k/nixos_configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: k:c183a0a5510e1519bc8fd3bc9b56edad26d5d1d4
Branches Tags
k:master
..
compare: k:5996a33269e89bca6b09c2f8b1da1fc571293105
Branches Tags
k:master

No commits in common. "c183a0a5510e1519bc8fd3bc9b56edad26d5d1d4" and "5996a33269e89bca6b09c2f8b1da1fc571293105" have entirely different histories.
c183a0a551 ... 5996a33269

2 changed files with 20 additions and 31 deletions
Show Stats Expand all files Collapse all files

12
hosts/server/configuration.nix
View File

@ -30,7 +30,7 @@
users = { users = {
motd = "Welcome to the Server"; motd = "Welcome to the Server";
defaultUserShell = pkgs.zsh; defaultUserShell = pkgs.nushell;
users = { users = {
k = { k = {
isNormalUser = true; isNormalUser = true;
@ -48,14 +48,16 @@
}; };
}; };
home-manager = { home-manager = {users = {"k" = import ./home.nix;};};
backupFileExtension = "bk";
users = {"k" = import ./home.nix;};
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
microcodeIntel microcodeIntel
firefox firefox
(pkgs.kodi.withPackages (kodiPkgs:
with kodiPkgs; [
jellyfin
youtube
]))
]; ];
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;

39
hosts/server/service.nix
View File

@ -6,32 +6,10 @@
networking = { networking = {
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [80 443 22 25565 26615 8080 53 19132 ]; allowedTCPPorts = [80 443 22 25565 26615 8080];
allowedUDPPorts = [26615 8080 1900 51820 53 19132 ]; allowedUDPPorts = [26615 8080 1900];
};
nat.externalInterface = "wlp0s20f3";
nat.internalInterfaces = [ "wg0" ];
wireguard.interfaces = {
wg0 = {
ips = ["10.0.0.1/24"];
listenPort = 51820;
privateKeyFile = "/keys/wg-private";
peers = [
{ # laptop
publicKey = "Ze2y3K+blI3aBc1AKTlvv90j+McBaitB+qSLazsuSFM=";
allowedIPs = ["10.0.0.2/32"];
}
{ # phone
publicKey = "vcheBoHRxCrwzbMw0UI9ZsQfVDJizBWkeM+pF5/8+HE=";
allowedIPs = ["10.0.0.3/32"];
}
];
}; };
}; };
};
networking.nat.enable = true;
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
@ -55,6 +33,15 @@
i2p = {enable = true;}; i2p = {enable = true;};
cockpit = {
enable = true;
allowed-origins = ["https://pit.dhilton.xyz"];
};
pulseaudio = {
enable = true;
};
nix-serve = { nix-serve = {
enable = true; enable = true;
secretKeyFile = "/var/cache-priv-key.pem"; secretKeyFile = "/var/cache-priv-key.pem";
@ -197,11 +184,11 @@
}; };
}; };
"map.dhilton.xyz" = { "pit.dhilton.xyz" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:8100"; proxyPass = "http://127.0.0.1:9090";
proxyWebsockets = true; proxyWebsockets = true;
}; };
}; };