diff options
author | tv <tv@krebsco.de> | 2022-03-06 10:43:33 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2022-03-06 10:43:33 +0100 |
commit | 5182daaaf4cadaba84331a34b5455bf9dff131b6 (patch) | |
tree | deaa480a8ad3a9aaad6176bc14804f2bb6569c30 /makefu/1systems/latte/config.nix | |
parent | 6bcbb9adae290249988c86da35b2b5236df6ce96 (diff) | |
parent | 87a44dd1573cbdc8f0fc3553b0896b470bcfa44d (diff) |
Merge remote-tracking branch 'prism/master'
Diffstat (limited to 'makefu/1systems/latte/config.nix')
-rw-r--r-- | makefu/1systems/latte/config.nix | 90 |
1 files changed, 56 insertions, 34 deletions
diff --git a/makefu/1systems/latte/config.nix b/makefu/1systems/latte/config.nix index bec778abc..2828aea08 100644 --- a/makefu/1systems/latte/config.nix +++ b/makefu/1systems/latte/config.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: let # external-ip = config.krebs.build.host.nets.internet.ip4.addr; @@ -10,44 +10,66 @@ let in { imports = [ - <stockholm/makefu> - # configure your hw: - <stockholm/makefu/2configs/hw/CAC.nix> - <stockholm/makefu/2configs/tinc/retiolum.nix> - <stockholm/makefu/2configs/save-diskspace.nix> - - # Security - <stockholm/makefu/2configs/sshd-totp.nix> - # <stockholm/makefu/2configs/stats/client.nix> - - # Tools - <stockholm/makefu/2configs/tools/core.nix> - <stockholm/makefu/2configs/zsh-user.nix> - # Services - <stockholm/makefu/2configs/remote-build/slave.nix> - <stockholm/makefu/2configs/torrent.nix> + ./1blu + <stockholm/makefu> + + # common + <stockholm/makefu/2configs/nur.nix> + <stockholm/makefu/2configs/home-manager> + <stockholm/makefu/2configs/home-manager/cli.nix> + + # Security + <stockholm/makefu/2configs/sshd-totp.nix> + + # Tools + <stockholm/makefu/2configs/tools/core.nix> + <stockholm/makefu/2configs/zsh-user.nix> + + # NixOS Build + <stockholm/makefu/2configs/remote-build/slave.nix> + + # Storage + <stockholm/makefu/2configs/share> + <stockholm/makefu/2configs/share/hetzner-client.nix> + + # Services: + <stockholm/makefu/2configs/nix-community/mediawiki-matrix-bot.nix> + <stockholm/makefu/2configs/torrent/rtorrent.nix> + ## Web + <stockholm/makefu/2configs/deployment/rss.euer.krebsco.de.nix> + <stockholm/makefu/2configs/deployment/owncloud.nix> + ### Moving owncloud data dir to /media/cloud/nextcloud-data + { + users.users.nextcloud.extraGroups = [ "download" ]; + # nextcloud-setup fails as it cannot set permissions for nextcloud + systemd.services.nextcloud-setup.serviceConfig.SuccessExitStatus = "0 1"; + fileSystems."/var/lib/nextcloud/data" = { + device = "/media/cloud/nextcloud-data"; + options = [ "bind" ]; + }; + } + + # local usage: + <stockholm/makefu/2configs/mosh.nix> + <stockholm/makefu/2configs/bitlbee.nix> + + # Supervision + <stockholm/makefu/2configs/nix-community/supervision.nix> + + # Krebs + <stockholm/makefu/2configs/tinc/retiolum.nix> + + # backup + <stockholm/makefu/2configs/backup/state.nix> + ]; krebs = { enable = true; build.host = config.krebs.hosts.latte; }; - boot.initrd.availableKernelModules = [ "ata_piix" "ehci_pci" "virtio_pci" "virtio_blk" "virtio_net" "virtio_scsi" ]; - boot.loader.grub.device = "/dev/vda"; - boot.loader.grub.copyKernels = true; - fileSystems."/" = { - device = "/dev/vda1"; - fsType = "ext4"; - }; - networking = { - firewall = { - allowPing = true; - logRefusedConnections = false; - allowedTCPPorts = [ ]; - allowedUDPPorts = [ 655 ]; - }; - # network interface receives dhcp address - nameservers = [ "8.8.8.8" ]; - }; + makefu.dl-dir = "/media/cloud/download"; + networking.firewall.allowedTCPPorts = [ 80 443 ]; + } |