nettika/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: nettika:samba
Branches Tags
nettika:master nettika:samba nettika:memos nettika:mautrix-telegram nettika:romraider nettika:file-server
..
compare: nettika:mautrix-telegram
Branches Tags
nettika:samba nettika:memos nettika:master nettika:mautrix-telegram nettika:romraider nettika:file-server

8 Commits
samba ... mautrix-te

Author SHA1 Message Date
Nettika
3b143d9467 WIP mautrix-telegram 2024-09-27 21:35:23 -07:00
Nettika
0ebe8d1121 Serve Synapse Admin from quasar 2024-09-27 21:01:31 -07:00
Nettika
d80ae92464 Add system-control-printer to marauder 2024-09-27 21:01:31 -07:00
Nettika
883204e90e Set synapse secrets 2024-09-27 21:01:31 -07:00
Nettika
0172e6af2b Configure synapse on quasar 2024-09-26 00:40:56 -07:00
Nettika
66786c2455 Move zerotier out of the common module 2024-09-25 21:05:05 -07:00
Nettika
e30a5830ef Add quasar host 2024-09-25 19:44:47 -07:00
Nettika
572cca2dd9 Configure printing on marauder 2024-09-25 16:20:21 -07:00
11 changed files with 102 additions and 61 deletions
Expand all files Collapse all files

6
flake.nix
View File

@@ -15,6 +15,7 @@
common = import ./modules/common.nix;
prompt = import ./modules/prompt.nix;
server = import ./modules/server.nix;
zerotier = import ./modules/zerotier.nix;
};
nixosConfigurations = {
@@ -28,6 +29,11 @@
modules = [ ./hosts/monolith ];
specialArgs = { inherit self inputs secrets; };
};
quasar = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ ./hosts/quasar ];
specialArgs = { inherit self inputs secrets; };
};
};
};
}

5
hosts/marauder/default.nix
View File

@@ -3,8 +3,10 @@
imports = [
self.nixosModules.common
self.nixosModules.prompt
self.nixosModules.zerotier
./backup.nix
./dev.nix
./printing.nix
];
networking.hostName = "marauder";
@@ -84,9 +86,8 @@
ffmpeg
(callPackage ./ffcheck.nix { })
# Misc
# Productivity
obsidian
(callPackage ./romraider.nix { })
]);
};

16
hosts/marauder/printing.nix Executable file
View File

@@ -0,0 +1,16 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
system-config-printer
];
services.printing = {
enable = true;
};
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
}

24
hosts/marauder/romraider.nix
View File

@@ -1,24 +0,0 @@
{ stdenv, fetchFromGitHub, ant, jdk11, makeWrapper, jre }: stdenv.mkDerivation {
pname = "romraider";
version = "1.0.0";
src = fetchFromGitHub {
owner = "Romraider";
repo = "Romraider";
rev = "1.0.0-DEC01-2023";
hash = "sha256-KCG6D/+yupGahzPtZk1l9FK826MHZKdTuWoTCLC0ngY=";
};
JRE_DIR = jdk11;
nativeBuildInputs = [ ant jdk11 makeWrapper ];
buildPhase = "ant build-linux";
installPhase = ''
mkdir -p $out/{bin,share/java}
install build/linux/lib/RomRaider.jar $out/share/java/romraider.jar
makeWrapper ${jdk11}/bin/java $out/bin/romraider \
--add-flags "-jar $out/share/java/romraider.jar"
'';
}

1
hosts/monolith/default.nix
View File

@@ -4,6 +4,7 @@
self.nixosModules.common
self.nixosModules.prompt
self.nixosModules.server
self.nixosModules.zerotier
./dns.nix
];

29
hosts/monolith/samba.nix
View File

@@ -1,29 +0,0 @@
{ ... }:
{
services.samba = {
enable = true;
openFirewall = true;
settings = {
global = {
workgroup = "WORKGROUP";
"server string" = "monolith";
"netbios name" = "monolith";
security = "user";
"invalid users" = [ "root" ];
"guest account" = "nobody";
"map to guest" = "bad user";
};
public = {
path = "/library/share";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
};
};
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
}

68
hosts/quasar/default.nix Executable file
View File

@@ -0,0 +1,68 @@
{ self, modulesPath, pkgs, config, secrets, ... }:
{
imports = [
"${modulesPath}/virtualisation/amazon-image.nix"
self.nixosModules.common
self.nixosModules.prompt
self.nixosModules.server
];
networking = {
hostName = "quasar";
domain = "consortium.chat";
firewall.allowedTCPPorts = [ 80 443 ];
};
services.postgresql = {
enable = true;
};
services.caddy = {
enable = true;
virtualHosts = {
"${config.networking.domain}".extraConfig = ''
reverse_proxy localhost:8008
header Strict-Transport-Security "max-age=63072000; includeSubDomains;"
'';
"matrix.${config.networking.domain}".extraConfig = ''
reverse_proxy /_matrix/* localhost:8008
reverse_proxy /_synapse/client/* localhost:8008
'';
"admin.${config.networking.domain}".extraConfig = ''
root * ${pkgs.synapse-admin}
file_server
'';
};
};
services.matrix-synapse = {
enable = true;
settings = {
server_name = config.networking.domain;
serve_server_wellknown = true;
# app_service_config_files = [ ];
registration_shared_secret = secrets.synapse."consortium.chat".registration-shared-secret;
macaroon_secret_key = secrets.synapse."consortium.chat".macaroon-secret-key;
form_secret = secrets.synapse."consortium.chat".form-secret;
};
};
services.mautrix-telegram = {
enable = true;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = config.networking.domain;
};
appservice = {
id = "telegram";
};
};
};
promptEmoji = "🌟";
time.timeZone = "America/Los_Angeles";
system.stateVersion = "24.05";
}

7
modules/common.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, secrets, ... }:
{ pkgs, ... }:
{
nixpkgs.config.allowUnfree = true;
@@ -41,11 +41,6 @@
'';
};
services.zerotierone = {
enable = true;
joinNetworks = secrets.zerotier.networks;
};
environment.systemPackages = with pkgs; [
git-crypt
jq

0
modules/prompt.nix Normal file → Executable file
View File

7
modules/zerotier.nix Executable file
View File

@@ -0,0 +1,7 @@
{ secrets, ... }:
{
services.zerotierone = {
enable = true;
joinNetworks = secrets.zerotier.networks;
};
}

BIN
secrets.json
View File

Binary file not shown.