peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: peperunas:faf97e2b3fea505d3cea77b1050a12ecbff1c79f
Branches Tags
peperunas:master
peperunas:nixos-21.11
peperunas:laptopshit
..
compare: peperunas:56f36d711fa7b3036ca0dbb4f3814ffac23e1438
Branches Tags
peperunas:master
peperunas:nixos-21.11
peperunas:laptopshit

No commits in common. "faf97e2b3fea505d3cea77b1050a12ecbff1c79f" and "56f36d711fa7b3036ca0dbb4f3814ffac23e1438" have entirely different histories.
faf97e2b3f ... 56f36d711f

5 changed files with 29 additions and 30 deletions
Show Stats Expand all files Collapse all files

18
flake.lock generated
View File

@ -7,11 +7,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1638553958, "lastModified": 1638267006,
"narHash": "sha256-leETjYMtD9y37CvfRSQhIGibcIl4dNVlFkY/8QgqmAM=", "narHash": "sha256-heZdDlD09rnoeEiZ4wKfbXNDkO5I9qVFvX9d790h/XE=",
"owner": "rycee", "owner": "rycee",
"repo": "home-manager", "repo": "home-manager",
"rev": "6ce1d64073f48b9bc9425218803b1b607454c1e7", "rev": "3e93c4e8b2b479c712b7c20a428993b459118842",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,11 +23,11 @@
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1638806821, "lastModified": 1638286143,
"narHash": "sha256-v2qd2Bsmzft53s43eCbN+4ocrLksRdFLyF/MAGuWuDA=", "narHash": "sha256-A+rgjbIpz3uPRKHPXwdmouVcVn5pZqLnaZHymjkraG4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bc5d68306b40b8522ffb69ba6cff91898c2fbbff", "rev": "29d1f6e1f625d246dcf84a78ef97b4da3cafc6ea",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,11 +39,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1638887115, "lastModified": 1638279546,
"narHash": "sha256-emjtIeqyJ84Eb3X7APJruTrwcfnHQKs55XGljj62prs=", "narHash": "sha256-1KCwN7twjp1dBdp0jPgVdYFztDkCR8+roo0B34J9oBY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1bd4bbd49bef217a3d1adea43498270d6e779d65", "rev": "96b4157790fc96e70d6e6c115e3f34bba7be490f",
"type": "github" "type": "github"
}, },
"original": { "original": {

9
hosts/architect/default.nix
View File

@ -23,7 +23,7 @@ in {
./matrix.nix ./matrix.nix
./fail2ban.nix ./fail2ban.nix
./dns.nix ./dns.nix
# ./minecraft.nix # ./minecraft.nix
./prowlarr.nix ./prowlarr.nix
./plex.nix ./plex.nix
./transmission.nix ./transmission.nix
@ -39,10 +39,8 @@ in {
services.fwupd.enable = true; services.fwupd.enable = true;
boot = { boot = {
kernelParams = [ kernelParams =
"ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" [ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" "nvme_core.default_ps_max_latency_us=5500" ];
"nvme_core.default_ps_max_latency_us=5500"
];
kernel.sysctl."net.ipv4.ip_forward" = 1; kernel.sysctl."net.ipv4.ip_forward" = 1;
initrd = { initrd = {
availableKernelModules = [ "igc" "r8169" ]; availableKernelModules = [ "igc" "r8169" ];
@ -72,7 +70,6 @@ in {
supportedFilesystems = [ "zfs" ]; supportedFilesystems = [ "zfs" ];
zfs.requestEncryptionCredentials = true; zfs.requestEncryptionCredentials = true;
tmpOnTmpfsSize = "75%";
}; };
networking = { networking = {

18
hosts/architect/gitea.nix
View File

@ -5,8 +5,9 @@ with import ./network.nix; {
domain = "git.giugl.io"; domain = "git.giugl.io";
appName = "Gitea"; appName = "Gitea";
rootUrl = "https://git.giugl.io"; rootUrl = "https://git.giugl.io";
ssh.clonePort = 22; ssh.clonePort = 10022;
settings.server.LFS_START_SERVER = true; log.level = "Info";
settings.server.START_SSH_SERVER = true;
}; };
services.nginx.virtualHosts.${gitdomain} = { services.nginx.virtualHosts.${gitdomain} = {
@ -15,12 +16,12 @@ with import ./network.nix; {
locations."/" = { locations."/" = {
proxyPass = "http://localhost:3000"; proxyPass = "http://localhost:3000";
extraConfig = '' extraConfig = ''
allow 127.0.0.1; allow 127.0.0.1;
allow 10.0.0.0/24; allow 10.0.0.0/24;
allow 10.3.0.0/24; allow 10.3.0.0/24;
allow 10.4.0.0/24; allow 10.4.0.0/24;
deny all; deny all;
''; '';
}; };
}; };
@ -28,5 +29,4 @@ with import ./network.nix; {
${architect-lan} ${gitdomain} ${architect-lan} ${gitdomain}
${architect-wg} ${gitdomain} ${architect-wg} ${gitdomain}
''; '';
} }

6
hosts/architect/hardware.nix
View File

@ -42,6 +42,12 @@
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/tmp" = {
fsType = "tmpfs";
device = "tmpfs";
options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=29G" ];
};
swapDevices = [{ swapDevices = [{
device = "/dev/sdc1"; device = "/dev/sdc1";
size = 100000; size = 100000;

6
hosts/architect/matrix.nix
View File

@ -18,8 +18,8 @@ with import ./network.nix; {
auto_join_rooms: auto_join_rooms:
- "#infra:matrix.giugl.io" - "#infra:matrix.giugl.io"
- "#general:matrix.giugl.io" - "#general:matrix.giugl.io"
- "#gaming:matrix.giugl.io"
- "#movies:matrix.giugl.io" - "#movies:matrix.giugl.io"
max_upload_size: "30M"
''; '';
listeners = [{ listeners = [{
port = 8008; port = 8008;
@ -42,7 +42,6 @@ with import ./network.nix; {
postgresql = { postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_11;
ensureDatabases = [ "synapse" ]; ensureDatabases = [ "synapse" ];
ensureUsers = [{ ensureUsers = [{
name = "matrix-synapse"; name = "matrix-synapse";
@ -55,9 +54,6 @@ with import ./network.nix; {
${matrixdomain} = { ${matrixdomain} = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
extraConfig = ''
client_max_body_size 30m;
'';
locations."= /.well-known/matrix/server".extraConfig = locations."= /.well-known/matrix/server".extraConfig =
let server = { "m.server" = "${matrixdomain}:443"; }; let server = { "m.server" = "${matrixdomain}:443"; };
in '' in ''