2023-10-27 12:29:45 +03:00
|
|
|
|
{ config, pkgs, lib, secrets, ... }:
|
2023-08-31 18:28:25 +03:00
|
|
|
|
|
2023-09-08 21:07:54 +03:00
|
|
|
|
let
|
|
|
|
|
|
my = import ../..;
|
|
|
|
|
|
ipv6_subnet = "2a05:3580:e41a:d600";
|
|
|
|
|
|
ipv6_prefix = 64;
|
|
|
|
|
|
ipv4_gateway = "192.168.1.1";
|
|
|
|
|
|
ipv4_address = "192.168.1.3";
|
|
|
|
|
|
ipv4_prefix = 24;
|
2023-08-31 18:28:25 +03:00
|
|
|
|
in {
|
2023-09-06 16:10:11 +03:00
|
|
|
|
imports = [ my.modules ../../hardware/rpi4.nix ];
|
2023-08-31 18:28:25 +03:00
|
|
|
|
|
|
|
|
|
|
networking.hostName = "rubusidaeus";
|
|
|
|
|
|
|
|
|
|
|
|
my.laptop.enable = false;
|
2023-09-01 07:13:07 +03:00
|
|
|
|
my.git.enable = false;
|
2023-08-31 18:28:25 +03:00
|
|
|
|
my.roles = {
|
|
|
|
|
|
design.enable = false;
|
|
|
|
|
|
devel.enable = false;
|
|
|
|
|
|
gaming.enable = false;
|
|
|
|
|
|
graphical.enable = false;
|
|
|
|
|
|
latex.enable = false;
|
|
|
|
|
|
media-client.enable = false;
|
2023-09-07 20:19:06 +03:00
|
|
|
|
ntp-server.enable = false;
|
2023-08-31 18:28:25 +03:00
|
|
|
|
torrent.enable = false;
|
|
|
|
|
|
virtualisation.enable = false;
|
|
|
|
|
|
yggdrasil-client.enable = true;
|
2023-09-07 17:32:56 +03:00
|
|
|
|
|
|
|
|
|
|
server = { ivabus-dev.enable = true; };
|
2023-08-31 18:28:25 +03:00
|
|
|
|
};
|
|
|
|
|
|
|
2023-10-03 17:15:14 +03:00
|
|
|
|
my.users = {
|
|
|
|
|
|
ivabus.enable = true;
|
|
|
|
|
|
user.enable = false;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
my.features.secrets = true;
|
|
|
|
|
|
|
2023-09-08 21:07:54 +03:00
|
|
|
|
networking = {
|
|
|
|
|
|
useNetworkd = false;
|
|
|
|
|
|
useDHCP = false;
|
|
|
|
|
|
interfaces = {
|
|
|
|
|
|
end0 = {
|
|
|
|
|
|
ipv6.addresses = [{
|
|
|
|
|
|
address = "${ipv6_subnet}::1337";
|
|
|
|
|
|
prefixLength = ipv6_prefix;
|
|
|
|
|
|
}];
|
|
|
|
|
|
ipv4.addresses = [{
|
|
|
|
|
|
address = ipv4_address; # Ughhhhh yep, flat network
|
|
|
|
|
|
prefixLength = ipv4_prefix;
|
|
|
|
|
|
}];
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
defaultGateway = ipv4_gateway; # should set this things through let...
|
|
|
|
|
|
};
|
2023-08-31 18:28:25 +03:00
|
|
|
|
|
2023-10-27 12:29:45 +03:00
|
|
|
|
# Semi-static configuration, needs rethinking
|
|
|
|
|
|
services.nginx = {
|
|
|
|
|
|
virtualHosts."iva.bz" = {
|
|
|
|
|
|
locations."/".proxyPass = "http://${secrets.maas-address}:8081";
|
|
|
|
|
|
enableACME = true;
|
|
|
|
|
|
addSSL = true;
|
|
|
|
|
|
serverAliases = [ "www.iva.bz" ];
|
|
|
|
|
|
};
|
|
|
|
|
|
virtualHosts."xn--80acbx2cl.xn--p1ai" = {
|
|
|
|
|
|
locations."/".proxyPass = "http://${secrets.maas-address}:8083";
|
|
|
|
|
|
enableACME = true;
|
|
|
|
|
|
addSSL = true;
|
|
|
|
|
|
serverAliases = [ "ивабус.рф" ];
|
|
|
|
|
|
};
|
2023-10-27 13:14:19 +03:00
|
|
|
|
virtualHosts."music.ivabus.dev" = {
|
|
|
|
|
|
locations."/".proxyPass = "http://${secrets.maas-address}:4533";
|
|
|
|
|
|
enableACME = true;
|
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
|
};
|
2023-11-01 21:42:41 +03:00
|
|
|
|
virtualHosts."storage.ivabus.dev" = {
|
|
|
|
|
|
locations."/".proxyPass = "http://${secrets.maas-address}:80";
|
|
|
|
|
|
enableACME = true;
|
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
|
};
|
|
|
|
|
|
virtualHosts."git.ivabus.dev" = {
|
|
|
|
|
|
locations."/".proxyPass = "http://${secrets.maas-address}:3000";
|
|
|
|
|
|
enableACME = true;
|
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
|
};
|
2023-10-27 12:29:45 +03:00
|
|
|
|
};
|
|
|
|
|
|
|
2023-08-31 18:28:25 +03:00
|
|
|
|
hardware.enableRedistributableFirmware = true;
|
|
|
|
|
|
system.stateVersion = "23.05";
|
|
|
|
|
|
}
|
|
|
|
|
|
|
