RoastedCheese/niksos
1
0
Fork 0
forked from poz/niksos
Code Pull requests Activity

tabwidth from 2sp to 4sp; remove jirafaeu cause broken; add memos which hopefully will work first try so I can go sleep

Browse source
This commit is contained in:
jacekpoz 2023-07-15 23:41:03 +02:00
parent e8aa151982
commit 891d0b384f
6 changed files with 127 additions and 115 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
hosts/chmura/conduit.nix
View file

@ -4,29 +4,29 @@
inputs,
...
}: {
services.matrix-conduit = {
enable = true;
services.matrix-conduit = {
enable = true;
package = inputs.conduit.packages.${pkgs.system}.default;
package = inputs.conduit.packages.${pkgs.system}.default;
settings.global = {
server_name = "jacekpoz.pl";
database_backend = "rocksdb";
port = 6167;
allow_registration = true;
settings.global = {
server_name = "jacekpoz.pl";
database_backend = "rocksdb";
port = 6167;
allow_registration = true;
};
};
};
services.caddy = {
enable = true;
virtualHosts."m.jacekpoz.pl".extraConfig = ''
reverse_proxy /_matrix/* localhost:6167
'';
virtualHosts."jacekpoz.pl:8448".extraConfig = ''
reverse_proxy /_matrix/* localhost:6167
'';
};
services.caddy = {
enable = true;
virtualHosts."m.jacekpoz.pl".extraConfig = ''
reverse_proxy /_matrix/* localhost:6167
'';
virtualHosts."jacekpoz.pl:8448".extraConfig = ''
reverse_proxy /_matrix/* localhost:6167
'';
};
networking.firewall.allowedTCPPorts = [ 80 443 8448 ];
networking.firewall.allowedUDPPorts = [ 80 443 8448 ];
networking.firewall.allowedTCPPorts = [ 80 443 8448 ];
networking.firewall.allowedUDPPorts = [ 80 443 8448 ];
}

120
hosts/chmura/configuration.nix
View file

@ -1,70 +1,76 @@
{
config,
pkgs,
inputs,
...
config,
pkgs,
inputs,
...
}: {
# fuck broadcom
nixpkgs.config.allowUnfree = true;
# fuck broadcom
nixpkgs.config.allowUnfree = true;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
time.timeZone = "Europe/Warsaw";
time.timeZone = "Europe/Warsaw";
nix.settings = {
experimental-features = [
"flakes"
"nix-command"
];
};
programs.zsh.enable = true;
users.users.chmura = {
isNormalUser = true;
extraGroups = ["wheel"];
shell = pkgs.zsh;
packages = with pkgs; [
curl
neovim
neofetch
git
wireguard-tools
ntfy
];
};
environment = {
shells = with pkgs; [zsh];
pathsToLink = [ "/share/zsh" ];
sessionVariables = {
EDITOR = "nvim";
nix.settings = {
experimental-features = [
"flakes"
"nix-command"
];
};
};
services.openssh = {
enable = true;
settings.PasswordAuthentication = true;
};
programs.zsh.enable = true;
services.caddy = {
enable = true;
virtualHosts."trollface.pl".extraConfig = ''
@discord {
header_regexp User-Agent (?i)(Discord)
path /
}
users.users.chmura = {
isNormalUser = true;
extraGroups = ["wheel"];
shell = pkgs.zsh;
packages = with pkgs; [
curl
neovim
neofetch
git
wireguard-tools
ntfy
];
};
rewrite @discord /trollface.png
environment = {
shells = with pkgs; [zsh];
pathsToLink = [ "/share/zsh" ];
sessionVariables = {
EDITOR = "nvim";
};
};
root * ${./trollface.pl}
file_server
'';
};
services.openssh = {
enable = true;
settings.PasswordAuthentication = true;
};
networking.firewall.allowedTCPPorts = [ 80 443 22 ];
services.caddy = {
enable = true;
virtualHosts."trollface.pl".extraConfig = ''
@discord {
header_regexp User-Agent (?i)(Discord)
path /
}
system.stateVersion = "23.11";
rewrite @discord /trollface.png
root * ${./trollface.pl}
file_server
'';
};
virtualisation.podman = {
enable = true;
dockerCompat = true;
oci-containers.backend = "podman";
};
networking.firewall.allowedTCPPorts = [ 80 443 22 ];
system.stateVersion = "23.11";
}

2
hosts/chmura/default.nix
View file

@ -4,6 +4,6 @@ _: {
./configuration.nix
./grafana.nix
./hardware-configuration.nix
./jirafeau.nix
./memos.nix
];
}

32
hosts/chmura/grafana.nix
View file

@ -4,23 +4,23 @@
inputs,
...
}: {
services.grafana = {
enable = true;
settings.server = {
http_addr = "127.0.0.1";
http_port = 3000;
domain = "jacekpoz.pl";
root_url = "https://d.jacekpoz.pl";
services.grafana = {
enable = true;
settings.server = {
http_addr = "127.0.0.1";
http_port = 3000;
domain = "jacekpoz.pl";
root_url = "https://d.jacekpoz.pl";
};
};
};
services.caddy = {
enable = true;
virtualHosts."d.jacekpoz.pl".extraConfig = ''
reverse_proxy * localhost:3000
'';
};
services.caddy = {
enable = true;
virtualHosts."d.jacekpoz.pl".extraConfig = ''
reverse_proxy * localhost:3000
'';
};
networking.firewall.allowedTCPPorts = [ 3000 ];
networking.firewall.allowedUDPPorts = [ 3000 ];
networking.firewall.allowedTCPPorts = [ 3000 ];
networking.firewall.allowedUDPPorts = [ 3000 ];
}

21
hosts/chmura/jirafeau.nix
View file

@ -1,21 +0,0 @@
{
config,
pkgs,
inputs,
...
}: {
services.jirafeau = {
enable = true;
dataDir = "/var/jirafeau/files";
};
services.caddy = {
enable = true;
virtualHosts."jacekpoz.pl".extraConfig = ''
reverse_proxy /files/* localhost:7356
'';
};
networking.firewall.allowedTCPPorts = [ 7356 ];
networking.firewall.allowedUDPPorts = [ 7356 ];
}

27
hosts/chmura/memos.nix Normal file
View file

@ -0,0 +1,27 @@
{
config,
pkgs,
inputs,
...
}: {
virtualisation.oci-containers.containers = {
memos = {
image = "ghcr.io/usememos/memos:latest";
ports = [ "127.0.0.1:5230:5230" ];
volumes = [ "/var/opt/memos:/var/opt/memos" ];
cmd = [
"--name memos"
];
};
};
services.caddy = {
enable = true;
virtualHosts."n.jacekpoz.pl".extraConfig = ''
reverse_proxy * localhost:5230
'';
};
networking.firewall.allowedTCPPorts = [ 5230 ];
networking.firewall.allowedUDPPorts = [ 5230 ];
}