by Nix) + piefed-web = { + image = "piefed:nix-latest"; + imageFile = piefedImage; # Nix auto-loads the tarball into Docker! + ports = [ "8030:5000" ]; + environmentFiles = [ "/var/lib/piefed/.env.docker" ]; # SECRETS LOADED HERE + volumes = [ + "/var/lib/piefed/media:/app/media" + "/var/lib/piefed/logs:/app/logs" + "/var/lib/piefed/tmp:/app/tmp" + ]; + dependsOn = [ + "piefed-db" + "piefed-redis" + ]; + extraOptions = [ "--network=piefed-net" ]; + }; + + # The Celery Worker + piefed-worker = { + image = "piefed:nix-latest"; + cmd = [ + "${pythonEnv}/bin/celery" + "-A" + "pyfedi.celery" + "worker" + "-l" + "info" + ]; + environmentFiles = [ "/var/lib/piefed/.env.docker" ]; # SECRETS LOADED HERE + volumes = [ + "/var/lib/piefed/media:/app/media" + "/var/lib/piefed/logs:/app/logs" + "/var/lib/piefed/tmp:/app/tmp" + ]; + dependsOn = [ + "piefed-db" + "piefed-redis" + ]; + extraOptions = [ "--network=piefed-net" ]; + }; + }; + + # Make sure containers wait for the network to exist before starting + systemd.services."docker-piefed-db".requires = [ "docker-network-piefed.service" ]; + systemd.services."docker-piefed-redis".requires = [ "docker-network-piefed.service" ]; + systemd.services."docker-piefed-web".requires = [ "docker-network-piefed.service" ]; + systemd.services."docker-piefed-worker".requires = [ "docker-network-piefed.service" ]; + + # 5. Declarative Systemd Timers/Services (Replacing Cron) + + systemd.services.piefed-daily = { + script = "${pkgs.docker}/bin/docker exec piefed-web bash -c 'cd /app && ./daily.sh'"; + serviceConfig.Type = "oneshot"; + }; + systemd.timers.piefed-daily = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "*-*-* 02:05:00"; + Persistent = true; + }; + }; + + systemd.services.piefed-orphan-files = { + script = "${pkgs.docker}/bin/docker exec piefed-web bash -c 'cd /app && ./remove_orphan_files.sh'"; + serviceConfig.Type = "oneshot"; + }; + systemd.timers.piefed-orphan-files = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "Mon *-*-* 04:05:00"; + Persistent = true; + }; + }; + + systemd.services.piefed-email-notifs = { + script = "${pkgs.docker}/bin/docker exec piefed-web bash -c 'cd /app && ./email_notifs.sh'"; + serviceConfig.Type = "oneshot"; + }; + systemd.timers.piefed-email-notifs = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "*-*-* 00/6:01:00"; + Persistent = true; + }; + }; + + systemd.services.piefed-send-queue = { + script = "${pkgs.docker}/bin/docker exec piefed-web bash -c 'cd /app && ./send_queue.sh'"; + serviceConfig.Type = "oneshot"; + }; + systemd.timers.piefed-send-queue = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnCalendar = "*:0/5"; + Persistent = true; + }; + }; +} diff --git a/nixos/configuration.nix b/nixos/configuration.nix index ed867c0..b332996 100644 --- a/nixos/configuration.nix +++ b/nixos/configuration.nix @@ -60,6 +60,8 @@ }; }; + services.upower.enable = true; + system.stateVersion = "24.11"; stylix.image = "/home/death916/Documents/nix-config/home-manager/wallpaper.jpg";