diff options
author | stuebinm | 2021-03-03 00:51:39 +0100 |
---|---|---|
committer | stuebinm | 2021-03-03 00:51:39 +0100 |
commit | d96fbd63510048bf56d3d600a65f7983096c1bb1 (patch) | |
tree | 192afecb97bcdb829e1461bebc283cc86fb99586 /hosts/flora/configuration.nix |
migrating config
This deploy logic is primarily based on hxchn's deploy lib [1], with some
slight modifications to make it work with my setup. Everything seems to work
fine for now.
However, I am unsure about the usage of niv — the config doesn't seem to gain
much from it, apart from (some) additional complexity.
[1] https://gitlab.com/hexchen/nixfiles
Diffstat (limited to '')
-rw-r--r-- | hosts/flora/configuration.nix | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/hosts/flora/configuration.nix b/hosts/flora/configuration.nix new file mode 100644 index 0000000..43f7f8e --- /dev/null +++ b/hosts/flora/configuration.nix @@ -0,0 +1,69 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ./services/hedgedoc.nix + ./services/daemoniones.nix + ./services/nginx.nix + ./services/workadventure.nix + # ./services/pleroma + ]; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.devices = [ "/dev/sda" ]; + + hexchen.deploy = { + ssh.host = "flora"; + }; + + networking = { + hostName = "flora"; + + #enableIPv6 = true; + #defaultGateway6 = { + # address = "fe80::1"; + # interface = "ens3"; + #}; + + #interfaces.ens3.ipv6.addresses = [ { + # address = "2a01:4f9:c010:d319::1"; + # prefixLength = 64; + #} ]; + + useDHCP = false; + interfaces.ens3.useDHCP = true; + + firewall.logRefusedConnections = false; + }; + + services.fail2ban = { + enable = true; + bantime-increment.enable = true; + bantime-increment.overalljails = true; + bantime-increment.maxtime = "1312m"; + }; + + services.logrotate = { + enable = true; + paths.nginx = { + path = "/var/log/nginx"; + frequency = "weekly"; + }; + }; + + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system = { + stateVersion = "20.09"; # Did you read the comment? + }; + +} + |