k/nixos_configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Cleanup and minor changes

Browse Source
This commit is contained in:
k
2025-01-11 23:57:50 -05:00
parent 1197820789
commit 562839d47d
5 changed files with 41 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
hosts/server/configuration.nix
View File

@@ -5,10 +5,9 @@
...
}: {
imports = [./hardware-configuration.nix ./service.nix];
powerManagement.enable = false;
powerManagement.enable = true;
system.autoUpgrade.enable = true;
networking.networkmanager.enable = true;
boot.kernelParams = ["intel_pstate=active"];
nix = {
gc.automatic = true;
@@ -21,10 +20,10 @@
nixpkgs.config.allowUnfree = true;
programs = {
nix-ld.enable = true;
nix-ld.libraries = with pkgs; [glibc glib];
zsh.enable = true;
neovim.enable = true;
};
users = {
motd = "Welcome to the Server";
defaultUserShell = pkgs.zsh;
@@ -56,17 +55,12 @@
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-compute-runtime
intel-vaapi-driver
intel-media-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
vpl-gpu-rt
intel-compute-runtime
];
};
services.xserver.videoDrivers = ["intel"];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave

2
hosts/server/home.nix
View File

@@ -5,5 +5,5 @@
...
}: {
imports = [../home/home_common.nix];
home = {packages = with pkgs; [docker docker-compose];};
home = {packages = with pkgs; [docker docker-compose neovim];};
}

63
hosts/server/service.nix
View File

@@ -5,8 +5,8 @@
}: {
networking.firewall = {
enable = true;
allowedTCPPorts = [80 443 22 26615 25565 24454 8080 53];
allowedUDPPorts = [26615 25565 24454 8080 53];
allowedTCPPorts = [80 443 22];
allowedUDPPorts = [];
};
security.acme = {
@@ -37,46 +37,6 @@
package = pkgs.ollama-intel;
};
crab-hole = {
enable = true;
settings = {
api = {
listen = "192.168.0.2";
port = 8080;
show_doc = true;
};
downstream = [
{
listen = "192.168.0.2";
port = 53;
protocol = "udp";
}
];
upstream = {
name_servers = [
{
protocol = "tls";
socket_addr = "[2606:4700:4700::1111]:853";
tls_dns_name = "1dot1dot1dot1.cloudflare-dns.com";
trust_nx_responses = false;
}
{
protocol = "tls";
socket_addr = "1.1.1.1:853";
tls_dns_name = "1dot1dot1dot1.cloudflare-dns.com";
trust_nx_responses = false;
}
];
};
blocklist.lists = [
"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
"https://raw.githubusercontent.com/anudeepND/blacklist/master/adservers.txt"
"https://raw.githubusercontent.com/anudeepND/blacklist/master/CoinMiner.txt"
"https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt"
];
};
};
gitea = {
enable = true;
settings = {
@@ -114,7 +74,7 @@
http = {
use_x_forwarded_for = "true";
trusted_proxies = ["127.0.0.1"];
server_port = 8003;
server_port = 8002;
};
};
};
@@ -135,7 +95,7 @@
searx = {
enable = true;
settings = {
server.port = 8005;
server.port = 8003;
server.secret_key = "secretlol";
search.formats = ["html" "json"];
};
@@ -191,29 +151,20 @@
};
};
"srx.dhilton.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8005";
proxyWebsockets = true;
};
};
"hom.dhilton.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8003";
proxyPass = "http://127.0.0.1:8002";
proxyWebsockets = true;
};
};
"map.dhilton.xyz" = {
"srx.dhilton.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8100";
proxyPass = "http://127.0.0.1:8003";
proxyWebsockets = true;
};
};