dot_testing/boxes/netbox/default.nix

121 lines
2.6 KiB
Nix
Raw Normal View History

2024-12-26 21:28:25 -06:00
{ pkgs, ... }:
2023-07-07 23:44:40 -05:00
2024-02-25 20:29:31 -06:00
{
2024-12-26 16:19:59 -06:00
imports = [
./hardware-configuration.nix
../../lib/bootstrap.nix
./sops.nix
2024-06-20 20:00:55 -05:00
2024-12-26 16:19:59 -06:00
./franklincce.nix
./gitea.nix
./mail.nix
./nextcloud.nix
./nginx.nix
./radicale.nix
./ssh.nix
./sslh.nix
./vaultwarden.nix
./wireguard.nix
];
2023-07-07 23:44:40 -05:00
2024-10-09 04:26:18 -05:00
nix = {
optimise = {
automatic = true;
dates = [ "02:30" ];
};
gc = {
automatic = true;
dates = "03:15";
options = "-d";
};
};
2024-01-18 04:28:32 -06:00
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
environment.systemPackages = with pkgs; [
2024-06-15 21:58:09 -05:00
python3
2024-01-18 04:28:32 -06:00
curl
htop
git
tree
dig
htop
2024-01-19 18:56:48 -06:00
neovim
2024-01-18 04:28:32 -06:00
];
2024-06-20 20:00:55 -05:00
system = {
copySystemConfiguration = true;
stateVersion = "23.05"; # don't change this, lol
2024-01-21 12:40:51 -06:00
};
2024-10-29 00:02:42 -05:00
services.journald.extraConfig = ''
SystemMaxUse=1G
'';
system.userActivationScripts = {
copyEssentialConfiguration = {
# we don't want to bring in the entirety of home-manager for this, so just
# write some files as a hack
text = ''
2024-12-26 14:21:56 -06:00
${pkgs.coreutils}/bin/cp /home/ryan/dot_testing/config/bash/bashrc /home/ryan/.bashrc
${pkgs.coreutils}/bin/cp /home/ryan/dot_testing/config/bash/profile /home/ryan/.bash_profile
${pkgs.coreutils}/bin/mkdir -p /home/ryan/config/nvim
${pkgs.coreutils}/bin/cp /home/ryan/dot_testing/config/nvim/init.min.lua /home/ryan/.config/nvim/init.lua
'';
deps = [];
};
};
system.activationScripts = {
copyEssentialConfiguration = {
text = ''
2024-12-26 14:21:56 -06:00
${pkgs.coreutils}/bin/cp /home/ryan/dot_testing/config/bash/bashrc /root/.bashrc
${pkgs.coreutils}/bin/cp /home/ryan/dot_testing/config/bash/profile /root/.bash_profile
${pkgs.coreutils}/bin/mkdir -p /root/config/nvim
${pkgs.coreutils}/bin/cp /home/ryan/dot_testing/config/nvim/init.min.lua /root/.config/nvim/init.lua
'';
deps = [];
};
};
2024-06-20 20:00:55 -05:00
boot.loader = {
grub.enable = true;
grub.device = "/dev/vda";
2023-12-03 21:46:37 -06:00
};
users.users.ryan = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
};
2024-06-20 20:00:55 -05:00
networking = {
usePredictableInterfaceNames = false;
networkmanager.enable = true;
hostName = "netbox";
2023-07-07 23:44:40 -05:00
2024-06-20 20:00:55 -05:00
firewall = {
enable = true;
2024-10-28 19:29:20 -05:00
interfaces = {
eth0 = {
allowedTCPPorts = [ 80 443 ];
};
wg0 = {
# allow everything bound to the wg0 interface
allowedTCPPortRanges = [
{ from = 1; to = 35565; }
];
allowedUDPPortRanges = [
{ from = 1; to = 35565; }
];
};
};
};
2023-12-03 19:50:26 -06:00
};
2023-07-07 23:44:40 -05:00
}