Bun/nixos-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

More service changes start the move to nixfox.ca and replace the username

Browse source
This commit is contained in:
Jimbo 2025-01-01 18:32:50 -05:00
parent bf138bcd93
commit ab6f4f9946
33 changed files with 54 additions and 203 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/system/accounts/users/custom/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ home-manager, ... }:
{
imports = [
./jimbo
home-manager.nixosModules.home-manager
];
}

13
modules/system/accounts/users/jimbo/default.nix → modules/system/accounts/users/custom/jimbo/default.nix
View file

@ -5,14 +5,13 @@
hashedPassword = config.secrets.jimboAccPass;
isNormalUser = true;
openssh.authorizedKeys.keys = [
(builtins.readFile ../../../../../hosts/tower/id_ed25519.pub)
(builtins.readFile ../../../../../../hosts/tower/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/envy/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/lacros/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/redmond/id_ed25519.pub)
(builtins.readFile ../../../../../../hosts/envy/id_ed25519.pub)
(builtins.readFile ../../../../../../hosts/redmond/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/kitty/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/prophet/id_ed25519.pub)
(builtins.readFile ../../../../../../hosts/kitty/id_ed25519.pub)
(builtins.readFile ../../../../../../hosts/prophet/id_ed25519.pub)
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
];
@ -35,5 +34,5 @@
shell = pkgs.zsh;
};
home-manager.users.jimbo = import ../../../../home;
home-manager.users.jimbo = import ../../../../../home;
}

9
modules/system/accounts/users/default.nix
View file

@ -1,11 +1,8 @@
{ home-manager, ... }:
{ ... }:
{
imports = [
./jimbo
./liquidsoap
./nextcloud
./nginx
home-manager.nixosModules.home-manager
./custom
./system
];
users.mutableUsers = false;

8
modules/system/accounts/users/system/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ ... }:
{
imports = [
./liquidsoap
./nextcloud
./nginx
];
}

0
modules/system/accounts/users/liquidsoap/default.nix → modules/system/accounts/users/system/liquidsoap/default.nix
View file

0
modules/system/accounts/users/nextcloud/default.nix → modules/system/accounts/users/system/nextcloud/default.nix
View file

0
modules/system/accounts/users/nginx/default.nix → modules/system/accounts/users/system/nginx/default.nix
View file

2
modules/system/services/server/acme/default.nix
View file

@ -2,6 +2,6 @@
{
security.acme = {
acceptTerms = true;
defaults.email = "jimjam4real@gmail.com";
defaults.email = "jimbo@${config.domains.p2}";
};
}

20
modules/system/services/server/ddclient/default.nix
View file

@ -4,19 +4,19 @@
enable = config.system.server.enable;
protocol = "cloudflare";
usev4 = "web, web=https://ipinfo.io/ip";
zone = "${config.domains.p1}";
zone = "${config.domains.p2}";
username = "token";
passwordFile = "${pkgs.writeText "cloudflareapikey" config.secrets.flareApiKey}";
domains = [
"${config.domains.p1}"
"*.${config.domains.p1}"
"sv.${config.domains.p1}"
"git.${config.domains.p1}"
"turn.${config.domains.p1}"
"dew.${config.domains.p1}"
"john.${config.domains.p1}"
"beta.${config.domains.p1}"
"rogue.${config.domains.p1}"
"${config.domains.p2}"
"*.${config.domains.p2}"
"sv.${config.domains.p2}"
"git.${config.domains.p2}"
"turn.${config.domains.p2}"
"dew.${config.domains.p2}"
"john.${config.domains.p2}"
"beta.${config.domains.p2}"
"rogue.${config.domains.p2}"
];
};
}

4
modules/system/services/server/fileserver/nextcloud/default.nix
View file

@ -5,7 +5,7 @@
services.nextcloud = {
enable = config.system.server.enable;
package = pkgs.nextcloud30;
hostName = "cloud.${config.domains.p1}";
hostName = "cloud.${config.domains.p2}";
datadir = "/mnt/nextcloud";
https = true;
config = {
@ -14,7 +14,7 @@
};
settings = {
trusted_proxies = [ "127.0.0.1" ];
trusted_domains = [ "cloud.${config.domains.p1}" ];
trusted_domains = [ "cloud.${config.domains.p2}" ];
overwriteprotocol = "https";
mail_smtphost = "mx.${config.domains.p1}";
mail_domain = "${config.domains.p1}";

2
modules/system/services/server/fileserver/nextcloud/nginx/default.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }:
{
services.nginx.virtualHosts."cloud.${config.domains.p1}" = lib.mkIf config.services.nextcloud.enable {
services.nginx.virtualHosts."cloud.${config.domains.p2}" = lib.mkIf config.services.nextcloud.enable {
enableACME = true;
addSSL = true;
locations."/" = {

2
modules/system/services/server/forgejo/default.nix
View file

@ -16,7 +16,7 @@
mailer = {
ENABLED = true;
SMTP_ADDR = "mx.${config.domains.p1}";
FROM = "Jimbo's Git <noreply@${config.domains.p1}>";
FROM = "NixFox Git <noreply@${config.domains.p1}>";
USER = "noreply@${config.domains.p1}";
PASSWD = config.secrets.noreplyPassword;
PROTOCOL = "smtps";

2
modules/system/services/server/icecast/default.nix
View file

@ -8,7 +8,7 @@
services.icecast = {
enable = config.system.server.enable;
listen.port = 265;
hostname = "icecast.${config.domains.p1}";
hostname = "radio.${config.domains.p2}";
admin = {
user = "jimbo";
password = "${config.secrets.castAdminPass}";

2
modules/system/services/server/icecast/nginx/default.nix
View file

@ -1,6 +1,6 @@
{ lib, config, ... }:
{
services.nginx.virtualHosts."icecast.${config.domains.p1}" = lib.mkIf config.services.icecast.enable {
services.nginx.virtualHosts."radio.${config.domains.p2}" = lib.mkIf config.services.icecast.enable {
enableACME = true;
forceSSL = true;
locations."/" = {

2
modules/system/services/server/mailserver/roundcube/default.nix
View file

@ -2,7 +2,7 @@
{
services.roundcube = {
enable = config.system.mailserver.enable;
hostName = "mail.${config.domains.p1}";
hostName = "mail.${config.domains.p2}";
extraConfig = ''
$config['smtp_server'] = "tls://mx.${config.domains.p1}";
$config['smtp_user'] = "%u";

2
modules/system/services/server/minecraft/servers/roguecraft/default.nix
View file

@ -9,7 +9,7 @@ in {
serverProperties = common.serverProperties // {
difficulty = 3;
server-port = 30014;
motd = "\\u00A7l\\u00A7bJimbo's \\u00A7cRoguecraft \\u00A7bserver.";
motd = "\\u00A7l\\u00A7bNixFox \\u00A7cRoguecraft \\u00A7bserver.";
require-resource-pack = true;
resource-pack = "https://${config.domains.p1}/roguecraftresourcepackredir";
resource-pack-sha1 = "b540c0562aba90c3ead2356bb9cb74fcf0db36b3";

2
modules/system/services/server/nginx/rtmp/default.nix
View file

@ -34,7 +34,7 @@
};
systemd.services.nginx.serviceConfig = {
ReadWritePaths = [ "/var/www/Jimbo-Landing-Page/streams/hls/" ];
ReadWritePaths = [ "/var/www/landing-page/streams/hls/" ];
};
};
}

2
modules/system/services/server/nginx/virtualhosts/default.nix
View file

@ -1,6 +1,6 @@
{ ... }:
{
imports = [
./p1
./p2
];
}

8
modules/system/services/server/nginx/virtualhosts/p1/default.nix → modules/system/services/server/nginx/virtualhosts/p2/default.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }:
{
services.nginx.virtualHosts."${config.domains.p1}" = lib.mkIf config.system.server.enable {
services.nginx.virtualHosts."${config.domains.p2}" = lib.mkIf config.system.server.enable {
enableACME = true;
addSSL = true;
root = "/var/www/landing-page";
@ -10,13 +10,13 @@
return 200 '
{
"m.homeserver": {
"base_url": "https://matrix.${config.domains.p1}"
"base_url": "https://matrix.${config.domains.p2}"
},
"m.identity_server": {
"base_url": "https://matrix.org"
},
"org.matrix.msc3575.proxy": {
"url": "https://matrix.${config.domains.p1}"
"url": "https://matrix.${config.domains.p2}"
}
}
';
@ -24,7 +24,7 @@
"/.well-known/matrix/server".extraConfig = ''
default_type application/json;
return 200 '{ "m.server": "matrix.${config.domains.p1}:443" }';
return 200 '{ "m.server": "matrix.${config.domains.p2}:443" }';
'';
};
};

2
modules/system/services/server/social/lemmy/default.nix
View file

@ -11,7 +11,7 @@
email = {
smtp_server = "mx.${config.domains.p1}:587";
smtp_login = "noreply@${config.domains.p1}";
smtp_from_address = "Jimbo's Lemmy <noreply@${config.domains.p1}>";
smtp_from_address = "NixFox Lemmy <noreply@${config.domains.p1}>";
smtp_password = config.secrets.noreplyPassword;
tls_type = "starttls";
};

2
modules/system/services/server/transmission/nginx/default.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }:
{
services.nginx.virtualHosts."torrent.${config.domains.p1}" = lib.mkIf config.services.transmission.enable {
services.nginx.virtualHosts."tor.${config.domains.p2}" = lib.mkIf config.services.transmission.enable {
enableACME = true;
forceSSL = true;
locations."/" = {

2
modules/system/services/server/vaultwarden/default.nix
View file

@ -5,7 +5,7 @@
services.vaultwarden = {
enable = config.system.server.enable;
config = {
DOMAIN = "https://warden.${config.domains.p1}";
DOMAIN = "https://pass.${config.domains.p2}";
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;

2
modules/system/services/server/vaultwarden/nginx/default.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }:
{
services.nginx.virtualHosts."warden.${config.domains.p1}" = lib.mkIf config.services.vaultwarden.enable {
services.nginx.virtualHosts."pass.${config.domains.p1}" = lib.mkIf config.services.vaultwarden.enable {
enableACME = true;
forceSSL = true;
locations."/" = {