nix/hosts/rpi/default.nix
2024-08-10 13:27:11 +02:00

101 lines
2.7 KiB
Nix

{ config, pkgs, ... }:
{
config = {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = [ "noatime" ];
};
};
hardware.raspberry-pi."4" = {
bluetooth.enable = false;
};
# todo: module for dis stuff (maybe)
networking.firewall.allowedTCPPorts = [ 80 443 22 ];
services.samba = {
enable = true;
openFirewall = true;
shares = {
media = {
path = "/media";
writeable = "yes";
public = "yes";
browsable = "yes";
"create mask" = "0777";
"directory mask" = "0777";
};
};
};
services.nginx = {
enable = true;
additionalModules = [ pkgs.nginxModules.fancyindex ];
virtualHosts.media = {
default = true;
# addSSL = true;
# enableACME = true;
root = "/media";
serverName = "_";
locations = {
"/" = {
tryFiles = "$uri $uri/ =404";
extraConfig = ''
fancyindex on;
fancyindex_name_length 256;
fancyindex_exact_size off;
'';
};
};
};
};
# security.acme = {
# acceptTerms = true;
# defaults.email = "krizej@protonmail.com";
# };
chuj = {
system = {
user = "krizej";
host = "rpi";
platform = "aarch64-linux";
};
# home manger on a server xd
home-manager.enable = true;
stuff = {
git.enable = true;
vim.enable = true;
ssh = {
enable = true;
authKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDXxtwm+YoSIXfT9OJtU3O/EHf1Lg4IwoLe0CO2/Oapl7efTNZO5qVCh7aG0T5Hy4RD5CmVpxZVei44NM1dpNf3c+5976eH1BKgMmklA4EwAVc3o259YfJoOowBvyzBqO4CZWJmuUUjZwaQ152gPh1iCVe8bcR25S7cCTRN/6qU+rGn2zsbkV/GKdtJmhS5OLic5iXMdL56B7+hqFdL5NxPcWpnaSilIPus2xhI4u29I/FrM8RcR3Uzkqyx385js5MqhkVP3SVc7V8hSKEO8LRzmBYuBKkBPW9gmCUHKyxhSxZOvcretUFB87W/P/HDw3I4tk4naQPiPnASj6NvqTRMuhErIvXd1w+3MEEsfnXLeyq7CIhO01+d3/JEl7br5HOLZO+64IjSWYY7N0a0zhMjf147yEJ+JBOwXzN6px7y2rLI9CLY6jMs+Ye63nl7ALqN9dLJiaqxOMqTxrSNdRqWEj+FnFTd6sTb5eOZH7yabF/EApwdV3TGRGEaaZGS/GE= krizej@krizej-pc"
];
};
fish = {
enable = true;
extraAliases = {
"rebuild" = "sudo nixos-rebuild switch --flake ~/nix#rpi -v";
};
};
};
};
};
}