102 lines
2.9 KiB
Nix
102 lines
2.9 KiB
Nix
{
|
|
inputs = {
|
|
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
|
|
};
|
|
outputs = { self, nixpkgs }: {
|
|
# miscellaneous stuff that's important
|
|
nixosModules.base = {lib, ...}: {
|
|
boot.swraid.enable = lib.mkForce false;
|
|
networking.hostName = "chopper";
|
|
networking.firewall.enable = true;
|
|
system.stateVersion = "24.05";
|
|
sdImage.firmwarePartitionOffset = 32;
|
|
nix.settings = {
|
|
extra-experimental-features = [ "nix-command" "flakes" ];
|
|
};
|
|
};
|
|
# Configuration of individual users
|
|
nixosModules.users = {...}: {
|
|
users.users = {
|
|
taneb = {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" ];
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIV9ymP4tpq11a8wfUvn8eEEwAPvZZSPZTbASLh7YxOw nvd1234@gmail.com"
|
|
];
|
|
hashedPassword = "$y$j9T$9pxQ4Zj7OirGMmgclhUb0/$YCfaYmIaaHRrkqiqdNbQSlJ7puX8bGrMCLavq6Pe1e3";
|
|
};
|
|
nairis = {
|
|
isNormalUser = true;
|
|
hashedPassword = "$y$j9T$luA6OU3OWVXbJc6DZM4Fx1$nTc89zTdKgozwR5kZQglbWaCkOFtmNZcpO4WCcYYPZC";
|
|
};
|
|
};
|
|
users.mutableUsers = false;
|
|
};
|
|
# Configuration of SSH server
|
|
nixosModules.ssh = {...}: {
|
|
services.openssh = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
settings.PasswordAuthentication = false;
|
|
};
|
|
};
|
|
nixosModules.zfs = {...}: {
|
|
boot.supportedFilesystems = [ "zfs" ];
|
|
boot.zfs.forceImportRoot = false;
|
|
boot.zfs.extraPools = [ "storage" ];
|
|
# zfs needs this for some reason
|
|
networking.hostId = "488ecad2";
|
|
};
|
|
nixosModules.plex = {...}: {
|
|
services.plex = {
|
|
enable = true;
|
|
dataDir = "/storage/data";
|
|
openFirewall = true;
|
|
};
|
|
nixpkgs.config.allowUnfree = true;
|
|
};
|
|
nixosModules.hledger = {...}: {
|
|
services.hledger-web = {
|
|
enable = true;
|
|
allow = "edit";
|
|
host = "0.0.0.0";
|
|
baseUrl = "http://192.168.1.37:5000";
|
|
};
|
|
networking.firewall.allowedTCPPorts = [ 5000 ];
|
|
};
|
|
nixosModules.samba = {...}: {
|
|
services.samba = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
shares = {
|
|
chopper = {
|
|
path = "/storage/media";
|
|
browseable = "yes";
|
|
"read only" = "no";
|
|
"guest ok" = "no";
|
|
"inherit permissions" = "yes";
|
|
"create mask" = "0666";
|
|
};
|
|
};
|
|
};
|
|
services.samba-wsdd = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
};
|
|
nixosConfigurations.chopper = nixpkgs.lib.nixosSystem {
|
|
system = "aarch64-linux";
|
|
modules = [
|
|
(nixpkgs + "/nixos/modules/installer/sd-card/sd-image-aarch64.nix")
|
|
self.nixosModules.base
|
|
self.nixosModules.users
|
|
self.nixosModules.ssh
|
|
self.nixosModules.zfs
|
|
self.nixosModules.plex
|
|
self.nixosModules.samba
|
|
self.nixosModules.hledger
|
|
];
|
|
};
|
|
};
|
|
}
|