nix/hosts/rpi/default.nix

{ config, pkgs, ... }:
{
  config = {
    boot = {
      kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
      initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
      loader = {
        grub.enable = false;
        generic-extlinux-compatible.enable = true;
      };
    };

    fileSystems = {
      "/" = {
        device = "/dev/disk/by-label/NIXOS_SD";
        fsType = "ext4";
        options = [ "noatime" ];
      };
    };

    hardware.raspberry-pi."4" = {
      bluetooth.enable = false;
    };

    # todo: module for dis stuff (maybe)
    networking.firewall.allowedTCPPorts = [ 80 443 22 ];

    services.samba = {
      enable = true;
      openFirewall = true;
      shares = {
        media = {
          path = "/media";
          writeable = "yes";
          public = "yes";
          browsable = "yes";
          "create mask" = "0777";
          "directory mask" = "0777";
        };
      };
    };

    services.nginx = {
      enable = true;
      additionalModules = [ pkgs.nginxModules.fancyindex ];
      virtualHosts = {
        # media = {
        #   default = true;
        #   # addSSL = true;
        #   # enableACME = true;
        #   root = "/media";
        #   serverName = "_";
        #   locations = {
        #     "/" = {
        #       tryFiles = "$uri $uri/ =404";
        #       extraConfig = ''
        #         fancyindex on;
        #         fancyindex_name_length 256;
        #         fancyindex_exact_size off;
        #       '';
        #     };
        #   };
        # };
        stronnica = {
          default = true;
          # addSSL = true;
          enableACME = true;
          root = "/srv/http/stronnica";
          locations."~ \\.php$".extraConfig = ''
            fastcgi_pass  unix:${config.services.phpfpm.pools.mypool.socket};
            fastcgi_index index.php;
          '';
        };
      };
    };

    services.mysql = {
      enable = true;
      package = pkgs.mariadb;
    };

    services.phpfpm.pools.mypool = {
      user = "nobody";
      settings = {
        "pm" = "dynamic";
        "listen.owner" = config.services.nginx.user;
        "pm.max_children" = 5;
        "pm.start_servers" = 2;
        "pm.min_spare_servers" = 1;
        "pm.max_spare_servers" = 3;
        "pm.max_requests" = 500;
      };
    };

    security.acme = {
      acceptTerms = true;
      defaults.email = "krizej@protonmail.com";
    };

    chuj = {
      system = {
        user = "krizej";
        host = "rpi";
        platform = "aarch64-linux";
      };

      # home manger on a server xd
      home-manager.enable = true;

      stuff = {
        git.enable = true;
        vim.enable = true;
        ssh = {
          enable = true;
          authKeys = [
            "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXxtwm+YoSIXfT9OJtU3O/EHf1Lg4IwoLe0CO2/Oapl7efTNZO5qVCh7aG0T5Hy4RD5CmVpxZVei44NM1dpNf3c+5976eH1BKgMmklA4EwAVc3o259YfJoOowBvyzBqO4CZWJmuUUjZwaQ152gPh1iCVe8bcR25S7cCTRN/6qU+rGn2zsbkV/GKdtJmhS5OLic5iXMdL56B7+hqFdL5NxPcWpnaSilIPus2xhI4u29I/FrM8RcR3Uzkqyx385js5MqhkVP3SVc7V8hSKEO8LRzmBYuBKkBPW9gmCUHKyxhSxZOvcretUFB87W/P/HDw3I4tk4naQPiPnASj6NvqTRMuhErIvXd1w+3MEEsfnXLeyq7CIhO01+d3/JEl7br5HOLZO+64IjSWYY7N0a0zhMjf147yEJ+JBOwXzN6px7y2rLI9CLY6jMs+Ye63nl7ALqN9dLJiaqxOMqTxrSNdRqWEj+FnFTd6sTb5eOZH7yabF/EApwdV3TGRGEaaZGS/GE= krizej@krizej-pc"
          ];
        };
        fish = {
          enable = true;
          extraAliases = {
            "rebuild" = "sudo nixos-rebuild switch --flake ~/nix#rpi -v";
          };
        };
      };
    };
  };
}
rpi config attempt number 1 (one) 2024-08-10 01:03:29 +02:00			`{ config, pkgs, ... }:`
			`{`
			`config = {`
			`boot = {`
			`kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;`
			`initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];`
			`loader = {`
			`grub.enable = false;`
			`generic-extlinux-compatible.enable = true;`
			`};`
			`};`

			`fileSystems = {`
			`"/" = {`
			`device = "/dev/disk/by-label/NIXOS_SD";`
			`fsType = "ext4";`
			`options = [ "noatime" ];`
			`};`
			`};`

			`hardware.raspberry-pi."4" = {`
			`bluetooth.enable = false;`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00			`};`

			`# todo: module for dis stuff (maybe)`
i think we good 2024-08-10 13:27:11 +02:00			`networking.firewall.allowedTCPPorts = [ 80 443 22 ];`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00
			`services.samba = {`
			`enable = true;`
i think we good 2024-08-10 13:27:11 +02:00			`openFirewall = true;`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00			`shares = {`
			`media = {`
			`path = "/media";`
			`writeable = "yes";`
			`public = "yes";`
i think we good 2024-08-10 13:27:11 +02:00			`browsable = "yes";`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00			`"create mask" = "0777";`
			`"directory mask" = "0777";`
			`};`
			`};`
			`};`

			`services.nginx = {`
			`enable = true;`
			`additionalModules = [ pkgs.nginxModules.fancyindex ];`
try 2024-08-21 21:00:08 +02:00			`virtualHosts = {`
			`# media = {`
			`# default = true;`
			`# # addSSL = true;`
			`# # enableACME = true;`
			`# root = "/media";`
			`# serverName = "_";`
			`# locations = {`
			`# "/" = {`
			`# tryFiles = "$uri $uri/ =404";`
			`# extraConfig = ''`
			`# fancyindex on;`
			`# fancyindex_name_length 256;`
			`# fancyindex_exact_size off;`
			`# '';`
			`# };`
			`# };`
			`# };`
			`stronnica = {`
			`default = true;`
			`# addSSL = true;`
			`enableACME = true;`
			`root = "/srv/http/stronnica";`
			`locations."~ \\.php$".extraConfig = ''`
			`fastcgi_pass unix:${config.services.phpfpm.pools.mypool.socket};`
			`fastcgi_index index.php;`
			`'';`
			`};`
			`};`
			`};`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00
try 2024-08-21 21:00:08 +02:00			`services.mysql = {`
			`enable = true;`
			`package = pkgs.mariadb;`
			`};`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00
try 2024-08-21 21:00:08 +02:00			`services.phpfpm.pools.mypool = {`
			`user = "nobody";`
			`settings = {`
			`"pm" = "dynamic";`
			`"listen.owner" = config.services.nginx.user;`
			`"pm.max_children" = 5;`
			`"pm.start_servers" = 2;`
			`"pm.min_spare_servers" = 1;`
			`"pm.max_spare_servers" = 3;`
			`"pm.max_requests" = 500;`
rpi config attempt number 2 (two) 2024-08-10 01:58:03 +02:00			`};`
			`};`

try 2024-08-21 21:00:08 +02:00			`security.acme = {`
			`acceptTerms = true;`
			`defaults.email = "krizej@protonmail.com";`
			`};`
rpi config attempt number 1 (one) 2024-08-10 01:03:29 +02:00
			`chuj = {`
			`system = {`
			`user = "krizej";`
			`host = "rpi";`
			`platform = "aarch64-linux";`
			`};`

			`# home manger on a server xd`
			`home-manager.enable = true;`

			`stuff = {`
			`git.enable = true;`
			`vim.enable = true;`
			`ssh = {`
			`enable = true;`
			`authKeys = [`
			"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXxtwm+YoSIXfT9OJtU3O/EHf1Lg4IwoLe0CO2/Oapl7efTNZO5qVCh7aG0T5Hy4RD5CmVpxZVei44NM1dpNf3c+5976eH1BKgMmklA4EwAVc3o259YfJoOowBvyzBqO4CZWJmuUUjZwaQ152gPh1iCVe8bcR25S7cCTRN/6qU+rGn2zsbkV/GKdtJmhS5OLic5iXMdL56B7+hqFdL5NxPcWpnaSilIPus2xhI4u29I/FrM8RcR3Uzkqyx385js5MqhkVP3SVc7V8hSKEO8LRzmBYuBKkBPW9gmCUHKyxhSxZOvcretUFB87W/P/HDw3I4tk4naQPiPnASj6NvqTRMuhErIvXd1w+3MEEsfnXLeyq7CIhO01+d3/JEl7br5HOLZO+64IjSWYY7N0a0zhMjf147yEJ+JBOwXzN6px7y2rLI9CLY6jMs+Ye63nl7ALqN9dLJiaqxOMqTxrSNdRqWEj+FnFTd6sTb5eOZH7yabF/EApwdV3TGRGEaaZGS/GE= krizej@krizej-pc"
			`];`
			`};`
			`fish = {`
			`enable = true;`
			`extraAliases = {`
			`"rebuild" = "sudo nixos-rebuild switch --flake ~/nix#rpi -v";`
			`};`
			`};`
			`};`
			`};`
			`};`
			`}`