Bun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Move server to new hardware

Browse source
This commit is contained in:
Bun 2025-03-10 22:08:35 -04:00
parent 643c6c9e9b
commit 145297af58
32 changed files with 129 additions and 321 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

117
flake.lock generated
View file

@ -200,6 +200,24 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"gitignore": { "gitignore": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -314,11 +332,11 @@
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1741397002, "lastModified": 1741570035,
"narHash": "sha256-drDvZrCYhao1RPlmykB1mN3sNxQmMUd8R+S5N6dkYUQ=", "narHash": "sha256-11AaZ1Zltaa4ZJPZrI5mfG5Or19XjlNYHPewbNC42bE=",
"owner": "Infinidoge", "owner": "Infinidoge",
"repo": "nix-minecraft", "repo": "nix-minecraft",
"rev": "5384176f696b39c479dfc2798bb3ada09e72f6e1", "rev": "b41a02dedb9d8dd3e0eb7ea7ab4d8c48da4389a5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -329,11 +347,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1733808091, "lastModified": 1741445498,
"narHash": "sha256-KWwINTQelKOoQgrXftxoqxmKFZb9pLVfnRvK270nkVk=", "narHash": "sha256-F5Em0iv/CxkN5mZ9hRn3vPknpoWdcdCyR0e4WklHwiE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "a0f3e10d94359665dba45b71b4227b0aeb851f8e", "rev": "52e3095f6d812b91b22fb7ad0bfc1ab416453634",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -375,11 +393,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1732014248, "lastModified": 1741513245,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=", "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367", "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -390,11 +408,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1739866667, "lastModified": 1741513245,
"narHash": "sha256-EO1ygNKZlsAC9avfcwHkKGMsmipUk1Uc0TbrEZpkn64=", "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "73cf49b8ad837ade2de76f87eb53fc85ed5d4680", "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -406,11 +424,11 @@
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1741332913, "lastModified": 1741445498,
"narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=", "narHash": "sha256-F5Em0iv/CxkN5mZ9hRn3vPknpoWdcdCyR0e4WklHwiE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "20755fa05115c84be00b04690630cb38f0a203ad", "rev": "52e3095f6d812b91b22fb7ad0bfc1ab416453634",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -421,11 +439,27 @@
}, },
"nixpkgs_5": { "nixpkgs_5": {
"locked": { "locked": {
"lastModified": 1741246872, "lastModified": 1741513245,
"narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1741513245,
"narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -442,11 +476,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1741416242, "lastModified": 1741649763,
"narHash": "sha256-ICiUn+fH/ib4lTuQcYiUwcXKQj7/JoE4aQNZY9A1T1A=", "narHash": "sha256-436Es6IDqrUukz5VLjRP41F/znZPFZEz274s6phBR5o=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "84c34746969c63f8edbe5c76bd3fa0b015fd9a0f", "rev": "2f76066428491220b7bd46388ac1e8e9d1ead805",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -493,6 +527,7 @@
"minecraft": "minecraft", "minecraft": "minecraft",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_4",
"nur": "nur", "nur": "nur",
"spacebar": "spacebar",
"unstable": "unstable" "unstable": "unstable"
} }
}, },
@ -521,6 +556,25 @@
"type": "github" "type": "github"
} }
}, },
"spacebar": {
"inputs": {
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_6"
},
"locked": {
"lastModified": 1737778726,
"narHash": "sha256-iaXm8Mnf1ROQW/i07/xVg81oNYsBvhB+D9I3c9e1FKI=",
"owner": "spacebarchat",
"repo": "server",
"rev": "b18a297794f62d87a41f36bf6ef81f126aa5c002",
"type": "github"
},
"original": {
"owner": "spacebarchat",
"repo": "server",
"type": "github"
}
},
"systems": { "systems": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
@ -551,6 +605,21 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": { "treefmt-nix": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -574,11 +643,11 @@
}, },
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1741246872, "lastModified": 1741513245,
"narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "narHash": "sha256-7rTAMNTY1xoBwz0h7ZMtEcd8LELk9R5TzBPoHuhNSCk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "rev": "e3e32b642a31e6714ec1b712de8c91a3352ce7e1",
"type": "github" "type": "github"
}, },
"original": { "original": {

3
flake.nix
View file

@ -17,6 +17,7 @@
impermanence.url = "github:nix-community/impermanence"; impermanence.url = "github:nix-community/impermanence";
mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.11"; mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-24.11";
minecraft.url = "github:Infinidoge/nix-minecraft"; minecraft.url = "github:Infinidoge/nix-minecraft";
spacebar.url = "github:spacebarchat/server";
# Home inputs # Home inputs
home-manager = { home-manager = {
@ -37,6 +38,7 @@
impermanence, impermanence,
mailserver, mailserver,
minecraft, minecraft,
spacebar,
home-manager, home-manager,
nur, nur,
blender, blender,
@ -62,7 +64,6 @@
redmond = mkNix [ ./hosts/redmond ]; # Lenovo Dual-Boot redmond = mkNix [ ./hosts/redmond ]; # Lenovo Dual-Boot
iso = mkNix [ ./hosts/iso ]; # ISO File iso = mkNix [ ./hosts/iso ]; # ISO File
kitty = mkNix [ ./hosts/kitty ]; # Dell Optiplex 7010
midas = mkNix [ ./hosts/midas ]; # Dell Optiplex 5040 midas = mkNix [ ./hosts/midas ]; # Dell Optiplex 5040
prophet = mkNix [ ./hosts/prophet ]; # Oracle Neoverse-N1 prophet = mkNix [ ./hosts/prophet ]; # Oracle Neoverse-N1
}; };

2
hosts/envy/filesystems/default.nix
View file

@ -14,7 +14,7 @@
}; };
# Network mounts # Network mounts
"/home/${config.sysusers.main}/KittyNFS" = { "/home/${config.sysusers.main}/MidasNFS" = {
device = "10.100.0.1:/storage"; device = "10.100.0.1:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ "x-systemd.automount" "_netdev" "nofail" "noauto" ]; options = [ "x-systemd.automount" "_netdev" "nofail" "noauto" ];

10
hosts/kitty/boot/default.nix
View file

@ -1,10 +0,0 @@
{ pkgs, ... }:
{
boot = {
kernelPackages = pkgs.linuxPackages_5_15;
swraid = {
enable = true;
mdadmConf = "MAILADDR contact@nixfox.ca";
};
};
}

31
hosts/kitty/default.nix
View file

@ -1,31 +0,0 @@
{ ... }:
{
imports = [
./boot
./disko
./filesystems
./firewall
./hardware
./users
../../modules/system
];
networking = {
hostName = "kitty";
hostId = "38ba3f57";
};
system = {
server.enable = true;
fileserver.enable = true;
socialserver.enable = true;
wireguard.server.enable = true;
stateVersion = "24.05";
};
services.minecraft-servers.servers = {
velocity.enable = true;
cornworld.enable = true;
skyblock.enable = true;
};
}

75
hosts/kitty/disko/default.nix
View file

@ -1,75 +0,0 @@
{ config, disko, ... }:
{
imports = [ disko.nixosModules.disko ];
disko.devices = {
disk = {
"${config.networking.hostName}" = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
size = "2G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
main = {
size = "100%";
content = {
type = "lvm_pv";
vg = "${config.networking.hostName}";
};
};
};
};
};
};
lvm_vg = {
"${config.networking.hostName}" = {
type = "lvm_vg";
lvs = {
root = {
size = "100%";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" "ssd" ];
};
"/prev" = {
mountpoint = "/prev";
mountOptions = [ "compress=zstd" "noatime" "ssd" "noexec" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" "ssd" ];
};
};
};
};
swap = {
size = "4G";
content = {
type = "swap";
discardPolicy = "both";
};
};
};
};
};
};
# Needed for impermanence
fileSystems."/persist".neededForBoot = true;
}

9
hosts/kitty/filesystems/default.nix
View file

@ -1,9 +0,0 @@
{ ... }:
{
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
fsType = "btrfs";
neededForBoot = true;
options = [ "subvol=persist" "compress=zstd" "noatime" ];
};
}

8
hosts/kitty/hardware/default.nix
View file

@ -1,8 +0,0 @@
{ config, lib, ... }:
{
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usbhid" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "kvm-intel" ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

1
hosts/kitty/id_ed25519.pub
View file

@ -1 +0,0 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k

4
hosts/kitty/users/default.nix
View file

@ -1,4 +0,0 @@
{ ... }:
{
imports = [ ./main ];
}

6
hosts/kitty/users/main/default.nix
View file

@ -1,6 +0,0 @@
{ config, lib, ... }:
{
home-manager.users."${config.sysusers.main}".home = {
stateVersion = lib.mkForce config.system.stateVersion;
};
}

5
hosts/midas/boot/default.nix
View file

@ -1,4 +1,7 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
boot.kernelPackages = pkgs.linuxPackages_latest; boot.swraid = {
enable = true;
mdadmConf = "MAILADDR contact@nixfox.ca";
};
} }

36
hosts/midas/default.nix
View file

@ -1,40 +1,32 @@
{ pkgs, ... }: { ... }:
{ {
imports = [ imports = [
./boot ./boot
./disko ./disko
./filesystems ./filesystems
./firewall
./hardware ./hardware
./users ./users
../../modules/system ../../modules/system
]; ];
networking.hostName = "midas"; networking = {
hostName = "midas";
hostId = "38ba3f57";
};
system = { system = {
desktop.enable = true; server.enable = true;
lanzaboote.enable = true; lanzaboote.enable = true;
fancyboot.enable = true; fileserver.enable = true;
libvirtd.enable = true; socialserver.enable = true;
wireguard.server.enable = true;
stateVersion = "24.11"; stateVersion = "24.11";
}; };
hardware.graphics = { services.minecraft-servers.servers = {
extraPackages = with pkgs; [ velocity.enable = true;
intel-media-driver cornworld.enable = true;
intel-ocl skyblock.enable = true;
intel-vaapi-driver
];
extraPackages32 = with pkgs.driversi686Linux; [
intel-media-driver
intel-vaapi-driver
];
}; };
nixpkgs.allowUnfreePackages = [ "intel-ocl" ];
services.xserver.videoDrivers = [
"intel"
"i915"
];
} }

9
hosts/midas/disko/default.nix
View file

@ -61,15 +61,6 @@
mountpoint = "/nix"; mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" "ssd" ]; mountOptions = [ "compress=zstd" "noatime" "ssd" ];
}; };
# Impermanence
"/persist" = {
mountpoint = "/persist";
mountOptions = [ "compress=zstd" "noatime" "ssd" ];
};
"/persist/.snapshots" = { };
"/persist/home/${config.sysusers.main}" = { };
"/persist/home/${config.sysusers.main}/.snapshots" = { };
}; };
}; };
}; };

14
hosts/midas/filesystems/default.nix
View file

@ -1,11 +1,9 @@
{ config, ... }: { ... }:
{ {
fileSystems = { fileSystems."/persist" = {
# Network mounts device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
"/home/${config.sysusers.main}/KittyNFS" = { fsType = "btrfs";
device = "${config.ips.server}:/storage"; neededForBoot = true;
fsType = "nfs4"; options = [ "subvol=persist" "compress=zstd" "noatime" ];
options = [ "x-systemd.automount" "noauto" "soft" "_netdev" ];
};
}; };
} }

0
hosts/kitty/firewall/default.nix → hosts/midas/firewall/default.nix
View file

1
hosts/midas/hardware/default.nix
View file

@ -1,4 +1,3 @@
# nixos-generate-config --root ./ --no-filesystems
{ config, lib, modulesPath, ... }: { config, lib, modulesPath, ... }:
{ {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

2
hosts/midas/id_ed25519.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJzNzWYDUZ6PEzUPoGMA6I5t1ACUUwnucD8pNcAS1BeQ ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFGHaxdTeC1xnTx2BY5LLR5LxhdSkmYoWuOeEuRIz0k

3
hosts/midas/users/main/default.nix
View file

@ -1,9 +1,6 @@
{ config, lib, ... }: { config, lib, ... }:
{ {
home-manager.users."${config.sysusers.main}".home = { home-manager.users."${config.sysusers.main}".home = {
desktop.enable = true;
gaming.enable = true;
production.enable = true;
stateVersion = lib.mkForce config.system.stateVersion; stateVersion = lib.mkForce config.system.stateVersion;
}; };
} }

2
hosts/pear/filesystems/default.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, ... }:
{ {
fileSystems."/home/${config.sysusers.main}/KittyNFS" = { fileSystems."/home/${config.sysusers.main}/MidasNFS" = {
device = "10.100.0.1:/storage"; device = "10.100.0.1:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ "x-systemd.automount" "_netdev" "nofail" "noauto" ]; options = [ "x-systemd.automount" "_netdev" "nofail" "noauto" ];

2
hosts/redmond/filesystems/default.nix
View file

@ -5,7 +5,7 @@
device = "/dev/disk/by-uuid/582C6B802C6B57D0"; device = "/dev/disk/by-uuid/582C6B802C6B57D0";
options = [ "nosuid" "nodev" ]; options = [ "nosuid" "nodev" ];
}; };
"/home/${config.sysusers.main}/KittyNFS" = { "/home/${config.sysusers.main}/MidasNFS" = {
device = "10.100.0.1:/storage"; device = "10.100.0.1:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ "x-systemd.automount" "_netdev" "nofail" "noauto" ]; options = [ "x-systemd.automount" "_netdev" "nofail" "noauto" ];

2
hosts/tower/filesystems/default.nix
View file

@ -39,7 +39,7 @@
}; };
# Network mounts # Network mounts
"/home/${config.sysusers.main}/KittyNFS" = { "/home/${config.sysusers.main}/MidasNFS" = {
device = "${config.ips.server}:/storage"; device = "${config.ips.server}:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ "x-systemd.automount" "noauto" "soft" "_netdev" ]; options = [ "x-systemd.automount" "noauto" "soft" "_netdev" ];

1
modules/system/accounts/users/custom/main/default.nix
View file

@ -18,7 +18,6 @@
../../../../../../hosts/pear/id_ed25519.pub ../../../../../../hosts/pear/id_ed25519.pub
../../../../../../hosts/redmond/id_ed25519.pub ../../../../../../hosts/redmond/id_ed25519.pub
../../../../../../hosts/kitty/id_ed25519.pub
../../../../../../hosts/midas/id_ed25519.pub ../../../../../../hosts/midas/id_ed25519.pub
../../../../../../hosts/prophet/id_ed25519.pub ../../../../../../hosts/prophet/id_ed25519.pub
]; ];

4
modules/system/services/server/fileserver/nextcloud/collabora/default.nix
View file

@ -1,4 +0,0 @@
{ config, lib, ... }:
{
services.collabora-online.enable = config.services.nextcloud.enable;
}

9
modules/system/services/server/fileserver/nextcloud/default.nix
View file

@ -1,15 +1,12 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ imports = [ ./nginx ];
./collabora
./nginx
];
config = lib.mkIf config.system.fileserver.enable { config = lib.mkIf config.system.fileserver.enable {
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
package = pkgs.nextcloud30; package = pkgs.nextcloud30;
hostName = "cloud.nixfox.ca"; hostName = "files.nixfox.ca";
https = true; https = true;
config = { config = {
adminuser = config.sysusers.main; adminuser = config.sysusers.main;
@ -17,7 +14,7 @@
}; };
settings = { settings = {
trusted_proxies = [ "127.0.0.1" ]; trusted_proxies = [ "127.0.0.1" ];
trusted_domains = [ "cloud.nixfox.ca" ]; trusted_domains = [ "files.nixfox.ca" ];
overwriteprotocol = "https"; overwriteprotocol = "https";
mail_smtphost = "mx.nixfox.ca"; mail_smtphost = "mx.nixfox.ca";
mail_domain = "nixfox.ca"; mail_domain = "nixfox.ca";

2
modules/system/services/server/fileserver/nextcloud/nginx/default.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }: { config, lib, ... }:
{ {
services.nginx.virtualHosts."cloud.nixfox.ca" = lib.mkIf config.services.nextcloud.enable { services.nginx.virtualHosts."files.nixfox.ca" = lib.mkIf config.services.nextcloud.enable {
enableACME = true; enableACME = true;
addSSL = true; addSSL = true;
locations."/" = { locations."/" = {

2
modules/system/services/server/socialserver/default.nix
View file

@ -2,8 +2,8 @@
{ {
imports = [ imports = [
./mastodon ./mastodon
./matrix
./owncast ./owncast
#./spacebar
]; ];
options.system.socialserver.enable = lib.mkEnableOption "Enable social media like services"; options.system.socialserver.enable = lib.mkEnableOption "Enable social media like services";

7
modules/system/services/server/socialserver/matrix/default.nix
View file

@ -1,7 +0,0 @@
{ ... }:
{
imports = [
./element
./synapse
];
}

21
modules/system/services/server/socialserver/matrix/element/default.nix
View file

@ -1,21 +0,0 @@
{ config, lib, ... }:
{
imports = [ ./nginx ];
config = lib.mkIf config.services.matrix-synapse.enable {
nixpkgs.config.element-web.conf = {
default_server_config."m.homeserver" = {
base_url = "https://matrix.nixfox.ca";
server_name = "matrix.nixfox.ca";
};
branding = {
auth_header_logo_url = "https://www.nixfox.ca/images/copyright/profile.png";
#welcome_background_url = "https://www.nixfox.ca/images/backgrounds/template-background.png";
};
embedded_pages.home_url = "https://www.nixfox.ca/";
disable_custom_urls = true;
disable_guests = true;
default_theme = "dark";
};
};
}

8
modules/system/services/server/socialserver/matrix/element/nginx/default.nix
View file

@ -1,8 +0,0 @@
{ config, lib, pkgs, ... }:
{
services.nginx.virtualHosts."chat.nixfox.ca" = lib.mkIf config.services.matrix-synapse.enable {
enableACME = true;
addSSL = true;
root = "${pkgs.element-web}";
};
}

41
modules/system/services/server/socialserver/matrix/synapse/default.nix
View file

@ -1,41 +0,0 @@
{ config, lib, ... }:
{
imports = [ ./nginx ];
config = lib.mkIf config.system.socialserver.enable {
services.matrix-synapse = {
enable = true;
settings = {
server_name = "nixfox.ca";
public_baseurl = "https://matrix.nixfox.ca";
suppress_key_server_warning = true;
# Email notifications about account status
email = {
notif_from = "NixFox Matrix <noreply@nixfox.ca>";
smtp_host = "mx.nixfox.ca";
smtp_user = "noreply@nixfox.ca";
smtp_pass = config.secrets.mailPass.nixfoxNoReply;
enable_tls = true;
smtp_port = 587;
require_transport_security = true;
};
# Disable registration without email
registrations_require_3pid = [ "email" ];
# Set the type of database
database.name = "sqlite3";
# Allow account registration
#enable_registration = true;
# General settings
max_upload_size = "60M";
burst_count = 15;
};
};
environment.persistence."/persist".directories = [ "/var/lib/matrix-synapse" ];
};
}

13
modules/system/services/server/socialserver/matrix/synapse/nginx/default.nix
View file

@ -1,13 +0,0 @@
{ config, lib, ... }:
{
services.nginx.virtualHosts."matrix.nixfox.ca" = lib.mkIf config.services.matrix-synapse.enable {
enableACME = true;
forceSSL = true;
locations = {
"/".extraConfig = ''return 403;'';
"/client".proxyPass = "http://127.0.0.1:8008";
"/_matrix".proxyPass = "http://127.0.0.1:8008";
"/_synapse/client".proxyPass = "http://127.0.0.1:8008";
};
};
}