nicks-nix-config/hosts/Alaska/default.nix

112 lines
2.6 KiB
Nix
Raw Normal View History

2023-03-31 17:38:15 -07:00
2023-12-03 14:07:13 -08:00
{ config, lib, pkgs, headscale, ... }:
2023-03-31 17:38:15 -07:00
{
2023-04-04 22:56:30 -07:00
imports = [
2023-10-28 17:06:56 -07:00
./modules/backup_script.nix
2023-12-25 18:38:17 -08:00
./configuration.nix
2023-10-28 17:04:37 -07:00
./hardware-configuration.nix
2023-10-28 17:06:56 -07:00
./modules/dnsmasq.nix
./modules/forgejo.nix
./modules/nginx.nix
./modules/nextcloud.nix
./modules/nicks_nextcould_integrations.nix
./modules/msmtp.nix
./modules/headscale.nix
./modules/tailscale.nix
./modules/vaultwarden.nix
2023-04-04 22:56:30 -07:00
];
2023-10-28 19:43:56 -07:00
programs.alaska_backup_script = {
enable = true;
run_nightly = false;
tmp_mount_point = /Aurora/backup_drive_mount_point;
backup1_drive_label = "AlaskaBackup";
2023-12-26 15:17:29 -08:00
vaultwarden = {
enable = true;
2023-12-26 15:17:29 -08:00
backup_dir = "/Aurora/Backups/Vaultwarden";
};
forgejo = {
enable = true;
backups_dir = "/Aurora/Backups/Forgejo";
save_old_count = 5;
};
2023-10-28 19:43:56 -07:00
nextcloud = {
enable = true;
2023-10-28 19:43:56 -07:00
root_dir = /Aurora/nextcloud;
db_server = "127.0.0.1";
db_name = "nextcloud";
db_user = "nextcloud";
db_passfile = /Aurora/nextcloud/nextcloud_db_password;
};
};
2023-12-03 14:07:13 -08:00
# headscale dns is handled by dnsmasq
networking.hosts = {
"100.64.0.1" = ["files.nickiel.net" "git.nickiel.net" "nickiel.net" "jellyfin.nickiel.net" ];
};
2023-04-03 22:18:54 -07:00
environment.systemPackages = [
pkgs.mdadm
#pkgs.jellyfin-ffmpeg
2023-05-03 18:31:26 -07:00
pkgs.hddtemp
pkgs.smartmontools
2023-10-28 19:43:56 -07:00
pkgs.screen
2023-04-03 22:18:54 -07:00
];
2023-05-03 18:31:26 -07:00
services.xserver.videoDrivers = [ "nvidia" ];
hardware.opengl.enable = true;
2023-04-04 22:56:30 -07:00
networking = {
nat = {
enable = true;
internalInterfaces = ["ve-+"];
externalInterface = "enp2s0"; # Make sure this is actually set to your internet adapter
# You can find a list with `ip a` and look for the first identifier after the number (e.g.: 1: enp2s0)
2023-04-04 22:56:30 -07:00
# Lazy IPv6 connectivity for the container
enableIPv6 = true;
};
firewall = {
enable = true;
allowedTCPPorts = [80 443 3001 5432]; # port 3001 opened to allow git traffic on the local netword
2023-04-04 22:56:30 -07:00
};
};
2023-04-10 19:33:56 -07:00
services.jellyfin = {
enable = true;
openFirewall = true;
};
2023-03-31 22:19:55 -07:00
services = {
sshd.enable = true;
2023-04-02 22:45:13 -07:00
openssh.settings = {
PasswordAuthentication = false;
2023-04-02 22:45:13 -07:00
PermitRootLogin = "no";
2023-04-02 22:48:25 -07:00
X11Forwarding = true;
2023-04-02 22:41:29 -07:00
};
2023-03-31 22:19:55 -07:00
};
systemd.services.sshd.wantedBy = [ "multi-user.target" ];
boot.swraid = {
enable = true;
mdadmConf = builtins.readFile ./rsrcs/mdadm.conf;
};
boot.loader = {
2023-03-31 22:19:55 -07:00
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
2023-03-31 22:25:57 -07:00
efiSysMountPoint = "/boot/efi";
};
};
2023-04-04 15:24:13 -07:00
environment.etc."mdadm.conf".text = ''
2023-04-04 22:56:30 -07:00
MAILADDR nicholasyoungsumner@gmail.com
2023-04-04 15:24:13 -07:00
'';
}