summaryrefslogtreecommitdiff
path: root/flora/configuration.nix
diff options
context:
space:
mode:
Diffstat (limited to 'flora/configuration.nix')
-rw-r--r--flora/configuration.nix72
1 files changed, 72 insertions, 0 deletions
diff --git a/flora/configuration.nix b/flora/configuration.nix
new file mode 100644
index 0000000..b2699b7
--- /dev/null
+++ b/flora/configuration.nix
@@ -0,0 +1,72 @@
+{ config, pkgs, ... }:
+
+{
+ imports = [
+ ./hardware-configuration.nix
+ # ./services/hedgedoc.nix
+ #./services/daemoniones.nix
+ ./services/nginx.nix
+ ./services/pleroma.nix
+ ./services/cgit.nix
+ # ./services/surveys.nix
+ #./services/picarones.nix
+ ./services/dockerhub.nix
+ ./services/blog.nix
+ ];
+
+ # Use the GRUB 2 boot loader.
+ boot.loader.grub.enable = true;
+ boot.loader.grub.version = 2;
+ boot.loader.grub.devices = [ "/dev/sda" ];
+
+ networking = {
+ hostName = "flora";
+
+ enableIPv6 = true;
+ defaultGateway6 = {
+ address = "fe80::1";
+ interface = "ens3";
+ };
+
+ interfaces.ens3.ipv6.addresses = [ {
+ address = "2a01:4f9:c010:df15::1";
+ prefixLength = 64;
+ } ];
+
+ useDHCP = false;
+ interfaces.ens3.useDHCP = true;
+
+ firewall.logRefusedConnections = false;
+
+
+ };
+
+ services.fail2ban = {
+ enable = true;
+ bantime-increment.enable = true;
+ bantime-increment.overalljails = true;
+ bantime-increment.maxtime = "1312m";
+ ignoreIP = [ "88.133.194.232" ];
+ };
+
+ services.logrotate = {
+ enable = true;
+ paths.nginx = {
+ path = "/var/log/nginx";
+ frequency = "weekly";
+ };
+ };
+
+
+ # This value determines the NixOS release from which the default
+ # settings for stateful data, like file locations and database versions
+ # on your system were taken. It‘s perfectly fine and recommended to leave
+ # this value at the release version of the first install of this system.
+ # Before changing this value read the documentation for this option
+ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+ system = {
+ stateVersion = "20.09"; # Did you read the comment?
+ };
+
+}
+