Jimbo/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Touchups

Browse source
This commit is contained in:
Jimbo 2024-09-10 21:39:12 -04:00
parent cac7046d3c
commit dcc845a67c
9 changed files with 19 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/server/ddclient.nix
View file

@ -1,5 +1,5 @@
{pkgs, outputs, ...}: { {pkgs, outputs, ...}: {
# DDClient for Dynamic IPs # Dynamic IPs for Cloudflare records
services.ddclient = { services.ddclient = {
enable = true; enable = true;
protocol = "cloudflare"; protocol = "cloudflare";

3
nixos/server/firewall.nix
View file

@ -8,9 +8,6 @@
in { in {
firewall = { firewall = {
allowPing = false; allowPing = false;
allowedTCPPortRanges = [
{ from = 8100; to = 8150; } # Azuracast
];
# Add extra input rules using nftables # Add extra input rules using nftables
extraInputRules = '' extraInputRules = ''

1
nixos/server/misc.nix
View file

@ -3,7 +3,6 @@
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mdadm mdadm
]; ];
services = { services = {
snowflake-proxy.enable = true; snowflake-proxy.enable = true;
logrotate.checkConfig = false; logrotate.checkConfig = false;

2
nixos/server/nextcloud.nix
View file

@ -8,7 +8,7 @@
https = true; https = true;
config = { config = {
adminuser = "jimbo"; adminuser = "jimbo";
adminpassFile = "/mnt/nextcloud/password.txt"; adminpassFile = pkgs.writeText "nextpass" outputs.secrets.nextcloudPass;
}; };
settings = { settings = {
trusted_proxies = [ "127.0.0.1" ]; trusted_proxies = [ "127.0.0.1" ];

34
nixos/server/nginx.nix
View file

@ -17,19 +17,19 @@
locations = { locations = {
"/.well-known/matrix/client" = { "/.well-known/matrix/client" = {
extraConfig = '' extraConfig = ''
default_type application/json; default_type application/json;
return 200 ' return 200 '
{ {
"m.homeserver": { "m.homeserver": {
"base_url": "https://matrix.${outputs.secrets.jimDomain}" "base_url": "https://matrix.${outputs.secrets.jimDomain}"
}, },
"m.identity_server": { "m.identity_server": {
"base_url": "https://matrix.org" "base_url": "https://matrix.org"
}, },
"org.matrix.msc3575.proxy": { "org.matrix.msc3575.proxy": {
"url": "https://matrix.${outputs.secrets.jimDomain}" "url": "https://matrix.${outputs.secrets.jimDomain}"
} }
}'; }';
''; '';
}; };
"/.well-known/matrix/server" = { "/.well-known/matrix/server" = {
@ -68,9 +68,7 @@
}; };
# Open HTTP and HTTPs ports # Open HTTP and HTTPs ports
networking.firewall = { networking.firewall.allowedTCPPorts = [
allowedTCPPorts = [ 80 443
80 443 ];
];
};
} }

1
nixos/server/photoprism.nix
View file

@ -1,5 +1,4 @@
{outputs, ...}: { {outputs, ...}: {
# Photoprism
services = { services = {
photoprism = { photoprism = {
enable = true; enable = true;

1
nixos/server/synapse.nix
View file

@ -10,7 +10,6 @@
# Set the network config # Set the network config
listeners = [{ listeners = [{
# Client config
port = 8008; port = 8008;
bind_addresses = [ "::" "0.0.0.0" ]; bind_addresses = [ "::" "0.0.0.0" ];
resources = [ { compress = false; names = [ "client" "federation" ]; } ]; resources = [ { compress = false; names = [ "client" "federation" ]; } ];

2
nixos/server/wireguard.nix
View file

@ -1,7 +1,7 @@
{outputs, ...}: let {outputs, ...}: let
ips = import ../modules/ips.nix; ips = import ../modules/ips.nix;
in { in {
# enable NAT # Enable NAT
networking = { networking = {
nat = { nat = {
enable = true; enable = true;

BIN
secrets.nix
View file

Binary file not shown.