mirror of
https://github.com/nmasur/dotfiles
synced 2024-12-24 02:34:52 +00:00
update flame, cleanup host config file
This commit is contained in:
parent
e8f4ee52c3
commit
605824c1a4
@ -12,30 +12,48 @@ nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
specialArgs = { };
|
||||
modules = [
|
||||
./hardware-configuration.nix
|
||||
(removeAttrs globals [ "mail.server" ])
|
||||
home-manager.nixosModules.home-manager
|
||||
../../modules/common
|
||||
../../modules/nixos
|
||||
(removeAttrs globals [ "mail.server" ])
|
||||
wsl.nixosModules.wsl
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
nixpkgs.overlays = overlays;
|
||||
|
||||
# Hardware
|
||||
server = true;
|
||||
networking.hostName = "flame";
|
||||
|
||||
imports = [ (nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/D5CA-237A";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
# Theming
|
||||
gui.enable = false;
|
||||
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
||||
nixpkgs.overlays = overlays;
|
||||
wsl.enable = false;
|
||||
caddy.enable = true;
|
||||
|
||||
# FQDNs for various services
|
||||
networking.hostName = "flame";
|
||||
metricsServer = "metrics.masu.rs";
|
||||
vaultwardenServer = "vault.masu.rs";
|
||||
giteaServer = "git.masu.rs";
|
||||
|
||||
# Disable passwords, only use SSH key
|
||||
publicKey =
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
||||
|
||||
# Programs and services
|
||||
caddy.enable = true;
|
||||
cloudflare.enable = true; # Proxy traffic with Cloudflare
|
||||
dotfiles.enable = true; # Clone dotfiles
|
||||
gaming.minecraft-server.enable = true; # Setup Minecraft server
|
||||
giteaServer = "git.masu.rs";
|
||||
metricsServer = "metrics.masu.rs";
|
||||
neovim.enable = true;
|
||||
vaultwardenServer = "vault.masu.rs";
|
||||
|
||||
# Nextcloud backup config
|
||||
backup.s3 = {
|
||||
endpoint = "s3.us-west-002.backblazeb2.com";
|
||||
@ -78,17 +96,6 @@ nixpkgs.lib.nixosSystem {
|
||||
# # Grant access to Transmission directories from Jellyfin
|
||||
# users.users.jellyfin.extraGroups = [ "transmission" ];
|
||||
|
||||
# Proxy traffic with Cloudflare
|
||||
cloudflare.enable = true;
|
||||
|
||||
# Setup Minecraft server
|
||||
gaming.minecraft-server.enable = true;
|
||||
|
||||
# Clone dotfiles
|
||||
dotfiles.enable = true;
|
||||
|
||||
neovim.enable = true;
|
||||
|
||||
}
|
||||
];
|
||||
}
|
||||
|
@ -1,34 +0,0 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ lib, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/D5CA-237A";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
}
|
@ -16,7 +16,7 @@ in {
|
||||
|
||||
options.cloudflareTunnel.enable = lib.mkEnableOption "Use Cloudflare Tunnel";
|
||||
|
||||
config = lib.mkIf config.cloudflare.enable {
|
||||
config = lib.mkIf config.cloudflareTunnel.enable {
|
||||
|
||||
services.cloudflared = {
|
||||
enable = true;
|
||||
|
@ -17,9 +17,6 @@ in {
|
||||
config = lib.mkIf (config.giteaServer != null) {
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
httpPort = 3001;
|
||||
httpAddress = "127.0.0.1";
|
||||
rootUrl = "https://${config.giteaServer}/";
|
||||
database.type = "sqlite3";
|
||||
settings = {
|
||||
repository = {
|
||||
@ -31,6 +28,9 @@ in {
|
||||
DEFAULT_BRANCH = "main";
|
||||
};
|
||||
server = {
|
||||
HTTP_PORT = 3001;
|
||||
HTTP_ADDRESS = "127.0.0.1";
|
||||
ROOT_URL = "https://${config.giteaServer}/";
|
||||
SSH_PORT = 22;
|
||||
START_SSH_SERVER = false; # Use sshd instead
|
||||
DISABLE_SSH = false;
|
||||
@ -59,10 +59,8 @@ in {
|
||||
# Open to groups, allowing for backups
|
||||
systemd.services.gitea.serviceConfig.StateDirectoryMode =
|
||||
lib.mkForce "0770";
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${giteaPath}/data 0775 gitea gitea"
|
||||
"f ${giteaPath}/data/gitea.db 0660 gitea gitea"
|
||||
];
|
||||
systemd.tmpfiles.rules =
|
||||
[ "f ${giteaPath}/data/gitea.db 0660 gitea gitea" ];
|
||||
|
||||
# Allow litestream and gitea to share a sqlite database
|
||||
users.users.litestream.extraGroups = [ "gitea" ];
|
||||
|
Loading…
Reference in New Issue
Block a user