blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9b7a355b071f22f8d99bbaf22377e8824212abe6
nix/hosts/snowbelle/configuration.nix

145 lines
3.4 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
../../users/users.nix
../../modules/system/default.nix
../../modules/homelab/default.nix
];
modules = {
system = {
ssh.enable = true;
backups.enable = true;
backups.repo = "/holocron/backups";
sops.enable = true;
docker.enable = true;
syncthing.enable = true;
tailscale.enable = true;
vpns.enable = true;
vpns.openvpn_pia_mexico = false;
vpns.wg_pia_mexico = false;
nvidia.enable = true;
};
homelab = {
zfs.enable = true;
smb.enable = true;
nfs.enable = true;
nginx-proxy.enable = true;
};
services = {
jellyfin.enable = true;
vaultwarden.enable = true;
gitea.enable = true;
qbittorrent.enable = true;
prowlarr.enable = true;
flaresolverr.enable = true;
bazarr.enable = true;
radarr.enable = true;
sonarr.enable = true;
};
};
# enable users
users = {
blake.enable = true;
};
users.groups.media = { gid = 700; };
# testing!
boot.plymouth.enable = false;
boot.initrd.systemd.enable = true; # optional, for nicer initrd logs
# use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# setup hostname and networking stack
networking.hostName = "snowbelle"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
networking.hostId = "3e6e7055";
# set timezone
time.timeZone = "America/Chicago";
# define shell
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
# package install list
environment.systemPackages = with pkgs; [
vim
lf
rsync
wget
git
iptables
nettools
neofetch
btop
age
];
# allow proprietary packages
nixpkgs.config.allowUnfree = true;
# ld fix
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
# Add any missing dynamic libraries for unpackaged
# programs here, NOT in environment.systemPackages
];
# enable flakes
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [
80 # set - http
111 # set - portmapper for nfs
139 # set - smb
443 # set - https
445 # set - cifs
1198
1883 # set - mqtt
2049 # set - nfs
2222 # srv - syncthing
7100 # srv - jellyfin
7101 # srv - audiobookshelf
7102 # srv - yacreader
7103 # srv - qbittorrent
7104 # srv - prowlarr
7105 # srv - flaresolverr
7106 # srv - bazarr
7107 # srv - sonarr
7108 # srv - radarr
5701 # srv - archivebox
7502 # srv - kiwix
7567 # srv - gitea ssh
7700 # srv - glance
7701 # srv - vaultwarden
7702 # srv - immich
7703 # srv - gitea
7704 # srv - hass
7705 # srv - zigbee2mqtt
7901 # srv - uptime kuma
25777 # srv - minecraft
25565 # ^ ^ ^
25566 # | | |
25567 # | | |
];
networking.firewall.allowedUDPPorts = [ 51820 ];
# Or disable the firewall altogether.
networking.firewall.enable = true;
system.stateVersion = "25.05"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink