Initial commit for /etc/nixos configuration

2024-10-25 17:00:18 -05:00 · 2024-10-25 17:00:18 -05:00 · fc6ebcd94f
commit fc6ebcd94f
9 changed files with 284 additions and 0 deletions
--- a/server/acme.nix
+++ b/server/acme.nix
@ -0,0 +1,6 @@
+{
+  security.acme = {
+    acceptTerms = true;
+    defaults.email = "odintoons@gmail.com";
+  };
+}
--- a/server/azuracast.nix
+++ b/server/azuracast.nix
@ -0,0 +1,11 @@
+{ ... }:
+{
+  services.nginx.virtualHosts."radio.lunamoonlight.xyz" =  {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://10.0.0.9:86";
+      proxyWebsockets = true;
+    };
+  };
+}
--- a/server/nextcloud.nix
+++ b/server/nextcloud.nix
@ -0,0 +1,35 @@
+{pkgs, outputs, ...}: {
+  services = {
+    nextcloud = {
+      enable = true;
+      package = pkgs.nextcloud29;
+      hostName = "nextcloud.lunamoonlight.xyz";
+      datadir = "/mnt/nextcloud";
+      https = true;
+      config = {
+        adminuser = "luna";
+        adminpassFile = "/mnt/nextcloud/password.txt";
+      };
+      settings = {
+        trusted_proxies = [ "127.0.0.1" ];
+        trusted_domains = [ "nextcloud.lunamoonlight.xyz" ];
+        overwriteprotocol = "https";
+      };
+    };
+    nginx.virtualHosts."nextcloud.lunamoonlight.xyz" =  {
+      enableACME = true;
+      addSSL = true;
+      locations."/" = {
+        proxyWebsockets = true;
+        extraConfig = "
+         location /.well-known/carddav {
+            return 301 $scheme://$host/remote.php/dav;
+          }
+          location /.well-known/caldav {
+            return 301 $scheme://$host/remote.php/dav;
+          }
+       ";
+      };
+    };
+  };
+}
--- a/server/nfs.nix
+++ b/server/nfs.nix
@ -0,0 +1,9 @@
+{
+  # NFS server
+  services.nfs.server = {
+    enable = true;
+    exports = ''
+      /export/LunaNFS *(rw,no_subtree_check)
+    '';
+  };
+}
--- a/server/nginx.nix
+++ b/server/nginx.nix
@ -0,0 +1,26 @@
+{pkgs, ...}: {
+  services.nginx = {
+    enable = true;
+    package = (pkgs.nginx.override {
+      modules = with pkgs.nginxModules; [ rtmp ];
+    });
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+    virtualHosts = {
+      "lunamoonlight.xyz" = {
+        enableACME = true;
+        addSSL = true;
+        root = "/var/www/lunalanding";
+     };
+   };
+ };
+
+  # Open HTTP and HTTPs ports
+  networking.firewall = {
+    allowedTCPPorts = [
+      80 443
+    ];
+  };
+}