63 lines
1.6 KiB
Nix
63 lines
1.6 KiB
Nix
{ config, lib, pkgs, ... }: {
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
./options.nix
|
|
../common/core/default.nix
|
|
./user.nix
|
|
./sops.nix
|
|
|
|
./service/audio.nix
|
|
./service/auth.nix
|
|
./service/docs.nix
|
|
./service/git.nix
|
|
./service/home.nix
|
|
./service/photos.nix
|
|
./service/radicale.nix
|
|
./service/wakapi.nix
|
|
];
|
|
|
|
# Use the systemd-boot EFI boot loader.
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
networking.hostName = "ark"; # Define your hostname.
|
|
|
|
oauth.name = "KoonFamily";
|
|
oauth.secrets = import ./oauth-secrets.nix;
|
|
|
|
security.sudo.wheelNeedsPassword = false;
|
|
|
|
services.cloudflared = {
|
|
enable = true;
|
|
tunnels = {
|
|
"91d31395-fbc7-45a1-ae13-148957b32ecd" = {
|
|
credentialsFile = config.sops.secrets.tunnel-credentials.path;
|
|
ingress = {
|
|
"auth.koon.us" = "http://localhost:1411";
|
|
"photos.koon.us" = "http://localhost:2283";
|
|
"home.koon.us" = "http://localhost:8123";
|
|
"docs.koon.us" = "http://localhost:3004";
|
|
"git.koon.us" = "http://localhost:3000";
|
|
"ssh.koon.us" = "ssh://localhost:2222";
|
|
"audio.koon.us" = "http://localhost:8021";
|
|
"radicale.koon.us" = "http://localhost:5232";
|
|
"waka.koon.us" = "http://localhost:3006";
|
|
};
|
|
default = "http_status:404";
|
|
};
|
|
};
|
|
};
|
|
|
|
fileSystems."/mnt/hdd" = {
|
|
device = "/dev/sdb";
|
|
fsType = "ext4";
|
|
};
|
|
|
|
services.openssh.enable = true;
|
|
|
|
networking.firewall.allowedTCPPorts = [ 8123 22 ];
|
|
|
|
system.stateVersion = "25.05"; # Did you read the comment?
|
|
}
|
|
|