derped/nixos
1
0
Fork 0
Code Releases Activity

Format the entire project.

Browse source
This commit is contained in:
Kevin Baensch 2023-09-11 20:23:04 +02:00
parent 1dc50ae17d
commit 6f9db5e3a4
Signed by: derped
GPG key ID: C0F1D326C7626543
115 changed files with 3451 additions and 2901 deletions
Download patch file Download diff file Expand all files Collapse all files

15
machines/Ophanim/configuration.nix
View file

@ -1,17 +1,16 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
system.autoUpgrade.enable = false;
# services.vsftp = {
# enable = true;
# ssl_sslv3 = true;
# forceLocalDataSSL = true;
# writeEnable = false;
# userlist = [];
# };
# services.vsftp = {
# enable = true;
# ssl_sslv3 = true;
# forceLocalDataSSL = true;
# writeEnable = false;
# userlist = [];
# };
services.haveged.enable = true;
programs.zsh.promptInit = ''PROMPT="%(!.%B%F{magenta}.%B%F{cyan}%n@)%m %F{blue}%(!.%1~.%~) ''${vcs_info_msg_0_}%F{blue}%(!.#.$)%k%b%f "'';

28
machines/Ophanim/hardware-configuration.nix
View file

@ -1,15 +1,17 @@
{ nixpkgs, pkgs, ... }:
{
imports =
[ "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
];
nixpkgs,
pkgs,
...
}: {
imports = [
"${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
];
boot = {
initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod" ];
initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod"];
kernelPackages = pkgs.linuxPackages_latest;
kernelModules = [ ];
extraModulePackages = [ ];
kernelModules = [];
extraModulePackages = [];
loader.grub = {
enable = true;
device = "/dev/sda"; # or "nodev" for efi only
@ -18,10 +20,10 @@
time.timeZone = "Europe/Berlin";
fileSystems."/" =
{ device = "/dev/disk/by-uuid/fa0c2ff3-59f9-4c00-8153-c2c2ef0f0e84";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/fa0c2ff3-59f9-4c00-8153-c2c2ef0f0e84";
fsType = "ext4";
};
swapDevices = [ ];
swapDevices = [];
}

61
machines/Ophanim/options.nix
View file

@ -1,15 +1,26 @@
{ config, lib, ... }:
with lib;
let
{
config,
lib,
...
}:
with lib; let
cfg = config.machine;
in {
config.machine = rec {
hostName = "Ophanim";
domain = "ophanim.de";
administrators = [ { name = "derped"; id = 1337; } ];
mailAccounts = [ { name = "derped"; aliases = [ "postmaster" "baensch" ]; } ];
administrators = [
{
name = "derped";
id = 1337;
}
];
mailAccounts = [
{
name = "derped";
aliases = ["postmaster" "baensch"];
}
];
allowUnfree = true;
conffiles = [
"etcvars"
@ -23,26 +34,40 @@ in {
services = [
"acme"
"gitea"
# "hydra"
# "hydra"
"mailserver"
"mariaDB"
"nextcloud"
"nginx"
"openssh"
];
vHosts = (let base = domain; in [
{ domain = base; service = "simple"; }
# { domain = "builder.${base}"; service = "hydra"; }
# { domain = "cache.${base}"; service = "cache"; }
{ domain = "storage.${base}"; service = "nextcloud"; }
{ domain = "mail.${base}"; service = "mail"; }
{ domain = "git.${base}"; service = "gitea"; }
]);
vHosts = let
base = domain;
in [
{
domain = base;
service = "simple";
}
# { domain = "builder.${base}"; service = "hydra"; }
# { domain = "cache.${base}"; service = "cache"; }
{
domain = "storage.${base}";
service = "nextcloud";
}
{
domain = "mail.${base}";
service = "mail";
}
{
domain = "git.${base}";
service = "gitea";
}
];
firewall = {
enable = true;
allowPing = false;
allowedUDPPorts = [ 22 80 443 7776 ];
allowedTCPPorts = [ 80 443 7776 ];
allowedUDPPorts = [22 80 443 7776];
allowedTCPPorts = [80 443 7776];
};
};
}

6
machines/Ophanim/sops.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
sops = {
defaultSopsFile = ./secrets.yaml;
age = {