From b6eb5c055da8494b64a18fe3cd0c4d307db13c39 Mon Sep 17 00:00:00 2001 From: EdibleRope Date: Sat, 16 May 2026 10:59:35 +0100 Subject: [PATCH] services: add code-server web IDE at code.nordhammer.it Deploys code-server on FredOS-Mediaserver (port 4444, user fred) with Authelia one_factor auth and nginx reverse proxy. Includes claude-code in system packages for use in the integrated terminal. Also fixes anyrun launcher width to absolute 350px (was a tiny fraction). Co-Authored-By: Claude Sonnet 4.6 --- common.nix | 1 + services/authelia.nix | 1 + services/code-server.nix | 26 ++++++++++++++++++++++++++ services/nginx.nix | 1 + settings/hyprland.nix | 2 +- 5 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 services/code-server.nix diff --git a/common.nix b/common.nix index 8d294d7..f42c0b7 100644 --- a/common.nix +++ b/common.nix @@ -40,6 +40,7 @@ ./services/crowdsec.nix ./services/sabnzbd.nix ./services/forgejo-runner.nix + ./services/code-server.nix ]; ### Make build time quicker diff --git a/services/authelia.nix b/services/authelia.nix index a069823..c3ca6ce 100644 --- a/services/authelia.nix +++ b/services/authelia.nix @@ -81,6 +81,7 @@ in { domain = "torrent.nordhammer.it"; policy = "one_factor"; } { domain = "profilarr.nordhammer.it"; policy = "one_factor"; } { domain = "sabnzbd.nordhammer.it"; policy = "one_factor"; } + { domain = "code.nordhammer.it"; policy = "one_factor"; } ]; }; diff --git a/services/code-server.nix b/services/code-server.nix new file mode 100644 index 0000000..21df879 --- /dev/null +++ b/services/code-server.nix @@ -0,0 +1,26 @@ +# services/code-server.nix — Web IDE at code.nordhammer.it, protected by Authelia. +# +# Run as fred so it has access to ~/nixos-config and the rest of the home dir. +# Auth is handled entirely by Authelia (auth = "none" disables code-server's own +# password gate). After deploy, install the Claude extension from a terminal: +# code-server --install-extension anthropic.claude-code +# and set ANTHROPIC_API_KEY in ~/.config/code-server/env or via a shell profile. +{ config, pkgs, lib, ... }: +{ + config = lib.mkIf (config.networking.hostName == "FredOS-Mediaserver") { + services.code-server = { + enable = true; + host = "127.0.0.1"; + port = 4444; + auth = "none"; + user = "fred"; + extraArguments = [ + "--disable-telemetry" + "--disable-update-check" + ]; + }; + + # Make the claude CLI available in code-server's integrated terminal. + environment.systemPackages = [ pkgs.claude-code ]; + }; +} diff --git a/services/nginx.nix b/services/nginx.nix index 42c8980..2c5e018 100644 --- a/services/nginx.nix +++ b/services/nginx.nix @@ -114,6 +114,7 @@ in "adguard.nordhammer.it" = protectedProxy 3000; "profilarr.nordhammer.it" = protectedProxy 6868; "sabnzbd.nordhammer.it" = protectedProxy 8085; + "code.nordhammer.it" = protectedProxy 4444; # --- Local-only: serves update history JSON to Homepage's customapi widget --- "homepage-updates.local" = { diff --git a/settings/hyprland.nix b/settings/hyprland.nix index c202b63..597f490 100644 --- a/settings/hyprland.nix +++ b/settings/hyprland.nix @@ -326,7 +326,7 @@ in plugins = [ "${pkgs.anyrun}/lib/libapplications.so" ]; x.fraction = 0.5; y.fraction = 0.25; - width.fraction = 0.1; + width.absolute = 350; height.absolute = 0; margin = 16; hideIcons = false;