Hertog
/
HermitCollective.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Migrated to vm

Main
hermitcollective.net 2024-08-16 11:36:41 +00:00
parent bd89e5bb9c
commit 319022cbe4
10 changed files with 34 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
services/default.nix
View File

@ -6,7 +6,5 @@
./nextcloud.nix ./nextcloud.nix
./owncast.nix ./owncast.nix
./uptime-kuma.nix ./uptime-kuma.nix
# ./iceshrimp.nix
./inspircd.nix
]; ];
} }

33
services/iceshrimp.nix
View File

@ -1,33 +0,0 @@
{ inputs, ... }:
{
services = {
iceshrimp = {
enable = true; # Actually enable the module
createDb = true;
configureNginx.enable = false;
stateDir = "/var/lib/iceshrimp";
mediaDir = "/var/lib/iceshrimp/files";
settings = {
url = "https://mastodon.hermitcollective.net";
maxNoteLength = 35124; # Length of the GPL3 + long;
maxCaptionLength = 5000; # We did it HermitCollective!! We solved accesibility!
};
};
nginx.virtualHosts."mastodon.hermitcollective.net" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:3000";
proxyWebsockets = true; # needed if you need to use WebSocket
extraConfig =
# required when the target is also TLS server with multiple hosts
"proxy_ssl_server_name on;" +
# required when the server wants to use HTTP Authentication
"proxy_pass_header Authorization;"
;
};
};
};
}

9
services/inspircd.nix
View File

@ -1,9 +0,0 @@
{ pkgs, ... }:
{
services.inspircd = {
enable = true;
package = pkgs.inspircd;
config = builtins.readFile "/etc/inspircd.conf";
};
}

7
services/nextcloud.nix
View File

@ -6,7 +6,12 @@
package = pkgs.nextcloud28; package = pkgs.nextcloud28;
appstoreEnable = true; appstoreEnable = true;
hostName = "cloud.hermitcollective.net"; hostName = "cloud.hermitcollective.net";
config.adminpassFile = "/etc/nextcloud-admin-pass"; config = {
adminpassFile = "/etc/nextcloud-admin-pass";
dbhost = "192.168.178.193";
dbtype = "pgsql";
dbpassFile = "/etc/nextcloud-db-pass";
};
https = true; https = true;
}; };
services.nginx.virtualHosts.${config.services.nextcloud.hostName} = { services.nginx.virtualHosts.${config.services.nextcloud.hostName} = {

27
services/tt-rss.nix
View File

@ -1,26 +1,17 @@
{ {
services.tt-rss = { services.tt-rss = {
enable = true; # Enable TT-RSS enable = true;
database = { # Configure the database database = {
type = "pgsql"; # Database type host = "192.168.178.193";
passwordFile = "/etc/tt-rss-pass"; # Where to find the password type = "pgsql";
passwordFile = "/etc/tt-rss-pass";
}; };
email = { email = {
fromAddress = "feeds@hermitcollective.net"; # Address for outgoing email fromAddress = "feeds@hermitcollective.net";
fromName = "Feeds from HermitCollective"; # Display name for outgoing email fromName = "Feeds from HermitCollective";
}; };
selfUrlPath = "https://feeds.hermitcollective.net/"; # Root web URL selfUrlPath = "https://feeds.hermitcollective.net/";
virtualHost = "feeds.hermitcollective.net"; # Setup a virtualhost virtualHost = "feeds.hermitcollective.net";
};
services.postgresql = {
enable = true; # Ensure postgresql is enabled
authentication = ''
local tt_rss all ident map=tt_rss-users
'';
identMap = ''
tt_rss-users tt_rss tt_rss
'';
}; };
services.nginx.virtualHosts."feeds.hermitcollective.net" = { services.nginx.virtualHosts."feeds.hermitcollective.net" = {

2
sites/default.nix
View File

@ -1,7 +1,7 @@
{ {
imports = [ imports = [
./hermitcollective.net ./hermitcollective.net
./irc.hermitcollective.net # ./irc.hermitcollective.net
./blog.hermitcollective.net ./blog.hermitcollective.net
./hertog.hermitcollective.net ./hertog.hermitcollective.net
]; ];

15
system/hardware-configuration.nix
View File

@ -5,12 +5,12 @@
{ {
imports = imports =
[ (modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/profiles/qemu-guest.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" ]; boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
@ -18,11 +18,6 @@
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/B7A8-E52E";
fsType = "vfat";
};
swapDevices = [ ]; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -30,9 +25,7 @@
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp6s0.useDHCP = lib.mkDefault true; # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

1
system/packages.nix
View File

@ -9,6 +9,7 @@
git git
btop btop
wget wget
zulu
]; ];
}; };
} }

1
users/default.nix
View File

@ -2,5 +2,6 @@
imports = [ imports = [
./hertog.nix ./hertog.nix
./sara.nix ./sara.nix
./jo.nix
]; ];
} }

12
users/jo.nix Normal file
View File

@ -0,0 +1,12 @@
{
users.users.jo = {
initialPassword = "";
isNormalUser = true;
description = "Jo";
extraGroups = [ "networkmanager" "wheel" "sudo" "adm" "video" "audio" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIF+U7vBUNxPIOdnFOZ29QWCeYMKNYoeoNC93XXKtbQK jo@jo.wtf"
];
};
}