Gabe/nix-config
1
0
Fork 0
Code Issues 12 Pull requests Projects Releases Packages Wiki Activity

lockfile update and hetzner radicale server.

Browse source 
Hetzner server will eventually have other things on it.
This commit is contained in:
Gabe Venberg 2024-07-27 19:11:57 -05:00
parent 1d6c5082b4
commit 511b8332ed
11 changed files with 267 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

87
hosts/hetzner-multi/default.nix Normal file
View file

@ -0,0 +1,87 @@
{
inputs,
configLib,
...
}:
inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {inherit inputs configLib;};
# > Our main nixos configuration file <
modules = [
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
./disk-config.nix
./nginx.nix
../../roles/nixos/vm.nix
../../configs/nixos/common.nix
../../configs/nixos/tailscale.nix
../../configs/nixos/sshd.nix
../../configs/nixos/secrets.nix
../../configs/nixos/radicale.nix
({
config,
pkgs,
configLib,
...
}: {
host = {
user = "gabe";
fullName = "Gabe Venberg";
gui.enable = false;
isVm = true;
};
networking.hostName = "hetzner-multi"; # Define your hostname.
networking.hostId = "908b80b6";
networking.useNetworkd = true;
systemd.network = {
enable = true;
networks."enp1s0" = {
networkConfig.DHCP = "ipv4";
gateway = ["fe80::1"];
address = ["2a01:4f8:1c1b:6c7c::1/64"];
};
};
home-manager.users.${config.host.user} = {
inputs,
osConfig,
lib,
...
}: {
host = osConfig.host;
user = {
git = {
profile = {
name = config.host.fullName;
email = "gabevenberg@gmail.com";
};
workProfile.enable = false;
};
};
imports = [
../../roles/home-manager/minimal-terminal.nix
../../configs/home-manager/common.nix
inputs.nixvim.homeManagerModules.nixvim
];
};
# Bootloader.
# boot.loader.systemd-boot.enable = true;
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
})
];
}

38
hosts/hetzner-multi/disk-config.nix Normal file
View file

@ -0,0 +1,38 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02";
priority = 1;
};
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

19
hosts/hetzner-multi/nginx.nix Normal file
View file

@ -0,0 +1,19 @@
{
inputs,
config,
pkgs,
lib,
...
}: {
imports = [
../../configs/nixos/nginx.nix
];
services.nginx.virtualHosts."cal.venberg.xyz" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:5232";
};
};
networking.firewall.allowedTCPPorts = [443 80];
}

2
hosts/rockhole64/default.nix
View file

@ -98,7 +98,7 @@ inputs.nixpkgs.lib.nixosSystem {
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.11"; # Did you read the comment?
system.stateVersion = "24.05"; # Did you read the comment?
})
];
}