niksos/hosts/chmura/configuration.nix
2024-04-14 18:49:29 +02:00

97 lines
2.2 KiB
Nix

{
config,
...
}: let
inherit (config.myOptions.other.system) username;
in {
nixpkgs = {
# fuck broadcom
config.allowUnfree = true;
};
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
time.timeZone = "Europe/Warsaw";
nix.settings = {
experimental-features = [
"flakes"
"nix-command"
];
trusted-users = [
"root"
username
];
};
users.users.${username} = {
extraGroups = [ "docker" ];
};
services.caddy = let
redirToFlake = ''
redir https://git.jacekpoz.pl/jacekpoz/niksos
'';
in {
enable = true;
virtualHosts = {
"test.jacekpoz.pl".extraConfig = ''
reverse_proxy * localhost:3001
'';
"f.jacekpoz.pl".extraConfig = ''
root * /srv
file_server
'';
"flake.jacekpoz.pl".extraConfig = redirToFlake;
"flake.jpoz.pl".extraConfig = redirToFlake;
};
};
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
oci-containers.backend = "podman";
};
networking.firewall.allowedTCPPorts = [ 80 443 22 ];
myOptions = {
other = {
system = {
hostname = "chmura";
username = "chmura";
};
home-manager.enable = true;
};
programs = {
git = {
enable = true;
userName = "jacekpoz";
userEmail = "jacekpoz@cock.li";
signingKey = "0EEE6B0C9A8CC06820E59C3894E812A8B12AAE3C";
defaultBranch = "master";
};
starship.enable = true;
zsh.enable = true;
btop.enable = true;
neovim.enable = true;
helix.enable = true;
};
services = {
ssh = {
agent.enable = false;
daemon.enable = true;
};
syncthing.enable = true;
};
};
system.stateVersion = "23.11";
}