repomaa/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hosts: update configurations for 25.11 and add new services

Browse Source
This commit is contained in:
Joakim Repomaa
2026-02-09 15:11:10 +02:00
parent 4d09b3546f
commit ac61399a18
6 changed files with 74 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/apu/configuration.nix
View File

@@ -238,6 +238,8 @@
forward-tls-upstream = true; forward-tls-upstream = true;
} }
]; ];
remote-control.control-enable = true;
}; };
}; };
@@ -245,7 +247,7 @@
enable = true; enable = true;
nssmdns = true; nssmdns = true;
reflector = true; reflector = true;
interfaces = [ "lan" ]; allowInterfaces = [ "lan" ];
openFirewall = true; openFirewall = true;
}; };

2
hosts/freun-dev/configuration.nix
View File

@@ -24,7 +24,7 @@ in
gc = { gc = {
automatic = true; automatic = true;
dates = "weekly"; dates = "weekly";
options = "--delete-older-than 30d"; options = "--delete-older-than 7d";
}; };
}; };

2
hosts/freun-dev/secrets.nix
View File

@@ -28,6 +28,8 @@
"glance/reddit/app-id" "glance/reddit/app-id"
"glance/reddit/app-secret" "glance/reddit/app-secret"
"hetzner" "hetzner"
"actual"
"voidauth"
] ]
) )
// { // {

47
hosts/freun-dev/services.nix
View File

@@ -127,13 +127,13 @@ in
}; };
gtrackmap = { gtrackmap = {
enable = true; enable = false;
subdomain = "trackmap"; subdomain = "trackmap";
port = 3001; port = 3001;
}; };
invidious = { invidious = {
enable = true; enable = false;
subdomain = "vid"; subdomain = "vid";
}; };
@@ -297,7 +297,7 @@ in
}; };
home-assistant = { home-assistant = {
enable = true; enable = false;
subdomain = "home"; subdomain = "home";
config = { config = {
homeassistant = { homeassistant = {
@@ -381,6 +381,14 @@ in
subdomain = "irc"; subdomain = "irc";
}; };
sillytavern = {
enable = true;
subdomain = "st";
listen = true;
whitelist = false;
port = 3100;
};
nginx.virtualHosts."isarepomaa.com" = { nginx.virtualHosts."isarepomaa.com" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@@ -400,9 +408,42 @@ in
]; ];
}; };
actual = {
enable = true;
package = pkgs-unstable.actual-server;
subdomain = "actual";
environmentFile = secrets.actual.path;
settings = {
port = 3200;
openId = {
discoveryURL = "https://${config.services.voidauth.subdomain}.${config.networking.domain}/oidc/.well-known/openid-configuration";
server_hostname = "https://${config.services.actual.subdomain}.${config.networking.domain}";
};
loginMethod = "openid";
allowedLoginMethods = [ "openid" ];
enforceOpenId = true;
userCreationMode = "login";
};
};
voidauth = {
enable = true;
subdomain = "auth";
environmentFile = secrets.voidauth.path;
settings = {
APP_PORT = 3300;
SMTP_HOST = smtp.host;
SMTP_FROM = smtp.from;
SMTP_PORT = smtp.port;
SMTP_USER = smtp.username;
};
};
webserver = { webserver = {
acme.dnsChallenge = true; acme.dnsChallenge = true;
tailscaleAuth.expectedTailnet = "tempel-vibes.ts.net"; tailscaleAuth.expectedTailnet = "tempel-vibes.ts.net";
}; };
}; };
virtualisation.docker.autoPrune.enable = true;
} }

7
hosts/radish/desktop.nix
View File

@@ -1,10 +1,7 @@
{ ... }: { ... }:
{ {
services.xserver = { services.displayManager.gdm.enable = true;
enable = true; services.desktopManager.gnome.enable = true;
displayManager.gdm.enable = true;
desktopManager.gnome.enable = true;
};
services.printing.enable = true; services.printing.enable = true;

29
hosts/radish/hardware.nix
View File

@@ -13,7 +13,7 @@
services.udev.packages = [ services.udev.packages = [
pkgs.zsa-udev-rules pkgs.zsa-udev-rules
pkgs-unstable.yubikey-personalization pkgs-unstable.yubikey-personalization
inputs.ksoloti-pr.legacyPackages.${pkgs.system}.ksoloti inputs.ksoloti-pr.legacyPackages.${pkgs.stdenv.hostPlatform.system}.ksoloti
]; ];
services.usbmuxd = { services.usbmuxd = {
enable = true; enable = true;
@@ -50,11 +50,11 @@
hardware.keyboard.zsa.enable = true; hardware.keyboard.zsa.enable = true;
services.logind = { services.logind = {
lidSwitch = "suspend"; settings.Login = {
powerKey = "suspend"; IdleAction = "suspend";
extraConfig = '' HandleLidSwitch = "suspend";
IdleAction=suspend HandlePowerKey = "suspend";
''; };
}; };
powerManagement = { powerManagement = {
@@ -69,6 +69,21 @@
enable = true; enable = true;
extraPackages = with pkgs; [ rocmPackages.clr.icd ]; extraPackages = with pkgs; [ rocmPackages.clr.icd ];
}; };
networking.networkmanager.wifi.backend = "iwd"; networking.networkmanager = {
enable = true;
wifi.backend = "iwd";
plugins = with pkgs; [
networkmanager-openvpn
];
};
security.tpm2.enable = true; security.tpm2.enable = true;
services.nqptp.enable = true;
networking.firewall.allowedTCPPortRanges = [
{
from = 7000;
to = 7010;
}
];
networking.firewall.allowedUDPPorts = [ 5353 ];
} }