dadada/nix-config
dadada/nix-config
1
0
Fork 0
Code Issues 2 Pull requests 5 Projects Releases Packages Wiki Activity Actions

Add pruflas

Browse source
This commit is contained in:
Tim Schubert 2021-01-02 16:09:42 +01:00
parent a7dee80a71
commit cd7ef95c15
Signed by: dadada
GPG key ID: EEB8D1CE62C4DFEA
2 changed files with 84 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/default.nix
View file

@ -2,4 +2,5 @@
ifrit = ./ifrit;
gorgon = ./gorgon;
surgat = ./surgat;
pruflas = ./pruflas;
}

83
hosts/pruflas/default.nix Normal file
View file

@ -0,0 +1,83 @@
{ config, pkgs, lib, ... }:
let
hostName = "pruflas";
this = import ../.. { inherit pkgs; };
in
{
imports = [ this.profiles.base ];
networking.hostName = hostName;
services.hydra = {
enable = true;
hydraURL = "hydra.dadada.li";
notificationSender = "hydra@localhost";
buildMachinesFiles = [ ];
useSubstitutes = true;
};
nix.buildMachines = [
{
hostName = "localhost";
system = "x86_64-linux";
supportedFeatures = [ "kvm" "nixos-test" "big-parallel" "benchmark" ];
maxJobs = 8;
}
];
services.nginx = {
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
logError = "/dev/null";
appendHttpConfig = ''
access_log off;
'';
};
dadada.admin = {
enable = true;
users = {
"dadada" = [ "${pkgs.dadadaKeys}/dadada.pub" ];
};
};
dadada.networking.vpnExtension = "5";
dadada.backupClient = {
enable = true;
bs = true;
};
networking.useDHCP = false;
networking.interfaces.ens3.useDHCP = true;
networking.firewall = {
enable = true;
allowPing = true;
allowedTCPPorts = [
22 # SSH
80
443 # HTTPS
];
allowedUDPPorts = [
51234 # Wireguard
];
};
security.acme = {
email = "d553a78d-0349-48db-9c20-5b27af3a1dfc@dadada.li";
acceptTerms = true;
};
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
swapDevices = [
{
device = "/var/swapfile";
size = 32768;
}
];
}