lf3/server-conf
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Inital Server Config

Browse source
This commit is contained in:
jopejoe1 2024-04-26 11:12:21 +02:00
commit e4dcbc1ee2
6 changed files with 408 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
flake.nix Normal file
View file

@ -0,0 +1,45 @@
{
description = "jopejoe1 NixOS configuration";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs";
# Outputs
nixos-generators = {
url = "github:nix-community/nixos-generators";
inputs.nixpkgs.follows = "nixpkgs";
};
# Modules
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware";
srvos = {
url = "github:nix-community/srvos";
inputs.nixpkgs.follows = "nixpkgs";
};
snm = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver";
inputs.nixpkgs.follows = "nixpkgs";
};
# Utility
nixos-anywhere = {
url = "github:nix-community/nixos-anywhere";
inputs.nixpkgs.follows = "nixpkgs";
inputs.disko.follows = "disko";
};
};
outputs =
inputs@{ self, nixpkgs, ... }:
{
nixosConfigurations = import ./systems.nix { inherit self inputs nixpkgs; };
};
}

116
systems.nix Normal file
View file

@ -0,0 +1,116 @@
{
self,
nixpkgs,
inputs,
}:
let
mkSystem =
systemConfig: name:
nixpkgs.lib.nixosSystem rec {
system =
builtins.replaceStrings
[
"-unknown-"
"-gnu"
]
[
"-"
""
]
systemConfig;
specialArgs = inputs;
modules = [
./systems/${name}
self.outputs.nixosModules.default
{
system.stateVersion = "24.05";
nixpkgs.hostPlatform = {
system = system;
config = systemConfig;
};
networking.hostName = name;
nix = {
settings = {
substituters = lib.mkForce [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
];
trusted-public-keys = lib.mkForce [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [ "root" ];
sandbox = true;
require-sigs = true;
max-jobs = "auto";
auto-optimise-store = true;
allowed-users = [ "*" ];
experimental-features = [
"nix-command"
"flakes"
];
warn-dirty = true;
use-xdg-base-directories = true;
keep-going = true;
builders-use-substitutes = true;
};
distributedBuilds = true;
package = pkgs.nixVersions.unstable;
registry = lib.mkForce (
(lib.mapAttrs (_: flake: { inherit flake; })) (
(lib.filterAttrs (_: lib.isType "flake")) self.inputs
)
// {
self.flake = self;
}
);
nixPath = lib.mkForce [ "/etc/nix/path" ];
};
nixpkgs = {
config = {
allowUnfree = true;
nvidia.acceptLicense = true;
};
};
environment.etc = lib.mapAttrs' (name: value: {
name = "nix/path/${name}";
value.source = value.flake;
}) config.nix.registry;
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
backupFileExtension = "backup";
};
systemd.services.nix-daemon.serviceConfig.LimitNOFILE = lib.mkForce 1048576000;
networking.hosts = {
"192.168.191.46" = [ "zap" ];
"192.168.191.142" = [ "kuraokami" ];
"2a01:4f8:1c1e:7f93::1" = [ "bloomshine.de" ];
};
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;
services.openssh = {
enable = true;
banner = "Hackers are in Your System!!!\n";
settings = {
PasswordAuthentication = false;
PermitRootLogin = "prohibit-password";
};
};
}
];
};
in
{
sukuna-biko-na = mkSystem "aarch64-unknown-linux-gnu" "sukuna-biko-na";
raspberry4 = mkSystem "aarch64-unknown-linux-gnu" "raspberry4";
}

54
systems/raspberry4/default.nix Normal file
View file

@ -0,0 +1,54 @@
{
modulesPath,
lib,
nixos-hardware,
pkgs,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
nixos-hardware.nixosModules.raspberry-pi-4
];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" ];
};
kernelPackages = pkgs.linuxPackages_latest;
};
boot.supportedFilesystems = lib.mkForce [
"btrfs"
"cifs"
"f2fs"
"jfs"
"ntfs"
"reiserfs"
"vfat"
"xfs"
"bchachefs"
];
#hardware.raspberry-pi."4".fkms-3d.enable = true;
jopejoe1 = {
bluetooth.enable = true;
local.enable = true;
nix.enable = true;
user = {
jopejoe1.enable = true;
root.enable = true;
};
ssh.enable = true;
};
networking = {
useDHCP = lib.mkDefault true;
};
services.openssh.settings.PermitRootLogin = lib.mkForce "yes";
powerManagement.cpuFreqGovernor = "ondemand";
}

49
systems/sukuna-biko-na/default.nix Normal file
View file

@ -0,0 +1,49 @@
{
modulesPath,
lib,
nixos-hardware,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
nixos-hardware.nixosModules.raspberry-pi-4
];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" ];
};
loader = {
generic-extlinux-compatible.enable = true;
};
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
fsType = "ext4";
};
hardware.raspberry-pi."4".fkms-3d.enable = true;
jopejoe1 = {
audio.enable = true;
bluetooth.enable = true;
local.enable = true;
nix.enable = true;
kodi.enable = true;
plasma.enable = true;
user = {
jopejoe1.enable = true;
root.enable = true;
};
ssh.enable = true;
};
networking = {
useDHCP = lib.mkDefault true;
};
powerManagement.cpuFreqGovernor = "ondemand";
}

72
users/jopejoe1/default.nix Normal file
View file

@ -0,0 +1,72 @@
{ config, lib, ... }:
{
users.users.jopejoe1 = {
hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB8oyMpS2hK3gQXyHIIVS6oilgMpemLmfhKKJ6RBMwUh johannes@joens.email"
];
};
home-manager.users.jopejoe1 = {
home = {
username = config.users.users.jopejoe1.name;
homeDirectory = config.users.users.jopejoe1.home;
stateVersion = config.system.stateVersion;
sessionVariables = {
XCOMPOSECACHE = "${config.xdg.cacheHome}/X11/xcompos";
XAUTHORITY = "$XDG_RUNTIME_DIR/Xauthority";
ANDROID_HOME = "${config.xdg.dataHome}/android";
CUDA_CACHE_PATH = "${config.xdg.cacheHome}/nv";
GRADLE_USER_HOME = "${config.xdg.dataHome}/gradle";
KODI_DATA = "${config.xdg.dataHome}/kodi";
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${config.xdg.configHome}/java";
WINEPREFIX = "${config.xdg.dataHome}/wine";
};
};
programs = {
lazygit.enable = true;
git = {
enable = true;
package = pkgs.git;
extraConfig = {
core = {
whitespace = [
"blank-at-eol"
"blank-at-eof"
"space-before-tab"
];
};
};
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
gpg = {
enable = true;
homedir = "${config.xdg.dataHome}/gnupg";
};
};
xdg = {
enable = true;
mime.enable = true;
cacheHome = "${config.home.homeDirectory}/.cache";
configHome = "${config.home.homeDirectory}/.config";
dataHome = "${config.home.homeDirectory}/.local/share";
stateHome = "${config.home.homeDirectory}/.local/state";
userDirs = {
enable = true;
createDirectories = true;
desktop = "${config.home.homeDirectory}/Desktop";
documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/Music";
pictures = "${config.home.homeDirectory}/Pictures";
publicShare = "${config.home.homeDirectory}/Public";
templates = "${config.home.homeDirectory}/Templates";
videos = "${config.home.homeDirectory}/Videos";
};
};
};
}

72
users/root/default.nix Normal file
View file

@ -0,0 +1,72 @@
{ config, lib, ... }:
{
users.users.root = {
hashedPassword = "$2b$05$Uk84TY/RHlH8DIigUlFYjeorjTlCMEY9wN2pAcw5BLaPoc7dKiSsC";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB8oyMpS2hK3gQXyHIIVS6oilgMpemLmfhKKJ6RBMwUh johannes@joens.email"
];
};
home-manager.users.root = {
home = {
username = config.users.users.root.name;
homeDirectory = config.users.users.root.home;
stateVersion = config.system.stateVersion;
sessionVariables = {
XCOMPOSECACHE = "${config.xdg.cacheHome}/X11/xcompos";
XAUTHORITY = "$XDG_RUNTIME_DIR/Xauthority";
ANDROID_HOME = "${config.xdg.dataHome}/android";
CUDA_CACHE_PATH = "${config.xdg.cacheHome}/nv";
GRADLE_USER_HOME = "${config.xdg.dataHome}/gradle";
KODI_DATA = "${config.xdg.dataHome}/kodi";
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${config.xdg.configHome}/java";
WINEPREFIX = "${config.xdg.dataHome}/wine";
};
};
programs = {
lazygit.enable = true;
git = {
enable = true;
package = pkgs.git;
extraConfig = {
core = {
whitespace = [
"blank-at-eol"
"blank-at-eof"
"space-before-tab"
];
};
};
};
direnv = {
enable = true;
nix-direnv.enable = true;
};
gpg = {
enable = true;
homedir = "${config.xdg.dataHome}/gnupg";
};
};
xdg = {
enable = true;
mime.enable = true;
cacheHome = "${config.home.homeDirectory}/.cache";
configHome = "${config.home.homeDirectory}/.config";
dataHome = "${config.home.homeDirectory}/.local/share";
stateHome = "${config.home.homeDirectory}/.local/state";
userDirs = {
enable = true;
createDirectories = true;
desktop = "${config.home.homeDirectory}/Desktop";
documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/Music";
pictures = "${config.home.homeDirectory}/Pictures";
publicShare = "${config.home.homeDirectory}/Public";
templates = "${config.home.homeDirectory}/Templates";
videos = "${config.home.homeDirectory}/Videos";
};
};
};
}