nicks-nix-config/hosts/Alaska/default.nix

67 lines
1.4 KiB
Nix
Raw Normal View History

2023-03-31 17:38:15 -07:00
{ config, lib, pkgs, ... }:
2023-03-31 17:38:15 -07:00
{
2023-04-04 22:56:30 -07:00
imports = [
(import ./hardware-configuration.nix)
(import ./containers/nextcloud.nix)
2023-04-05 21:10:58 -07:00
(import ./modules/nginx.nix)
2023-04-04 22:56:30 -07:00
];
2023-04-03 22:18:54 -07:00
environment.systemPackages = [
pkgs.mdadm
pkgs.cloudflared
2023-04-03 22:18:54 -07:00
];
2023-04-04 22:56:30 -07:00
networking = {
nat = {
enable = true;
internalInterfaces = ["ve-+"];
externalInterface = "enp2s0"; # Make sure this is actually set to your internet adapter
# You can find a list with `ip a` and look for the first identifier after the number (e.g.: 1: enp2s0)
2023-04-04 22:56:30 -07:00
# Lazy IPv6 connectivity for the container
enableIPv6 = true;
#forwardPorts = [
#{
# sourcePort = 80;
# proto = "tcp";
# destination = "192.168.100.11:80";
#}
#];
2023-04-04 22:56:30 -07:00
};
firewall = {
enable = true;
allowedTCPPorts = [80 443];
};
};
2023-03-31 22:19:55 -07:00
services = {
sshd.enable = true;
2023-04-02 22:45:13 -07:00
openssh.settings = {
PermitRootLogin = "no";
2023-04-02 22:48:25 -07:00
X11Forwarding = true;
2023-04-02 22:41:29 -07:00
};
2023-03-31 22:19:55 -07:00
};
systemd.services.sshd.wantedBy = [ "multi-user.target" ];
2023-04-05 21:10:58 -07:00
boot.initrd.services.swraid.mdadmConf = builtins.readFile ./rsrcs/mdadm.conf;
boot.loader = {
2023-03-31 22:19:55 -07:00
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
2023-03-31 22:25:57 -07:00
efiSysMountPoint = "/boot/efi";
};
};
2023-04-04 15:24:13 -07:00
2023-04-04 22:56:30 -07:00
programs.msmtp = {
enable = true;
};
2023-04-04 15:24:13 -07:00
environment.etc."mdadm.conf".text = ''
2023-04-04 22:56:30 -07:00
MAILADDR nicholasyoungsumner@gmail.com
2023-04-04 15:24:13 -07:00
'';
}