2023-03-31 17:38:15 -07:00
|
|
|
|
2023-02-05 16:51:03 -08:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
2023-03-31 17:38:15 -07:00
|
|
|
|
2023-02-05 16:51:03 -08:00
|
|
|
{
|
2023-04-04 22:56:30 -07:00
|
|
|
imports = [
|
|
|
|
(import ./hardware-configuration.nix)
|
2023-04-13 19:32:57 -07:00
|
|
|
(import ./modules/nginx.nix)
|
2023-04-10 20:23:37 -07:00
|
|
|
(import ./modules/nextcloud.nix)
|
2023-05-27 15:05:20 -07:00
|
|
|
(import ./modules/postgresql.nix)
|
2023-04-13 19:32:57 -07:00
|
|
|
(import ./modules/msmtp.nix)
|
2023-05-06 10:12:27 -07:00
|
|
|
(import ./modules/forgejo.nix)
|
2023-04-04 22:56:30 -07:00
|
|
|
];
|
|
|
|
|
2023-04-03 22:18:54 -07:00
|
|
|
environment.systemPackages = [
|
|
|
|
pkgs.mdadm
|
2023-05-03 18:31:26 -07:00
|
|
|
pkgs.jellyfin-ffmpeg
|
|
|
|
pkgs.hddtemp
|
|
|
|
pkgs.smartmontools
|
2023-04-03 22:18:54 -07:00
|
|
|
];
|
|
|
|
|
2023-05-03 18:31:26 -07:00
|
|
|
services.xserver.videoDrivers = [ "nvidia" ];
|
|
|
|
hardware.opengl.enable = true;
|
|
|
|
|
2023-04-04 22:56:30 -07:00
|
|
|
networking = {
|
|
|
|
nat = {
|
|
|
|
enable = true;
|
|
|
|
internalInterfaces = ["ve-+"];
|
|
|
|
externalInterface = "enp2s0"; # Make sure this is actually set to your internet adapter
|
|
|
|
# You can find a list with `ip a` and look for the first identifier after the number (e.g.: 1: enp2s0)
|
2023-04-07 16:50:38 -07:00
|
|
|
|
2023-04-04 22:56:30 -07:00
|
|
|
# Lazy IPv6 connectivity for the container
|
|
|
|
enableIPv6 = true;
|
|
|
|
};
|
|
|
|
firewall = {
|
|
|
|
enable = true;
|
2023-05-06 10:28:31 -07:00
|
|
|
allowedTCPPorts = [80 443 3001]; # port 3001 opened to allow git traffic on the local netword
|
2023-04-04 22:56:30 -07:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2023-04-10 19:33:56 -07:00
|
|
|
services.jellyfin = {
|
|
|
|
enable = true;
|
|
|
|
openFirewall = true;
|
|
|
|
};
|
|
|
|
|
2023-03-31 22:19:55 -07:00
|
|
|
services = {
|
|
|
|
sshd.enable = true;
|
2023-04-02 22:45:13 -07:00
|
|
|
openssh.settings = {
|
2023-05-10 16:34:06 -07:00
|
|
|
passwordAuthentication = false;
|
2023-04-02 22:45:13 -07:00
|
|
|
PermitRootLogin = "no";
|
2023-04-02 22:48:25 -07:00
|
|
|
X11Forwarding = true;
|
2023-04-02 22:41:29 -07:00
|
|
|
};
|
2023-03-31 22:19:55 -07:00
|
|
|
};
|
|
|
|
systemd.services.sshd.wantedBy = [ "multi-user.target" ];
|
|
|
|
|
2023-04-05 21:10:58 -07:00
|
|
|
boot.initrd.services.swraid.mdadmConf = builtins.readFile ./rsrcs/mdadm.conf;
|
2023-02-05 16:51:03 -08:00
|
|
|
boot.loader = {
|
2023-03-31 22:19:55 -07:00
|
|
|
systemd-boot.enable = true;
|
2023-02-05 16:51:03 -08:00
|
|
|
efi = {
|
|
|
|
canTouchEfiVariables = true;
|
2023-03-31 22:25:57 -07:00
|
|
|
efiSysMountPoint = "/boot/efi";
|
2023-02-05 16:51:03 -08:00
|
|
|
};
|
|
|
|
};
|
2023-04-04 15:24:13 -07:00
|
|
|
|
|
|
|
environment.etc."mdadm.conf".text = ''
|
2023-04-04 22:56:30 -07:00
|
|
|
MAILADDR nicholasyoungsumner@gmail.com
|
2023-04-04 15:24:13 -07:00
|
|
|
'';
|
2023-02-05 16:51:03 -08:00
|
|
|
}
|