mirror of
https://github.com/nmasur/dotfiles
synced 2024-11-22 19:15:37 +00:00
update flame, cleanup host config file
This commit is contained in:
parent
e8f4ee52c3
commit
605824c1a4
@ -12,30 +12,48 @@ nixpkgs.lib.nixosSystem {
|
|||||||
system = "aarch64-linux";
|
system = "aarch64-linux";
|
||||||
specialArgs = { };
|
specialArgs = { };
|
||||||
modules = [
|
modules = [
|
||||||
./hardware-configuration.nix
|
(removeAttrs globals [ "mail.server" ])
|
||||||
|
home-manager.nixosModules.home-manager
|
||||||
../../modules/common
|
../../modules/common
|
||||||
../../modules/nixos
|
../../modules/nixos
|
||||||
(removeAttrs globals [ "mail.server" ])
|
|
||||||
wsl.nixosModules.wsl
|
|
||||||
home-manager.nixosModules.home-manager
|
|
||||||
{
|
{
|
||||||
|
nixpkgs.overlays = overlays;
|
||||||
|
|
||||||
|
# Hardware
|
||||||
server = true;
|
server = true;
|
||||||
|
networking.hostName = "flame";
|
||||||
|
|
||||||
|
imports = [ (nixpkgs + "/nixos/modules/profiles/qemu-guest.nix") ];
|
||||||
|
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
|
||||||
|
|
||||||
|
fileSystems."/" = {
|
||||||
|
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" = {
|
||||||
|
device = "/dev/disk/by-uuid/D5CA-237A";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
# Theming
|
||||||
gui.enable = false;
|
gui.enable = false;
|
||||||
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
theme = { colors = (import ../../colorscheme/gruvbox).dark; };
|
||||||
nixpkgs.overlays = overlays;
|
|
||||||
wsl.enable = false;
|
|
||||||
caddy.enable = true;
|
|
||||||
|
|
||||||
# FQDNs for various services
|
|
||||||
networking.hostName = "flame";
|
|
||||||
metricsServer = "metrics.masu.rs";
|
|
||||||
vaultwardenServer = "vault.masu.rs";
|
|
||||||
giteaServer = "git.masu.rs";
|
|
||||||
|
|
||||||
# Disable passwords, only use SSH key
|
# Disable passwords, only use SSH key
|
||||||
publicKey =
|
publicKey =
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
|
||||||
|
|
||||||
|
# Programs and services
|
||||||
|
caddy.enable = true;
|
||||||
|
cloudflare.enable = true; # Proxy traffic with Cloudflare
|
||||||
|
dotfiles.enable = true; # Clone dotfiles
|
||||||
|
gaming.minecraft-server.enable = true; # Setup Minecraft server
|
||||||
|
giteaServer = "git.masu.rs";
|
||||||
|
metricsServer = "metrics.masu.rs";
|
||||||
|
neovim.enable = true;
|
||||||
|
vaultwardenServer = "vault.masu.rs";
|
||||||
|
|
||||||
# Nextcloud backup config
|
# Nextcloud backup config
|
||||||
backup.s3 = {
|
backup.s3 = {
|
||||||
endpoint = "s3.us-west-002.backblazeb2.com";
|
endpoint = "s3.us-west-002.backblazeb2.com";
|
||||||
@ -78,17 +96,6 @@ nixpkgs.lib.nixosSystem {
|
|||||||
# # Grant access to Transmission directories from Jellyfin
|
# # Grant access to Transmission directories from Jellyfin
|
||||||
# users.users.jellyfin.extraGroups = [ "transmission" ];
|
# users.users.jellyfin.extraGroups = [ "transmission" ];
|
||||||
|
|
||||||
# Proxy traffic with Cloudflare
|
|
||||||
cloudflare.enable = true;
|
|
||||||
|
|
||||||
# Setup Minecraft server
|
|
||||||
gaming.minecraft-server.enable = true;
|
|
||||||
|
|
||||||
# Clone dotfiles
|
|
||||||
dotfiles.enable = true;
|
|
||||||
|
|
||||||
neovim.enable = true;
|
|
||||||
|
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
@ -1,34 +0,0 @@
|
|||||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
|
||||||
# and may be overwritten by future invocations. Please make changes
|
|
||||||
# to /etc/nixos/configuration.nix instead.
|
|
||||||
{ lib, modulesPath, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_pci" "usbhid" ];
|
|
||||||
boot.initrd.kernelModules = [ ];
|
|
||||||
boot.kernelModules = [ ];
|
|
||||||
boot.extraModulePackages = [ ];
|
|
||||||
|
|
||||||
fileSystems."/" = {
|
|
||||||
device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems."/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/D5CA-237A";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [ ];
|
|
||||||
|
|
||||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
|
||||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
|
||||||
# still possible to use this option, but it's recommended to use it in conjunction
|
|
||||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
|
||||||
}
|
|
@ -16,7 +16,7 @@ in {
|
|||||||
|
|
||||||
options.cloudflareTunnel.enable = lib.mkEnableOption "Use Cloudflare Tunnel";
|
options.cloudflareTunnel.enable = lib.mkEnableOption "Use Cloudflare Tunnel";
|
||||||
|
|
||||||
config = lib.mkIf config.cloudflare.enable {
|
config = lib.mkIf config.cloudflareTunnel.enable {
|
||||||
|
|
||||||
services.cloudflared = {
|
services.cloudflared = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -17,9 +17,6 @@ in {
|
|||||||
config = lib.mkIf (config.giteaServer != null) {
|
config = lib.mkIf (config.giteaServer != null) {
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = true;
|
enable = true;
|
||||||
httpPort = 3001;
|
|
||||||
httpAddress = "127.0.0.1";
|
|
||||||
rootUrl = "https://${config.giteaServer}/";
|
|
||||||
database.type = "sqlite3";
|
database.type = "sqlite3";
|
||||||
settings = {
|
settings = {
|
||||||
repository = {
|
repository = {
|
||||||
@ -31,6 +28,9 @@ in {
|
|||||||
DEFAULT_BRANCH = "main";
|
DEFAULT_BRANCH = "main";
|
||||||
};
|
};
|
||||||
server = {
|
server = {
|
||||||
|
HTTP_PORT = 3001;
|
||||||
|
HTTP_ADDRESS = "127.0.0.1";
|
||||||
|
ROOT_URL = "https://${config.giteaServer}/";
|
||||||
SSH_PORT = 22;
|
SSH_PORT = 22;
|
||||||
START_SSH_SERVER = false; # Use sshd instead
|
START_SSH_SERVER = false; # Use sshd instead
|
||||||
DISABLE_SSH = false;
|
DISABLE_SSH = false;
|
||||||
@ -59,10 +59,8 @@ in {
|
|||||||
# Open to groups, allowing for backups
|
# Open to groups, allowing for backups
|
||||||
systemd.services.gitea.serviceConfig.StateDirectoryMode =
|
systemd.services.gitea.serviceConfig.StateDirectoryMode =
|
||||||
lib.mkForce "0770";
|
lib.mkForce "0770";
|
||||||
systemd.tmpfiles.rules = [
|
systemd.tmpfiles.rules =
|
||||||
"d ${giteaPath}/data 0775 gitea gitea"
|
[ "f ${giteaPath}/data/gitea.db 0660 gitea gitea" ];
|
||||||
"f ${giteaPath}/data/gitea.db 0660 gitea gitea"
|
|
||||||
];
|
|
||||||
|
|
||||||
# Allow litestream and gitea to share a sqlite database
|
# Allow litestream and gitea to share a sqlite database
|
||||||
users.users.litestream.extraGroups = [ "gitea" ];
|
users.users.litestream.extraGroups = [ "gitea" ];
|
||||||
|
Loading…
Reference in New Issue
Block a user