ElnuDev
/
nix-config
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ElnuDev:793eec3ec42179da5618d7637e29ed0e5081baf2
Branches Tags
ElnuDev:main
ElnuDev:inky
...
compare: ElnuDev:65ae45eaaf3c35798d8975e6c3997c1bb6c7aa99
Branches Tags
ElnuDev:main
ElnuDev:inky

7 Commits
793eec3ec4 ... 65ae45eaaf

Author SHA1 Message Date
Elnu 65ae45eaaf elnudrop: host images API, refactoring
9 months ago
Elnu c393cbb98f elnudrop: host tatoeba API
9 months ago
Elnu 4bbd00cc9f elnudrop: disable networkmanager
9 months ago
Elnu 2ce25bb218 Explicitly declare hosts and nameservers in general config
9 months ago
Elnu f3849e3eb6 desktop: make nameservers work with resolvconf, switch to quad9
9 months ago
Elnu 6176753e71 elnudrop: define enableSSL special argument
9 months ago
Elnu 86e8c8c9ec flake.lock: Update
9 months ago
11 changed files with 204 additions and 71 deletions
Show Stats

150
flake.lock
Unescape View File

@ -1,5 +1,24 @@
{
"nodes": {
"apis": {
"inputs": {
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1691873908,
"narHash": "sha256-37XNMWtoca8zjNdGq95hbi6idB9pdbv2peqNvFxqfrM=",
"ref": "refs/heads/main",
"rev": "412ca4e53890761467de233cf0ed37bebbc8eeac",
"revCount": 27,
"type": "git",
"url": "https://git.elnu.com/jichan.org/apis.git"
},
"original": {
"type": "git",
"url": "https://git.elnu.com/jichan.org/apis.git"
}
},
"beautysh": {
"inputs": {
"nixpkgs": [
@ -43,6 +62,24 @@
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1681202837,
"narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "cfacdce06f30d2b68473a46042957675eebb3401",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1689068808,
"narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=",
@ -57,9 +94,9 @@
"type": "github"
}
},
"flake-utils_2": {
"flake-utils_3": {
"inputs": {
"systems": "systems_2"
"systems": "systems_3"
},
"locked": {
"lastModified": 1685518550,
@ -104,11 +141,11 @@
]
},
"locked": {
"lastModified": 1690982105,
"narHash": "sha256-32AzoLuwhtxBItcULRiCnxRfJcbVXbPZSH9TDVg21mU=",
"lastModified": 1691672736,
"narHash": "sha256-HNPA/dKHerA0p4OsToEcW/DtTSXBcK5gFRsy/yPgV/Y=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b2ac1d2c32ac11b8d231d23622cdc4b2f28d07d2",
"rev": "6e1eff9aac0e8d84bda7f2d60ba6108eea9b7e79",
"type": "github"
},
"original": {
@ -119,15 +156,15 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1690881714,
"narHash": "sha256-h/nXluEqdiQHs1oSgkOOWF+j8gcJMWhwnZ9PFabN6q0=",
"owner": "nixos",
"lastModified": 1691654369,
"narHash": "sha256-gSILTEx1jRaJjwZxRlnu3ZwMn1FVNk80qlwiCX8kmpo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9e1960bc196baf6881340d53dccb203a951745a2",
"rev": "ce5e4a6ef2e59d89a971bc434ca8ca222b9c7f5e",
"type": "github"
},
"original": {
"owner": "nixos",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
@ -151,11 +188,43 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1690031011,
"narHash": "sha256-kzK0P4Smt7CL53YCdZCBbt9uBFFhE0iNvCki20etAf4=",
"lastModified": 1681358109,
"narHash": "sha256-eKyxW4OohHQx9Urxi7TQlFBTDWII+F+x2hklDOQPB50=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "96ba1c52e54e74c3197f4d43026b3f3d92e83ff9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1691654369,
"narHash": "sha256-gSILTEx1jRaJjwZxRlnu3ZwMn1FVNk80qlwiCX8kmpo=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "ce5e4a6ef2e59d89a971bc434ca8ca222b9c7f5e",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1691186842,
"narHash": "sha256-wxBVCvZUwq+XS4N4t9NqsHV4E64cPVqQ2fdDISpjcw0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "12303c652b881435065a98729eb7278313041e49",
"rev": "18036c0be90f4e308ae3ebcab0e14aae0336fe42",
"type": "github"
},
"original": {
@ -168,16 +237,16 @@
"nixvim": {
"inputs": {
"beautysh": "beautysh",
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2",
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_4",
"pre-commit-hooks": "pre-commit-hooks"
},
"locked": {
"lastModified": 1690107839,
"narHash": "sha256-ll3j+g3qz239sfLHYhHynKRWhMkxFXsJ9MOAXzSqQMc=",
"lastModified": 1691674049,
"narHash": "sha256-M9SA4MZ3IuFCP4XI2IGAepvEYp3stmTwltUcnGu3Ml8=",
"owner": "nix-community",
"repo": "nixvim",
"rev": "4c25722d73694245e767839b462026ab2296542b",
"rev": "36a6ab4ba7403dca50b2ca2de5fd5fd57fb19335",
"type": "github"
},
"original": {
@ -216,7 +285,7 @@
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils_3",
"gitignore": "gitignore",
"nixpkgs": [
"nixvim",
@ -225,11 +294,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1689668210,
"narHash": "sha256-XAATwDkaUxH958yXLs1lcEOmU6pSEIkatY3qjqk8X0E=",
"lastModified": 1691256628,
"narHash": "sha256-M0YXHemR3zbyhM7PvJa5lzGhWVf6kM/fpZ4cWe/VIhI=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "eb433bff05b285258be76513add6f6c57b441775",
"rev": "3139c4d1f7732cab89f06492bdd4677b877e3785",
"type": "github"
},
"original": {
@ -240,11 +309,31 @@
},
"root": {
"inputs": {
"apis": "apis",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_3",
"nixvim": "nixvim"
}
},
"rust-overlay": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1691806075,
"narHash": "sha256-yuq7cNkFOQse4WwLw0rUiXhG58aI6eyXKfcTw5Act/I=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "b87a7db512340dea25e95f444db29e9264ff7a63",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
@ -275,6 +364,21 @@
"type": "github"
}
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"locked": {
"lastModified": 1678901627,

1
flake.nix
Unescape View File

@ -4,6 +4,7 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixvim.url = "github:nix-community/nixvim";
apis.url = "git+https://git.elnu.com/jichan.org/apis.git";
home-manager = {
url = github:nix-community/home-manager;
inputs.nixpkgs.follows = "nixpkgs";

15
hosts/configuration.nix
Unescape View File

@ -22,6 +22,21 @@
extraOptions = "experimental-features = nix-command flakes";
};
networking = {
networkmanager.enable = true;
# networking.nameservers doesn't apply to resolvconf
#nameservers = [ "9.9.9.9" "1.1.1.1" ];
resolvconf.extraConfig = "name_servers=\"9.9.9.9 1.1.1.1\"";
# Temporary since MagicDNS is broken
hosts = {
"192.168.0.26" = [ "elnuhub.local" ];
"24.199.72.8" = [ "elnudrop.local" ];
"100.64.0.1" = [ "elnu" ];
"100.64.0.2" = [ "elnuhub" ];
"100.64.0.3" = [ "elnudrop" ];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

24
hosts/default.nix
Unescape View File

@ -7,6 +7,10 @@ let
config.allowUnfree = true;
};
lib = nixpkgs.lib;
configImports = [
inputs.apis.nixosModules.default
./configuration.nix
];
hmImports = [
(import ./home.nix)
inputs.nixvim.homeManagerModules.nixvim
@ -20,9 +24,8 @@ in
desktop = lib.nixosSystem {
inherit system;
specialArgs = { inherit user; };
modules = [
modules = configImports ++ [
./desktop
./configuration.nix
./desktop.nix
{
boot.loader.grub.gfxmodeEfi = "1920x1080";
@ -46,9 +49,8 @@ in
x220 = lib.nixosSystem {
inherit system;
specialArgs = { inherit user; };
modules = [
modules = configImports ++ [
./thinkpads
./configuration.nix
./desktop.nix
{
# 1024x768 is the closest supported resolution to X220's native 1366x768
@ -74,9 +76,8 @@ in
t430 = lib.nixosSystem {
inherit system;
specialArgs = { inherit user; };
modules = [
modules = configImports ++ [
./thinkpads
./configuration.nix
./desktop.nix
{
boot.loader.grub.gfxmodeEfi = "1600x900";
@ -99,9 +100,8 @@ in
virtualbox = lib.nixosSystem {
inherit system;
specialArgs = { inherit user; };
modules = [
modules = configImports ++ [
./virtualbox
./configuration.nix
./desktop.nix
{
networking.hostName = "virtualbox";
@ -122,10 +122,12 @@ in
elnudrop = lib.nixosSystem {
inherit system;
specialArgs = { inherit user; };
modules = [
specialArgs = {
inherit user;
enableSSL = true;
};
modules = configImports ++ [
./elnudrop
./configuration.nix
{
networking.hostName = "elnudrop";
}

5
hosts/desktop.nix
Unescape View File

@ -32,11 +32,6 @@ in
gvfs.enable = true; # For Trash
};
networking = {
networkmanager.enable = true;
nameservers = [ "1.1.1.1" "1.0.0.1" ];
};
xdg.portal.enable = true;
environment.systemPackages = with pkgs; [ yubioath-flutter ];

10
hosts/elnudrop/default.nix
Unescape View File

@ -14,9 +14,13 @@
./hosts/tegakituesday.com
];
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
networking = {
# May cause some issues
networkmanager.enable = lib.mkForce false;
firewall = {
enable = true;
allowedTCPPorts = [ 80 443 ];
};
};
security.acme = {

32
hosts/elnudrop/hosts/jichan.org/default.nix
Unescape View File

@ -1,12 +1,18 @@
{ enableSSL, ... }:
let host = "jichan.org"; in {
imports = [
./tatoeba.nix
./images.nix
];
services.nginx.virtualHosts."www.${host}" = {
forceSSL = true;
enableACME = true;
forceSSL = enableSSL;
enableACME = enableSSL;
globalRedirect = host;
};
services.nginx.virtualHosts."${host}" = {
forceSSL = true;
enableACME = true;
forceSSL = enableSSL;
enableACME = enableSSL;
extraConfig = ''
error_page 502 /502.html;
'';
@ -15,24 +21,6 @@ let host = "jichan.org"; in {
"/502.html".root = "${./502}";
"/logo.svg".root = "${./502}";
"/missing.min.css".root = "${../shared/502}";
# Formerly tatoeba.elnu.com
# https://git.elnu.com/ElnuDev/tatoeba-api
"/api/tatoeba/" = {
proxyPass = "http://elnuhub:3001";
extraConfig = ''
rewrite ^/api/tatoeba/(.*) /$1 break;
'';
};
# Formerly images.elnu.com
# https://git.elnu.com/ElnuDev/image-api
"/api/images/" = {
proxyPass = "http://elnuhub:3002";
extraConfig = ''
rewrite ^/api/images/(.*) /$1 break;
'';
};
};
};
}

11
hosts/elnudrop/hosts/jichan.org/images.nix
Unescape View File

@ -0,0 +1,11 @@
{ config, ... }:
{
services.images.enable = true;
services.nginx.virtualHosts."jichan.org".locations."/api/images" = {
proxyPass = "http://localhost:${builtins.toString config.services.images.port}";
extraConfig = ''
rewrite ^/api/images/(.*) /$1 break;
'';
};
}

11
hosts/elnudrop/hosts/jichan.org/tatoeba.nix
Unescape View File

@ -0,0 +1,11 @@
{ config, ... }:
{
services.tatoeba.enable = true;
services.nginx.virtualHosts."jichan.org".locations."/api/tatoeba" = {
proxyPass = "http://localhost:${builtins.toString config.services.tatoeba.port}";
extraConfig = ''
rewrite ^/api/tatoeba/(.*) /$1 break;
'';
};
}

10
hosts/elnudrop/hosts/tegakituesday.com/default.nix
Unescape View File

@ -1,13 +1,15 @@
{ enableSSL, ... }:
with import ../../../../modules/tailscale/default.nix;
let host = "tegakituesday.com"; in {
services.nginx.virtualHosts."www.${host}" = {
forceSSL = true;
enableACME = true;
forceSSL = enableSSL;
enableACME = enableSSL;
globalRedirect = host;
};
services.nginx.virtualHosts."${host}" = {
forceSSL = true;
enableACME = true;
forceSSL = enableSSL;
enableACME = enableSSL;
extraConfig = ''
error_page 502 /502.html;
'';

6
hosts/elnudrop/modules/headscale.nix
Unescape View File

@ -1,4 +1,4 @@
{ config, ... }:
{ config, enableSSL, ... }:
let
baseDomain = "elnu.com";
@ -18,8 +18,8 @@ in {
};
environment.systemPackages = [ config.services.headscale.package ];
services.nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
forceSSL = enableSSL;
enableACME = enableSSL;
locations."/" = {
proxyPass = "http://localhost:${ toString config.services.headscale.port }";
proxyWebsockets = true;

Write Preview
Loading…
Cancel
Save