Compare commits
3 Commits
b3e7793759
...
853ee74826
| Author | SHA1 | Date | |
|---|---|---|---|
|
853ee74826 | ||
|
|
583688ca70 | ||
|
|
8a7d1c6072 |
14
cachix.nix
Normal file
14
cachix.nix
Normal file
@ -0,0 +1,14 @@
|
||||
|
||||
# WARN: this file will get overwritten by $ cachix use <name>
|
||||
{ pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
folder = ./cachix;
|
||||
toImport = name: value: folder + ("/" + name);
|
||||
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
|
||||
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
|
||||
in {
|
||||
inherit imports;
|
||||
nix.binaryCaches = ["https://cache.nixos.org/"];
|
||||
}
|
||||
|
||||
12
cachix/ropfuscator.nix
Normal file
12
cachix/ropfuscator.nix
Normal file
@ -0,0 +1,12 @@
|
||||
|
||||
{
|
||||
nix = {
|
||||
binaryCaches = [
|
||||
"https://ropfuscator.cachix.org"
|
||||
];
|
||||
binaryCachePublicKeys = [
|
||||
"ropfuscator.cachix.org-1:LZ03aJ1yqFlxpU+wfGhLlOkA3MwXqnntd2Wk7u2LnHQ="
|
||||
];
|
||||
};
|
||||
}
|
||||
|
||||
22
flake.lock
generated
22
flake.lock
generated
@ -7,27 +7,27 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1637019201,
|
||||
"narHash": "sha256-lq4gz51fx4m5FXfx1SCB444aEBeaYtLMVm3P18Wi9ls=",
|
||||
"lastModified": 1638267006,
|
||||
"narHash": "sha256-heZdDlD09rnoeEiZ4wKfbXNDkO5I9qVFvX9d790h/XE=",
|
||||
"owner": "rycee",
|
||||
"repo": "home-manager",
|
||||
"rev": "bcf03fa16a1f06b8a0abb27bf49afa8d6fffe8f1",
|
||||
"rev": "3e93c4e8b2b479c712b7c20a428993b459118842",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "rycee",
|
||||
"ref": "release-21.05",
|
||||
"ref": "release-21.11",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1637595801,
|
||||
"narHash": "sha256-LkIMwVFKCuEqidaUdg8uxwpESAXjsPo4oCz3eJ7RaRw=",
|
||||
"lastModified": 1638286143,
|
||||
"narHash": "sha256-A+rgjbIpz3uPRKHPXwdmouVcVn5pZqLnaZHymjkraG4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "263ef4cc4146c9fab808085487438c625d4426a9",
|
||||
"rev": "29d1f6e1f625d246dcf84a78ef97b4da3cafc6ea",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
@ -39,16 +39,16 @@
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1637615379,
|
||||
"narHash": "sha256-wL5+nm7z+42IHyhc52P3aAj1Kp2fQ6C8IyPBihj7Bjg=",
|
||||
"lastModified": 1638279546,
|
||||
"narHash": "sha256-1KCwN7twjp1dBdp0jPgVdYFztDkCR8+roo0B34J9oBY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "09650059d7f5ae59a7f0fb2dd3bfc6d2042a74de",
|
||||
"rev": "96b4157790fc96e70d6e6c115e3f34bba7be490f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-21.05",
|
||||
"ref": "nixos-21.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
{
|
||||
inputs = {
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.05";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11";
|
||||
nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||
home-manager = {
|
||||
url = "github:rycee/home-manager/release-21.05";
|
||||
url = "github:rycee/home-manager/release-21.11";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
@ -23,28 +23,25 @@ in {
|
||||
./matrix.nix
|
||||
./fail2ban.nix
|
||||
./dns.nix
|
||||
./minecraft.nix
|
||||
# ./minecraft.nix
|
||||
./prowlarr.nix
|
||||
./plex.nix
|
||||
./transmission.nix
|
||||
./githubrunner.nix
|
||||
./libreddit.nix
|
||||
./invidious.nix
|
||||
./nitter.nix
|
||||
];
|
||||
|
||||
time.timeZone = "Europe/Rome";
|
||||
system.stateVersion = "21.05"; # Did you read the comment?
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
users.users.giulio.openssh.authorizedKeys.keys = pubkeys;
|
||||
|
||||
fileSystems."/tmp" = {
|
||||
device = "tmpfs";
|
||||
fsType = "tmpfs";
|
||||
options = [ "size=20G" ];
|
||||
};
|
||||
|
||||
services.fwupd.enable = true;
|
||||
boot = {
|
||||
kernelParams =
|
||||
[ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" ];
|
||||
[ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" "nvme_core.default_ps_max_latency_us=5500" ];
|
||||
kernel.sysctl."net.ipv4.ip_forward" = 1;
|
||||
|
||||
initrd = {
|
||||
availableKernelModules = [ "igc" "r8169" ];
|
||||
network = {
|
||||
@ -72,7 +69,6 @@ in {
|
||||
};
|
||||
|
||||
supportedFilesystems = [ "zfs" ];
|
||||
zfs.enableUnstable = true;
|
||||
zfs.requestEncryptionCredentials = true;
|
||||
};
|
||||
|
||||
@ -119,10 +115,9 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [ cudatoolkit ];
|
||||
environment.systemPackages = with pkgs; [ cudatoolkit cachix ];
|
||||
|
||||
hardware = {
|
||||
cpu.amd.updateMicrocode = true;
|
||||
opengl.enable = true;
|
||||
opengl.extraPackages = with pkgs; [ vaapiVdpau ];
|
||||
opengl.driSupport = true;
|
||||
|
||||
@ -42,9 +42,15 @@
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
fileSystems."/tmp" = {
|
||||
fsType = "tmpfs";
|
||||
device = "tmpfs";
|
||||
options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=29G" ];
|
||||
};
|
||||
|
||||
swapDevices = [{
|
||||
device = "/dev/zpool/data/swap";
|
||||
size = 40000;
|
||||
device = "/dev/sdc1";
|
||||
size = 100000;
|
||||
}];
|
||||
|
||||
}
|
||||
|
||||
26
hosts/architect/invidious.nix
Normal file
26
hosts/architect/invidious.nix
Normal file
@ -0,0 +1,26 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
with import ./network.nix;
|
||||
|
||||
let domain = "tube.giugl.io";
|
||||
in {
|
||||
services = {
|
||||
invidious = {
|
||||
enable = true;
|
||||
port = 9092;
|
||||
};
|
||||
|
||||
nginx.virtualHosts.${domain} = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:9092";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.extraHosts = ''
|
||||
${architect-lan} ${domain}
|
||||
${architect-wg} ${domain}
|
||||
'';
|
||||
}
|
||||
26
hosts/architect/libreddit.nix
Normal file
26
hosts/architect/libreddit.nix
Normal file
@ -0,0 +1,26 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
with import ./network.nix;
|
||||
|
||||
let domain = "reddit.giugl.io";
|
||||
in {
|
||||
services = {
|
||||
libreddit = {
|
||||
enable = true;
|
||||
port = 9090;
|
||||
};
|
||||
|
||||
nginx.virtualHosts.${domain} = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:9090";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.extraHosts = ''
|
||||
${architect-lan} ${domain}
|
||||
${architect-wg} ${domain}
|
||||
'';
|
||||
}
|
||||
33
hosts/architect/nitter.nix
Normal file
33
hosts/architect/nitter.nix
Normal file
@ -0,0 +1,33 @@
|
||||
{ pkgs, ... }:
|
||||
|
||||
with import ./network.nix;
|
||||
|
||||
let domain = "tweet.giugl.io";
|
||||
in {
|
||||
services = {
|
||||
nitter = {
|
||||
enable = true;
|
||||
server = {
|
||||
port = 9093;
|
||||
hostname = domain;
|
||||
};
|
||||
preferences = {
|
||||
replaceYouTube = "tube.giugl.io";
|
||||
replaceTwitter = "tweet.giugl.io";
|
||||
};
|
||||
};
|
||||
|
||||
nginx.virtualHosts.${domain} = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://localhost:9093";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
networking.extraHosts = ''
|
||||
${architect-lan} ${domain}
|
||||
${architect-wg} ${domain}
|
||||
'';
|
||||
}
|
||||
@ -13,6 +13,7 @@ in {
|
||||
speed-limit-up = 10;
|
||||
speed-limit-up-enabled = true;
|
||||
peer-port = 51413;
|
||||
umask = 2;
|
||||
};
|
||||
performanceNetParameters = true;
|
||||
};
|
||||
|
||||
@ -14,11 +14,9 @@
|
||||
|
||||
modules = [
|
||||
{
|
||||
imports = users_mod ++ roles_mod ++ [(nixos-unstable + "/nixos/modules/services/misc/prowlarr.nix")];
|
||||
|
||||
imports = users_mod ++ roles_mod;
|
||||
nixpkgs = {
|
||||
pkgs = pkgs;
|
||||
overlays = [ (self: super: {prowlarr = pkgs.unstable.prowlarr;}) ];
|
||||
};
|
||||
|
||||
nix.nixPath = [
|
||||
|
||||
Loading…
Reference in New Issue
Block a user