ivabus/nixos
1
0
Fork 0
mirror of https://github.com/ivabus/nixos synced 2024-11-24 17:35:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Now hosting fully ivabus.dev

Browse source
This commit is contained in:
Ivan Bushchik 2023-09-07 20:19:06 +03:00
parent 03b8b8f311
commit 057174d7f1
No known key found for this signature in database
GPG key ID: 2F16FBF3262E090C
8 changed files with 17 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common/base.nix
View file

@ -30,7 +30,7 @@
curl curl
usbutils usbutils
pciutils pciutils
(uutils-coreutils.override { prefix = ""; }) coreutils-full
killall killall
git git
git-crypt git-crypt

4
common/networking.nix
View file

@ -17,7 +17,7 @@
# Used by systemd-resolved, not directly by resolv.conf. # Used by systemd-resolved, not directly by resolv.conf.
networking.nameservers = networking.nameservers =
[ "8.8.8.8#dns.google" "1.0.0.1#cloudflare-dns.com" ]; [ "1.0.0.1#cloudflare-dns.com" "8.8.8.8#dns.google" ];
networking.enableIPv6 = true; networking.enableIPv6 = true;
@ -34,7 +34,7 @@
}; };
}; };
services.chrony.enable = true; services.ntp.enable = true;
networking.timeServers = networking.timeServers =
[ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ]; [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];

2
machines/celerrime/default.nix
View file

@ -24,7 +24,7 @@ in {
virtualisation.enable = false; virtualisation.enable = false;
yggdrasil-client.enable = true; yggdrasil-client.enable = true;
server = { ivabus-dev.enable = true; }; server = { ivabus-dev.enable = false; };
}; };
networking.useDHCP = true; networking.useDHCP = true;

2
machines/example/default.nix
View file

@ -26,6 +26,8 @@ in {
torrent.enable = true; torrent.enable = true;
virtualisation.enable = true; virtualisation.enable = true;
yggdrasil-client.enable = true; yggdrasil-client.enable = true;
server = { ivabus-dev.enable = true; };
}; };
networking.useDHCP = true; networking.useDHCP = true;

2
machines/rubusidaeus/default.nix
View file

@ -15,7 +15,7 @@ in {
graphical.enable = false; graphical.enable = false;
latex.enable = false; latex.enable = false;
media-client.enable = false; media-client.enable = false;
ntp-server.enable = true; ntp-server.enable = false;
torrent.enable = false; torrent.enable = false;
virtualisation.enable = false; virtualisation.enable = false;
yggdrasil-client.enable = true; yggdrasil-client.enable = true;

2
pkgs/ivabus-dev.nix
View file

@ -1,6 +1,6 @@
{ pkgs ? import <nixpkgs> { }, bundlerEnv, ... }: { pkgs ? import <nixpkgs> { }, bundlerEnv, ... }:
let let
version = "130812885aee9f2e0a5f6a4b534a3b6b68431554"; version = "8a9a1364bc2111ea4889134f8ca18f10699f26ef";
repo = builtins.fetchGit { repo = builtins.fetchGit {
url = "https://github.com/ivabus/website"; url = "https://github.com/ivabus/website";
rev = version; rev = version;

4
roles/server/ivabus-dev.nix
View file

@ -7,7 +7,9 @@ in {
my.roles.server.nginx.enable = true; my.roles.server.nginx.enable = true;
services.nginx = { services.nginx = {
virtualHosts."ivabus.dev" = { virtualHosts."ivabus.dev" = {
# i don't want to call package like this forceSSL = true;
enableACME = true;
root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { }; root = pkgs.callPackage ../../pkgs/ivabus-dev.nix { };
extraConfig = '' extraConfig = ''

6
roles/server/nginx.nix
View file

@ -12,5 +12,11 @@ in {
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
}; };
security.acme = {
acceptTerms = true;
defaults.email = "ivabus@ivabus.dev";
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
}; };
} }