changes
This commit is contained in:
parent
2a2571aae5
commit
381e229fb9
|
@ -3,15 +3,64 @@
|
|||
{
|
||||
imports =
|
||||
[
|
||||
../modules/mail.nix
|
||||
../common/main.nix
|
||||
./hardware-configuration.nix
|
||||
../../modules/bootstrap.nix
|
||||
];
|
||||
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
time.timeZone = "America/Chicago";
|
||||
|
||||
i18n.defaultLocale = "en_US.UTF-8";
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
keyMap = "us";
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
curl
|
||||
htop
|
||||
git
|
||||
tree
|
||||
dig
|
||||
htop
|
||||
gnumake
|
||||
];
|
||||
|
||||
system.copySystemConfiguration = true;
|
||||
system.stateVersion = "23.05"; # don't change this, lol
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
|
||||
# services.cgit = {
|
||||
# "beepboop.systems" = {
|
||||
# extraConfig = ''
|
||||
# root-desc="testing"
|
||||
#
|
||||
# section=main
|
||||
# repo.url=dot_testing
|
||||
# repo.path=/var/lib/git/dot_testing
|
||||
# repo.desc=configuration for NixOS/Linux systems
|
||||
# repo.owner=rndusr
|
||||
#
|
||||
# readme=:README.md
|
||||
# '';
|
||||
# enable = true;
|
||||
# };
|
||||
# };
|
||||
|
||||
networking.hostName = "netbox";
|
||||
|
||||
services.radicale = {
|
||||
enable = true;
|
||||
config = ''
|
||||
[auth]
|
||||
type = htpasswd
|
||||
htpasswd_filename = radicale-passwd
|
||||
htpasswd_encryption = plain
|
||||
'';
|
||||
};
|
||||
|
||||
services.rss2email = {
|
||||
enable = true;
|
||||
to = "ryan@beepboop.systems";
|
||||
|
@ -81,15 +130,6 @@
|
|||
extraGroups = [ "wheel" "docker" ];
|
||||
};
|
||||
|
||||
users.users.paperlesspassthrough = {
|
||||
isNormalUser = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
neovim
|
||||
# nothing more needed, at the moment
|
||||
];
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
ports = [55555];
|
||||
|
@ -100,13 +140,11 @@
|
|||
services.vaultwarden.enable = true;
|
||||
services.vaultwarden.config = {
|
||||
DOMAIN = "https://bitwarden.beepboop.systems";
|
||||
SIGNUPS_ALLOWED = false;
|
||||
# SIGNUPS_ALLOWED = false;
|
||||
};
|
||||
|
||||
networking.usePredictableInterfaceNames = false;
|
||||
|
||||
services.nixosmail.enable = true;
|
||||
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
appName = "crappy code"; # Give the site a name
|
||||
|
@ -147,12 +185,6 @@
|
|||
locations."/".proxyPass = "http://localhost:3001";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."paperless.beepboop.systems" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
locations."/".proxyPass = "http://localhost:3004";
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."bit.beepboop.systems" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
|
@ -203,19 +235,19 @@
|
|||
email = "nickforanick@protonmail.com";
|
||||
};
|
||||
|
||||
services.roundcube = {
|
||||
enable = true;
|
||||
# this is the url of the vhost, not necessarily the same as the fqdn of
|
||||
# the mailserver
|
||||
hostName = "cube.beepboop.systems";
|
||||
extraConfig = ''
|
||||
# starttls needed for authentication, so the fqdn required to match
|
||||
# the certificate
|
||||
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
|
||||
$config['smtp_user'] = "%u";
|
||||
$config['smtp_pass'] = "%p";
|
||||
'';
|
||||
};
|
||||
# services.roundcube = {
|
||||
# enable = true;
|
||||
# # this is the url of the vhost, not necessarily the same as the fqdn of
|
||||
# # the mailserver
|
||||
# hostName = "cube.beepboop.systems";
|
||||
# extraConfig = ''
|
||||
# # starttls needed for authentication, so the fqdn required to match
|
||||
# # the certificate
|
||||
# $config['smtp_server'] = "tls://${config.mailserver.fqdn}";
|
||||
# $config['smtp_user'] = "%u";
|
||||
# $config['smtp_pass'] = "%p";
|
||||
# '';
|
||||
# };
|
||||
|
||||
services.nginx.virtualHosts."roundcube.beepboop.systems" = {
|
||||
forceSSL = true;
|
||||
|
@ -233,14 +265,4 @@
|
|||
enable = true;
|
||||
allowedTCPPorts = [ 5232 55555 22 80 443 ];
|
||||
};
|
||||
|
||||
# services.paperless = {
|
||||
# enable = true;
|
||||
# passwordFile = "/etc/paperless-password";
|
||||
# port = 3004;
|
||||
# address = "localhost";
|
||||
# extraConfig = {
|
||||
# PAPERLESS_URL = "https://paperless.beepboop.systems";
|
||||
# };
|
||||
# };
|
||||
}
|
|
@ -0,0 +1,37 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports = [ ];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/a57b82ca-7bfd-458e-b3e8-4962511cc0b8";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/DF39-1ECE";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/57fbd850-1ced-4e21-9e52-4f3b529c61b0"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.ens3.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
virtualisation.hypervGuest.enable = true;
|
||||
}
|
155
flake.lock
155
flake.lock
|
@ -1,5 +1,21 @@
|
|||
{
|
||||
"nodes": {
|
||||
"blobs": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1604995301,
|
||||
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
|
||||
"owner": "simple-nixos-mailserver",
|
||||
"repo": "blobs",
|
||||
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
"owner": "simple-nixos-mailserver",
|
||||
"repo": "blobs",
|
||||
"type": "gitlab"
|
||||
}
|
||||
},
|
||||
"firefox-addons": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
|
@ -9,11 +25,11 @@
|
|||
},
|
||||
"locked": {
|
||||
"dir": "pkgs/firefox-addons",
|
||||
"lastModified": 1703265473,
|
||||
"narHash": "sha256-K1HYRKlLAjroFfT+DDEmCfuyT7X7+MC5ggJVfBOfB20=",
|
||||
"lastModified": 1705534402,
|
||||
"narHash": "sha256-mOWT45HLd8dm8FJNmrgngotE5NRJ+2arz65m1Kk0LBA=",
|
||||
"owner": "rycee",
|
||||
"repo": "nur-expressions",
|
||||
"rev": "df0c32112abbf265303f615ea8055aa28480d350",
|
||||
"rev": "6a928ce99e4ccb09e59c1f58052bd65027249c8a",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
|
@ -23,6 +39,22 @@
|
|||
"type": "gitlab"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1668681692,
|
||||
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1629284811,
|
||||
|
@ -45,11 +77,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1702814678,
|
||||
"narHash": "sha256-zDtO0jV2QLoddUJinLlTQrQqCUW3dPiIWOSYgg98T7E=",
|
||||
"lastModified": 1705476964,
|
||||
"narHash": "sha256-W5OK1fnj4qdn1HWOlxV2S3YiUvfaVjQM5ldWVpGV1fs=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "1488651d02c1a7a15e284210f0d380a62d8d8cef",
|
||||
"rev": "85c3b600f660abd86e94cbcd1c46733943197a07",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -61,11 +93,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1702921762,
|
||||
"narHash": "sha256-O/rP7gulApQAB47u6szEd8Pn8Biw0d84j5iuP2tcxzY=",
|
||||
"lastModified": 1705331948,
|
||||
"narHash": "sha256-qjQXfvrAT1/RKDFAMdl8Hw3m4tLVvMCc8fMqzJv0pP4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "d02ffbbe834b5599fc5f134e644e49397eb07188",
|
||||
"rev": "b8dd8be3c790215716e7c12b247f45ca525867e2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -75,14 +107,100 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-22_11": {
|
||||
"locked": {
|
||||
"lastModified": 1669558522,
|
||||
"narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-22.11",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs-23_05": {
|
||||
"locked": {
|
||||
"lastModified": 1684782344,
|
||||
"narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-23.05",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs-23_11": {
|
||||
"locked": {
|
||||
"lastModified": 1701539137,
|
||||
"narHash": "sha256-nVO/5QYpf1GwjvtpXhyxx5M3U/WN0MwBro4Lsk+9mL0=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "933d7dc155096e7575d207be6fb7792bc9f34f6d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-23.11",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1670751203,
|
||||
"narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-unstable",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"firefox-addons": "firefox-addons",
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"simple-nixos-mailserver": "simple-nixos-mailserver",
|
||||
"utilpkg": "utilpkg"
|
||||
}
|
||||
},
|
||||
"simple-nixos-mailserver": {
|
||||
"inputs": {
|
||||
"blobs": "blobs",
|
||||
"flake-compat": "flake-compat",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs-22_11": "nixpkgs-22_11",
|
||||
"nixpkgs-23_05": "nixpkgs-23_05",
|
||||
"nixpkgs-23_11": "nixpkgs-23_11",
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703023684,
|
||||
"narHash": "sha256-XQU4OaacV0F2tf9cNAvIMqlC0HBIrAtvb0MLjIHt+7M=",
|
||||
"owner": "simple-nixos-mailserver",
|
||||
"repo": "nixos-mailserver",
|
||||
"rev": "4bfb8eb058f098302c97b909df2d019926e11220",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
"owner": "simple-nixos-mailserver",
|
||||
"ref": "nixos-23.11",
|
||||
"repo": "nixos-mailserver",
|
||||
"type": "gitlab"
|
||||
}
|
||||
},
|
||||
"utilpkg": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -92,13 +210,28 @@
|
|||
"locked": {
|
||||
"lastModified": 1,
|
||||
"narHash": "sha256-qcQP65622JfSlKPDPCuTCMbzCWOvKBOA3OOO426ce8I=",
|
||||
"path": "/nix/store/rpjslsjwr8a8ykn3ncr91yigf9nsjcac-source/builds",
|
||||
"path": "/nix/store/sjdqmgspwa9pkfkric4bb97vhzzib4sz-source/builds",
|
||||
"type": "path"
|
||||
},
|
||||
"original": {
|
||||
"path": "/nix/store/rpjslsjwr8a8ykn3ncr91yigf9nsjcac-source/builds",
|
||||
"path": "/nix/store/sjdqmgspwa9pkfkric4bb97vhzzib4sz-source/builds",
|
||||
"type": "path"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"locked": {
|
||||
"lastModified": 1605370193,
|
||||
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
30
flake.nix
30
flake.nix
|
@ -15,10 +15,38 @@
|
|||
url = "./builds";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11";
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, home-manager, firefox-addons, utilpkg, ... }@inputs: {
|
||||
outputs = { self, nixpkgs, home-manager, firefox-addons, simple-nixos-mailserver, utilpkg, ... }@inputs: {
|
||||
nixosConfigurations = {
|
||||
netbox = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
./boxes/netbox
|
||||
simple-nixos-mailserver.nixosModule
|
||||
{
|
||||
mailserver = {
|
||||
enable = true;
|
||||
fqdn = "mail.beepboop.systems";
|
||||
domains = [ "beepboop.systems" ];
|
||||
loginAccounts = {
|
||||
"ryan@beepboop.systems" = {
|
||||
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > /hashed/password/file/location
|
||||
hashedPasswordFile = "/etc/ryan-beepboop-systemsuser-pass";
|
||||
|
||||
aliases = [
|
||||
"info@beepboop.systems"
|
||||
"postmaster@beepboop.systems"
|
||||
];
|
||||
};
|
||||
};
|
||||
certificateScheme = "acme-nginx";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
virtbox = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
|
|
Loading…
Reference in New Issue