blob: 27c35eb53cfd22125460b825cb05657307349d21 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
# This file conatins the host-specific configuration for a shitty webserver in
# my closet.
{
config,
pkgs,
...
}: {
imports = [
./hardware-configuration.nix
./cloudflare-proxy
./disable-screen
./duksebot
./forsvarsarper
./git.linus.onl
./hellohtml.linus.onl
./linus.onl
./nofitications.linus.onl
./ssh
./home
];
# Create the main user.
users.users.linus = {
isNormalUser = true;
hashedPassword = "$y$j9T$UmZES4WC8FWrjBvdazq2e/$rzneAKZeySwSVKiSZJfXC.fciiQdGqxB5uyRaPQ6OF.";
extraGroups = ["wheel"];
};
users.mutableUsers = false;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.tmp.cleanOnBoot = true;
# The hostname should match the containing folder.
networking.hostName = "ahmed";
# This host is located in Denmark.
time.timeZone = "Europe/Copenhagen";
console = {
font = "sun12x22"; # This font is pretty readable on the cracked display.
keyMap = "dk"; # This host has a Danish keyboard layout.
};
# Set up Minecraft server.
services.on-demand-minecraft = {
enable = true;
eula = true;
package = pkgs.papermc;
openFirewall = true;
# Try shutting down every 10 minutes.
frequency-check-players = "*-*-* *:00/10:00";
};
services.cloudflare-dyndns.domains = ["minecraft.linus.onl"];
# Virtual hosts.
# Each module for a HTTP service will register a virtual host.
services.nginx.enable = true;
# Configure ACME. This is used by various HTTP services through the NGINX virtual hosts.
security.acme = {
acceptTerms = true;
defaults.email = "linusvejlo+${config.networking.hostName}[email protected]";
};
# Configure DDNS. The website for each module is responsible for extending
# `services.cloudflare-dyndns.domains` with its domain.
age.secrets.cloudflare-dyndns-api-token.file = ../../secrets/cloudflare-ddns-token.env.age;
services.cloudflare-dyndns = {
enable = true;
apiTokenFile = config.age.secrets.cloudflare-dyndns-api-token.path;
proxied = true;
};
# We also have to overwrite the dependencies of the DYNDNS client service to
# make sure we are *actually* online.
#
# See: https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget
systemd.services.cloudflare-dyndns.after = ["network-online.target"];
# Listen for HTTP connections.
networking.firewall.allowedTCPPorts = [80 443];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
home-manager.users.linus.home.stateVersion = "22.05";
}
|
