diff options
author | Ethel Morgan <eth@ethulhu.co.uk> | 2020-07-01 22:39:29 +0100 |
---|---|---|
committer | Ethel Morgan <eth@ethulhu.co.uk> | 2020-07-01 22:39:29 +0100 |
commit | eb4eda82de357e24d870aef34220b1a7e3c97127 (patch) | |
tree | 7bf7d6c0dab8dbad905f90b3608b38c17f536e61 /machines/nora.nix | |
parent | 4b5fbb3a9b35f663747dd79b21f3ca44aae5f396 (diff) |
add nora's /etc/nixos/configuration.nix
Diffstat (limited to '')
-rw-r--r-- | machines/nora.nix | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/machines/nora.nix b/machines/nora.nix new file mode 100644 index 0000000..3206ded --- /dev/null +++ b/machines/nora.nix @@ -0,0 +1,149 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +let + ethNixLocal = import /home/eth/src/nix; + ethNixRemote = import ( builtins.fetchGit { url = "https://github.com/ethulhu/nix"; } ); + + ethNix = ethNixLocal; + +in { + imports = [ + ./hardware-configuration.nix + ethNix.modules + ]; + + eth.nix = { + overlays = { + eth = true; + }; + gc = { + enable = true; + schedule = "weekly"; + olderThan = "30d"; + }; + }; + + eth.linode.enable = true; + + networking = { + hostName = "nora"; + + enableIPv6 = true; + + interfaces = { + enp0s4 = { + useDHCP = true; + }; + }; + + # The global useDHCP flag is deprecated, so is explicitly set to false. + useDHCP = false; + }; + + networking.firewall.allowedTCPPorts = [ 80 443 ]; + + time.timeZone = "Europe/London"; + + environment.systemPackages = with pkgs; [ + git + vim + wget + + # Linode. + # inetutils + mtr + sysstat + ]; + + environment.shellAliases = { + l = "ls -1"; + ll = "ls -lash"; + }; + + eth.users.eth = { + enable = true; + }; + + eth.location = "London"; + + programs.mosh.enable = true; + programs.tmux = { + aggressiveResize = true; + baseIndex = 1; + clock24 = true; + enable = true; + }; + programs.vim.defaultEditor = true; + + eth.services.ssh = { + enable = true; + sshAgentAuth = true; + }; + + services.tailscale.enable = true; + + security.acme.acceptTerms = true; + security.acme.email = "acme-letsencrypt@ethulhu.co.uk"; + + + services.nginx = { + enable = true; + virtualHosts = { + "static.eth.moe" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = /var/www/static.eth.moe; + }; + }; + }; + }; + eth.sites.go = { + enable = true; + virtualHost = "go.eth.moe"; + modules = { + catbus = "https://git.eth.moe/go-catbus"; + flag = "https://github.com/ethulhu/go-flag"; + jackalope = "https://git.sr.ht/~eth/jackalope"; + logger = "https://github.com/ethulhu/go-logger"; + }; + }; + eth.sites.cgit = { + enable = true; + virtualHost = "git.eth.moe"; + scanPath = "${config.services.gitolite.dataDir}/repositories/"; + projectList = "${config.services.gitolite.dataDir}/projects.list"; + }; + eth.sites.recipes = { + enable = true; + virtualHost = "recipes.eth.moe"; + }; + + services.gitolite = { + enable = true; + adminPubkey = builtins.elemAt config.users.users.eth.openssh.authorizedKeys.keys 0; + user = "git"; + group = "git"; + extraGitoliteRc = '' + $RC{GIT_CONFIG_KEYS} = '.*'; + push( @{$RC{ENABLE}}, 'symbolic-ref' ); + ''; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "20.03"; # Did you read the comment? + + system.autoUpgrade.enable = true; + # system.autoUpgrade.allowReboot = true; + +} + |