derped/nixos
1
0
Fork 0
Code Releases Activity

Format project using nixfmt rfc candidate.

Browse source
This commit is contained in:
Kevin Baensch 2024-11-20 20:32:38 +01:00
parent 1f63817684
commit a9f7fe416f
Signed by: derped
GPG key ID: C0F1D326C7626543
91 changed files with 1347 additions and 1000 deletions
Download patch file Download diff file Expand all files Collapse all files

17
machines/Ophanim/hardware-configuration.nix
View file

@ -2,16 +2,23 @@
nixpkgs,
pkgs,
...
}: {
}:
{
imports = [
"${nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
];
boot = {
initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sd_mod" "sr_mod"];
initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"sd_mod"
"sr_mod"
];
kernelPackages = pkgs.linuxPackages_latest;
kernelModules = [];
extraModulePackages = [];
kernelModules = [ ];
extraModulePackages = [ ];
loader.grub = {
enable = true;
device = "/dev/sda"; # or "nodev" for efi only
@ -25,5 +32,5 @@
fsType = "ext4";
};
swapDevices = [];
swapDevices = [ ];
}

78
machines/Ophanim/options.nix
View file

@ -3,9 +3,11 @@
lib,
...
}:
with lib; let
with lib;
let
cfg = config.machine;
in {
in
{
config.machine = rec {
hostName = "Ophanim";
domain = "ophanim.de";
@ -18,7 +20,10 @@ in {
mailAccounts = [
{
name = "derped";
aliases = ["postmaster" "baensch"];
aliases = [
"postmaster"
"baensch"
];
}
];
allowUnfree = true;
@ -42,37 +47,48 @@ in {
"nginx"
"openssh"
];
vHosts = let
base = domain;
in [
{
domain = base;
service = "simple";
}
# { domain = "builder.${base}"; service = "hydra"; }
# { domain = "cache.${base}"; service = "cache"; }
{
domain = "storage.${base}";
service = "nextcloud";
}
{
domain = "mail.${base}";
service = "mail";
}
{
domain = "git.${base}";
service = "forgejo";
}
{
domain = "food.${base}";
service = "tandoor";
}
];
vHosts =
let
base = domain;
in
[
{
domain = base;
service = "simple";
}
# { domain = "builder.${base}"; service = "hydra"; }
# { domain = "cache.${base}"; service = "cache"; }
{
domain = "storage.${base}";
service = "nextcloud";
}
{
domain = "mail.${base}";
service = "mail";
}
{
domain = "git.${base}";
service = "forgejo";
}
{
domain = "food.${base}";
service = "tandoor";
}
];
firewall = {
enable = true;
allowPing = false;
allowedUDPPorts = [22 80 443 7776];
allowedTCPPorts = [80 443 7776];
allowedUDPPorts = [
22
80
443
7776
];
allowedTCPPorts = [
80
443
7776
];
};
};
}

3
machines/Ophanim/sops.nix
View file

@ -2,7 +2,8 @@
config,
lib,
...
}: {
}:
{
sops = {
defaultSopsFile = ./secrets.yaml;
age = {