niksos/hosts/chmura/configuration.nix

84 lines
2.1 KiB
Nix

{
config,
...
}: let
inherit (config.poz.other.system) username;
in {
users.users.${username} = {
extraGroups = [ "docker" ];
};
services.caddy = let
redirToFlake = ''
redir https://git.jacekpoz.pl/poz/niksos
'';
redirToQmkFork = ''
redir https://git.jacekpoz.pl/poz/qmk_firmware/src/branch/master/keyboards/lily58/keymaps/poz
'';
in {
enable = true;
virtualHosts = {
"test.jacekpoz.pl".extraConfig = ''
reverse_proxy * localhost:3001
'';
"f.jacekpoz.pl".extraConfig = ''
root * /srv/files
file_server
'';
"flake.jacekpoz.pl".extraConfig = redirToFlake;
"flake.jpoz.pl".extraConfig = redirToFlake;
"qmk.jacekpoz.pl".extraConfig = redirToQmkFork;
"qmk.jpoz.pl".extraConfig = redirToQmkFork;
"nsfw.jacekpoz.pl".extraConfig = ''
redir https://trollface.pl
'';
};
};
powerManagement.cpuFreqGovernor = "performance";
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
oci-containers.backend = "podman";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
poz = {
other.home-manager.enable = true;
programs = {
git = {
enable = true;
defaultBranch = "master";
};
starship.enable = true;
zsh.enable = true;
btop.enable = true;
neovim = {
enable = true;
enableLsp = false;
};
};
services = {
ssh = {
agent.enable = false;
daemon = {
enable = true;
ports = [ 7312 22 ];
};
};
syncthing.enable = true;
};
};
system.stateVersion = "23.11";
}