170 lines
3.4 KiB
Nix
170 lines
3.4 KiB
Nix
{pkgs,...}:
|
|
{
|
|
services.openssh = {
|
|
enable = true;
|
|
};
|
|
|
|
services.jellyfin = {
|
|
enable = true;
|
|
};
|
|
|
|
services.gitea = {
|
|
enable = true;
|
|
settings = {
|
|
service.DISABLE_REGISTRATION = true;
|
|
server = {
|
|
HTTP_PORT = 8001;
|
|
DOMAIN = "dhilton.xyz";
|
|
ROOT_URL = "https://git.dhilton.xyz";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.gitea-actions-runner.instances.home = {
|
|
enable = true;
|
|
url = "https://git.dhilton.xyz";
|
|
name = "nixsrv";
|
|
token = "LaqTWUDidsm510TGBglGvcphsUxYmCzMjrZbEtJj";
|
|
labels = ["ubuntu-latest:docker://node:16-bullseye" "ubuntu-22.04:docker://node:16-bullseye" "ubuntu-20.04:docker://node:16-bullseye" "ubuntu-18.04:docker://node:16-buster" "native:host"];
|
|
};
|
|
|
|
services.pufferpanel = {
|
|
enable = true;
|
|
extraGroups =["docker"];
|
|
extraPackages = [pkgs.jre];
|
|
environment = {
|
|
PUFFER_WEB_HOST = ":8002";
|
|
PUFFER_PANEL_REGISTRATIONENABLED = "false";
|
|
};
|
|
};
|
|
|
|
services.home-assistant = {
|
|
enable = true;
|
|
extraComponents = ["wiz" "fail2ban"];
|
|
config = {
|
|
http.server_port=8003;
|
|
default_config = {};
|
|
};
|
|
};
|
|
|
|
services.ntfy-sh = {
|
|
enable = true;
|
|
settings = {
|
|
listen-http = ":8004";
|
|
auth-file = "/var/lib/ntfy.db";
|
|
auth-default-access = "read-only";
|
|
base-url = "https://ntfy.dhilton.xyz";
|
|
};
|
|
};
|
|
|
|
services.searx = {
|
|
enable=true;
|
|
settings = { server.port = 8005; server.secret_key = "secretlol";};
|
|
};
|
|
|
|
networking.domain = "dhilton.xyz";
|
|
|
|
services.akkoma.enable = true;
|
|
services.akkoma.config = {
|
|
":pleroma" = {
|
|
":instance" = {
|
|
name = "dhilton fedi";
|
|
description = "dhilton akkoma server";
|
|
email = "markers711@gmail.com";
|
|
registration_open = false;
|
|
};
|
|
|
|
"Pleroma.Web.Endpoint" = {
|
|
url.host = "fed.dhilton.xyz";
|
|
};
|
|
};
|
|
};
|
|
services.akkoma.nginx = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
};
|
|
|
|
services.fail2ban = {
|
|
enable=false;
|
|
};
|
|
|
|
virtualisation.docker = {
|
|
enable = true;
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
};
|
|
|
|
services.nginx.virtualHosts = {
|
|
|
|
"dhilton.xyz" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
root = "/var/www/dhilton";
|
|
};
|
|
|
|
"git.dhilton.xyz" = {
|
|
addSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8001";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
"ntfy.dhilton.xyz" = {
|
|
addSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8004";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
"jel.dhilton.xyz" = {
|
|
addSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8096";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
"puf.dhilton.xyz" = {
|
|
addSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8002";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
"srx.dhilton.xyz" = {
|
|
addSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8005";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
|
|
"hom.dhilton.xyz" = {
|
|
addSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:8003";
|
|
proxyWebsockets = true;
|
|
};
|
|
};
|
|
};
|
|
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
defaults.email = "markers711@gmail.com";
|
|
};
|
|
}
|