diff --git a/hardware/alpine.nix b/hardware/alpine.nix index 68b55be..f7a0a3e 100644 --- a/hardware/alpine.nix +++ b/hardware/alpine.nix @@ -13,7 +13,7 @@ in { boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "sd_mod"]; boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; + boot.kernelModules = []; boot.extraModulePackages = []; fileSystems."/" = { @@ -21,10 +21,10 @@ in { fsType = "ext4"; }; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/72d527de-fead-43d5-8f29-e06d2c584a18"; - fsType = "ext4"; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/D8AA-8602"; + fsType = "vfat"; + }; fileSystems."/mnt/disk1" = { device = "/dev/disk/by-uuid/caba0b6c-00d2-495a-8c04-67ea584f1a63"; @@ -46,13 +46,15 @@ in { fsType = "ext4"; }; - # /etc/fstab - - # /mnt/disk1:/mnt/disk2:/mnt/disk3 /mnt/storage mergerfs direct_io,use_ino,allow_other,minfreespace=50G,fsname=mergerfs,category.create=mfs,func.mkdir=epall 0 0 + environment.systemPackages = with pkgs; [ + mergerfs + mergerfs-tools + python3 + ]; fileSystems."/mnt/storage" = { device = "/mnt/disk1:/mnt/disk2:/mnt/disk3"; - fsType = "mergerfs"; + fsType = "fuse.mergerfs"; depends = ["/mnt/disk1" "/mnt/disk2" "/mnt/disk3"]; options = [ "direct_io" @@ -65,19 +67,6 @@ in { ]; }; - # auto-generated-config: looks sus - - # fileSystems."/mnt/storage" = - # { device = "mergerfs"; - # fsType = "fuse.mergerfs"; - # }; - # - # fileSystems."/srv/nfs/Media" = - # { device = "/mnt/storage/media"; - # fsType = "none"; - # options = [ "bind" ]; - # }; - swapDevices = [ {device = "/dev/disk/by-uuid/27ad4809-211f-4ae9-90da-d17d9c1df271";} ]; @@ -89,6 +78,7 @@ in { networking.useDHCP = lib.mkDefault true; # networking.interfaces.eth0.useDHCP = lib.mkDefault true; # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; + networking.firewall.allowedTCPPorts = [ 22 53 80 443 ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; @@ -100,6 +90,9 @@ in { } ]; + networking.hostName = "alpine"; + networking.networkmanager.insertNameservers = ["1.1.1.1" "1.0.0.1"]; + services.snapraid = { enable = true; contentFiles = [ @@ -118,4 +111,60 @@ in { "/mnt/parity1/SnapRAID.parity" ]; }; + + virtualisation = { + podman = { + enable = true; + }; + }; + + services.openssh = { + enable = true; + openFirewall = true; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "tristans.cloud" = { + forceSSL = true; + enableACME = true; + root = "/srv/www/tristans.cloud"; + }; + "git.tristans.cloud" = { + forceSSL = true; + enableACME = true; + locations."~".proxyPass = "http://localhost:3000"; + }; + }; + }; + security.acme = { + acceptTerms = true; + defaults.email = "tristan@tristans.cloud"; + }; + + services.ddclient = { + # enable = true; + protocol = "duckdns"; + use = "if, if=enp4s0"; + ssl = true; + username = ""; + passwordFile = "/home/tristan/duckdnstoken"; + domains = ["tlbean"]; + }; + + services.forgejo = { + enable = true; + dump.enable = true; + lfs.enable = true; + settings = { + server = { + DOMAIN = "git.tristans.cloud"; + }; + service = { + DISABLE_REGISTRATION = true; + }; + }; + }; + } diff --git a/home/default.nix b/home/default.nix index 6141b8e..a4cdf01 100644 --- a/home/default.nix +++ b/home/default.nix @@ -7,14 +7,14 @@ # https://nix-community.github.io/home-manager/options.xhtml { imports = [ - ./modules/terminal.nix - ./modules/scripts.nix - ./modules/email.nix - ./modules/mpd.nix - ./modules/menu.nix - ./modules/scripts.nix + # ./modules/terminal.nix + # ./modules/scripts.nix + # ./modules/email.nix + # ./modules/mpd.nix + # ./modules/menu.nix + # ./modules/scripts.nix - ./programs/scripts.nix + # ./programs/scripts.nix ./programs/neovim/. ./programs/helix.nix ./programs/git.nix @@ -25,13 +25,13 @@ } ]; - programs.menu = { - package = pkgs.tofi; - dmenuCommand = "${pkgs.tofi}/bin/tofi --fuzzy-match true"; - drunCommand = "${pkgs.tofi}/bin/tofi-drun --drun-launch true"; - }; + # programs.menu = { + # package = pkgs.tofi; + # dmenuCommand = "${pkgs.tofi}/bin/tofi --fuzzy-match true"; + # drunCommand = "${pkgs.tofi}/bin/tofi-drun --drun-launch true"; + # }; - roles.mpd.enable = true; + # roles.mpd.enable = true; programs.home-manager.enable = true; @@ -51,17 +51,17 @@ mosh ripgrep usbutils - wl-clipboard + # wl-clipboard du-dust htop libsixel yt-dlp ytfzf - playerctl + # playerctl neofetch tree ansible - quickemu + # quickemu ]; services.udiskie = { @@ -91,30 +91,30 @@ }; }; - home.file.".icons/default".source = "${pkgs.vanilla-dmz}/share/icons/Vanilla-DMZ"; + # home.file.".icons/default".source = "${pkgs.vanilla-dmz}/share/icons/Vanilla-DMZ"; - home.file.".config/pipewire/pipewire.conf.d/raop-discover.conf".text = '' - context.modules = [ - { - name = libpipewire-module-raop-discover - args = { } - } - ] - ''; - services.kdeconnect = { - enable = true; - indicator = true; - }; + # home.file.".config/pipewire/pipewire.conf.d/raop-discover.conf".text = '' + # context.modules = [ + # { + # name = libpipewire-module-raop-discover + # args = { } + # } + # ] + # ''; + # services.kdeconnect = { + # enable = true; + # indicator = true; + # }; - programs.pandoc = { - enable = true; - defaults = { - metadata = { - author = "Tristan Beedell"; - }; - pdf-engine = "xelatex"; - }; - }; + # programs.pandoc = { + # enable = true; + # defaults = { + # metadata = { + # author = "Tristan Beedell"; + # }; + # pdf-engine = "xelatex"; + # }; + # }; programs.direnv.enable = true; }