mirror of
https://github.com/ivabus/nixos
synced 2024-11-22 16:35:06 +03:00
92 lines
2.3 KiB
Nix
92 lines
2.3 KiB
Nix
{ config, pkgs, lib, secrets, ... }:
|
||
|
||
let
|
||
my = import ../..;
|
||
ipv6_subnet = "2a05:3580:e41a:d600";
|
||
ipv6_prefix = 64;
|
||
ipv4_gateway = "192.168.1.1";
|
||
ipv4_address = "192.168.1.3";
|
||
ipv4_prefix = 24;
|
||
in {
|
||
imports = [ my.modules ../../hardware/rpi4.nix ];
|
||
|
||
networking.hostName = "rubusidaeus";
|
||
|
||
my.laptop.enable = false;
|
||
my.git.enable = false;
|
||
my.roles = {
|
||
design.enable = false;
|
||
devel.enable = false;
|
||
gaming.enable = false;
|
||
graphical.enable = false;
|
||
graphical.basic.enable = false;
|
||
latex.enable = false;
|
||
media-client.enable = false;
|
||
ntp-server.enable = false;
|
||
torrent.enable = false;
|
||
virtualisation.enable = false;
|
||
yggdrasil-client.enable = true;
|
||
|
||
server = { ivabus-dev.enable = true; };
|
||
};
|
||
|
||
my.users = {
|
||
ivabus.enable = true;
|
||
user.enable = false;
|
||
};
|
||
|
||
my.features.secrets = true;
|
||
|
||
networking = {
|
||
useNetworkd = false;
|
||
useDHCP = false;
|
||
interfaces = {
|
||
end0 = {
|
||
ipv6.addresses = [{
|
||
address = "${ipv6_subnet}::1337";
|
||
prefixLength = ipv6_prefix;
|
||
}];
|
||
ipv4.addresses = [{
|
||
address = ipv4_address; # Ughhhhh yep, flat network
|
||
prefixLength = ipv4_prefix;
|
||
}];
|
||
};
|
||
};
|
||
defaultGateway = ipv4_gateway; # should set this things through let...
|
||
};
|
||
|
||
# Semi-static configuration, needs rethinking
|
||
services.nginx = {
|
||
virtualHosts."iva.bz" = {
|
||
locations."/".proxyPass = "http://${secrets.maas-address}:8081";
|
||
enableACME = true;
|
||
addSSL = true;
|
||
serverAliases = [ "www.iva.bz" ];
|
||
};
|
||
virtualHosts."xn--80acbx2cl.xn--p1ai" = {
|
||
locations."/".proxyPass = "http://${secrets.maas-address}:8083";
|
||
enableACME = true;
|
||
addSSL = true;
|
||
serverAliases = [ "ивабус.рф" ];
|
||
};
|
||
virtualHosts."music.ivabus.dev" = {
|
||
locations."/".proxyPass = "http://${secrets.maas-address}:4533";
|
||
enableACME = true;
|
||
forceSSL = true;
|
||
};
|
||
virtualHosts."storage.ivabus.dev" = {
|
||
locations."/".proxyPass = "http://${secrets.maas-address}:80";
|
||
enableACME = true;
|
||
forceSSL = true;
|
||
};
|
||
virtualHosts."git.ivabus.dev" = {
|
||
locations."/".proxyPass = "http://${secrets.maas-address}:3000";
|
||
enableACME = true;
|
||
forceSSL = true;
|
||
};
|
||
};
|
||
|
||
hardware.enableRedistributableFirmware = true;
|
||
system.stateVersion = "23.05";
|
||
}
|
||
|