diff --git a/hosts/default.nix b/hosts/default.nix index 6f9b6e0..4216a11 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -16,6 +16,7 @@ in { flake = let systems = [ "laptop" + "lapserv" "minimal" ]; in { diff --git a/hosts/lapserv/default.nix b/hosts/lapserv/default.nix new file mode 100644 index 0000000..0b3bb51 --- /dev/null +++ b/hosts/lapserv/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./hardware-configuration.nix + ]; + + niksos.server = true; +} diff --git a/hosts/lapserv/hardware-configuration.nix b/hosts/lapserv/hardware-configuration.nix new file mode 100644 index 0000000..e7192b8 --- /dev/null +++ b/hosts/lapserv/hardware-configuration.nix @@ -0,0 +1,44 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/59540469-ecb9-4a68-829b-4cd3ad6e95c3"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/83C9-84B1"; + fsType = "vfat"; + options = ["fmask=0077" "dmask=0077"]; + }; + + swapDevices = [ + {device = "/dev/disk/by-uuid/65190d84-4e34-4905-a317-d750591933e2";} + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/laptop/default.nix b/hosts/laptop/default.nix index 6d82b24..925c2ae 100644 --- a/hosts/laptop/default.nix +++ b/hosts/laptop/default.nix @@ -11,6 +11,7 @@ desktop = true; portable = true; neovim = true; + server = true; }; home-manager.users.jsw.wayland.windowManager.hyprland.settings.monitor = ["eDP-1,2880x1920@120,0x0,1.5,vrr,1"]; diff --git a/system/default.nix b/system/default.nix index 32849dd..b82f665 100644 --- a/system/default.nix +++ b/system/default.nix @@ -5,6 +5,7 @@ ./network ./nix ./programs + ./server ./services ]; } diff --git a/system/server/caddy.nix b/system/server/caddy.nix index 16ea214..56d77f8 100644 --- a/system/server/caddy.nix +++ b/system/server/caddy.nix @@ -1,3 +1,23 @@ {config, ...}: { - niksos.server.enable = config.niksos.server.enable; + services.caddy = { + enable = config.niksos.server; + email = "jurnwubben@gmail.com"; + enableReload = false; + + virtualHosts."share.jsw.tf" = { + serverAliases = ["www.share.jsw.tf"]; + extraConfig = '' + reverse_proxy :9000 + ''; + }; + + globalConfig = '' + http_port 80 + https_port 443 + auto_https off + bind 192.168.1.114 + ''; + }; + + networking.firewall.allowedTCPPorts = [80 443]; } diff --git a/system/server/default.nix b/system/server/default.nix index 747b76a..17303ee 100644 --- a/system/server/default.nix +++ b/system/server/default.nix @@ -1,4 +1,4 @@ {lib, ...}: { - imports = [./caddy.nix]; - options.niksos.server.enable = lib.mKEnableOption "server servcies (such as caddy)."; + imports = [./caddy.nix ./transfer-sh.nix]; + options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option. } diff --git a/system/server/transfer-sh.nix b/system/server/transfer-sh.nix new file mode 100644 index 0000000..32b8a86 --- /dev/null +++ b/system/server/transfer-sh.nix @@ -0,0 +1,18 @@ +{config, ...}: { + services.transfer-sh = { + enable = config.niksos.server; + settings = { + PURGE_DAYS = 7; + MAX_UPLOAD_SIZE = 4 * 1000 * 1000; # 2gb + # CORS_DOMAINS = "transfer.jsw.tf"; #FIXME: open it to the world wide web. + BASEDIR = "/var/lib/transfer.sh"; + LISTENER = ":9000"; + }; + }; + systemd.services.transfer-sh.serviceConfig = { + StateDirectory = "transfer.sh"; + StateDirectoryMode = "0750"; + }; + + #TODO: caddy +}