repomaa/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hosts: update configurations for 25.11 and add new services

Browse Source
This commit is contained in:
Joakim Repomaa
2026-02-09 15:11:10 +02:00
parent 4d09b3546f
commit ac61399a18
6 changed files with 74 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/apu/configuration.nix
View File

@@ -238,6 +238,8 @@
forward-tls-upstream = true;
}
];
remote-control.control-enable = true;
};
};
@@ -245,7 +247,7 @@
enable = true;
nssmdns = true;
reflector = true;
interfaces = [ "lan" ];
allowInterfaces = [ "lan" ];
openFirewall = true;
};

2
hosts/freun-dev/configuration.nix
View File

@@ -24,7 +24,7 @@ in
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
options = "--delete-older-than 7d";
};
};

2
hosts/freun-dev/secrets.nix
View File

@@ -28,6 +28,8 @@
"glance/reddit/app-id"
"glance/reddit/app-secret"
"hetzner"
"actual"
"voidauth"
]
)
// {

47
hosts/freun-dev/services.nix
View File

@@ -127,13 +127,13 @@ in
};
gtrackmap = {
enable = true;
enable = false;
subdomain = "trackmap";
port = 3001;
};
invidious = {
enable = true;
enable = false;
subdomain = "vid";
};
@@ -297,7 +297,7 @@ in
};
home-assistant = {
enable = true;
enable = false;
subdomain = "home";
config = {
homeassistant = {
@@ -381,6 +381,14 @@ in
subdomain = "irc";
};
sillytavern = {
enable = true;
subdomain = "st";
listen = true;
whitelist = false;
port = 3100;
};
nginx.virtualHosts."isarepomaa.com" = {
forceSSL = true;
enableACME = true;
@@ -400,9 +408,42 @@ in
];
};
actual = {
enable = true;
package = pkgs-unstable.actual-server;
subdomain = "actual";
environmentFile = secrets.actual.path;
settings = {
port = 3200;
openId = {
discoveryURL = "https://${config.services.voidauth.subdomain}.${config.networking.domain}/oidc/.well-known/openid-configuration";
server_hostname = "https://${config.services.actual.subdomain}.${config.networking.domain}";
};
loginMethod = "openid";
allowedLoginMethods = [ "openid" ];
enforceOpenId = true;
userCreationMode = "login";
};
};
voidauth = {
enable = true;
subdomain = "auth";
environmentFile = secrets.voidauth.path;
settings = {
APP_PORT = 3300;
SMTP_HOST = smtp.host;
SMTP_FROM = smtp.from;
SMTP_PORT = smtp.port;
SMTP_USER = smtp.username;
};
};
webserver = {
acme.dnsChallenge = true;
tailscaleAuth.expectedTailnet = "tempel-vibes.ts.net";
};
};
virtualisation.docker.autoPrune.enable = true;
}

7
hosts/radish/desktop.nix
View File

@@ -1,10 +1,7 @@
{ ... }:
{
services.xserver = {
enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
services.displayManager.gdm.enable = true;
services.desktopManager.gnome.enable = true;
services.printing.enable = true;

29
hosts/radish/hardware.nix
View File

@@ -13,7 +13,7 @@
services.udev.packages = [
pkgs.zsa-udev-rules
pkgs-unstable.yubikey-personalization
inputs.ksoloti-pr.legacyPackages.${pkgs.system}.ksoloti
inputs.ksoloti-pr.legacyPackages.${pkgs.stdenv.hostPlatform.system}.ksoloti
];
services.usbmuxd = {
enable = true;
@@ -50,11 +50,11 @@
hardware.keyboard.zsa.enable = true;
services.logind = {
lidSwitch = "suspend";
powerKey = "suspend";
extraConfig = ''
IdleAction=suspend
'';
settings.Login = {
IdleAction = "suspend";
HandleLidSwitch = "suspend";
HandlePowerKey = "suspend";
};
};
powerManagement = {
@@ -69,6 +69,21 @@
enable = true;
extraPackages = with pkgs; [ rocmPackages.clr.icd ];
};
networking.networkmanager.wifi.backend = "iwd";
networking.networkmanager = {
enable = true;
wifi.backend = "iwd";
plugins = with pkgs; [
networkmanager-openvpn
];
};
security.tpm2.enable = true;
services.nqptp.enable = true;
networking.firewall.allowedTCPPortRanges = [
{
from = 7000;
to = 7010;
}
];
networking.firewall.allowedUDPPorts = [ 5353 ];
}