TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-01-11 09:44:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
CrOS/hosts/nixos/HandlerOne/default.nix
Crow e0590ff20b
Matrix, Caddy 
* Nginx to caddy (#5)

Convert all nginx instances to caddy instances, setup acme as well

* matrix implemented
2025-09-11 14:56:05 -04:00

144 lines
3.7 KiB
Nix
Raw Blame History

######################
# #
# HandlerOne - m710q #
# #
######################
{
config,
inputs,
lib,
pkgs,
...
}: {
imports = lib.flatten [
# Hardware
./hardware-configuration.nix
# FIXME(TODO): Turn this into it's own backup module
./backup.nix
# Disks
inputs.disko.nixosModules.disko
(lib.custom.relativeToRoot "hosts/common/disks/btrfs-disk.nix")
{
_module.args = {
disk = "/dev/nvme0n1";
withSwap = true;
swapSize = "8";
};
}
# Misc
(map lib.custom.relativeToRoot [
# Required configs
"hosts/common/core"
# Optional configs
"hosts/common/optional/keyd.nix"
"hosts/common/optional/podman.nix"
# Hosted services
"modules/services/the-nest"
"modules/services/actualbudget"
"modules/services/bar-assistant"
"modules/services/frigate"
"modules/services/homebox"
"modules/services/homepage"
"modules/services/mqtt"
"modules/services/openhab"
"modules/services/lubelogger"
"modules/services/trilium"
"modules/services/fail2ban"
"modules/services/ntfy-sh"
"modules/services/ollama/proxy.nix" # Just host the proxy path back to Parzival
"modules/services/netbox"
"modules/services/system-logging"
"modules/services/system-logging/proxy.nix"
"modules/services/matrix"
"modules/services/flamesites"
])
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hostSpec = {
hostName = "HandlerOne";
persistFolder = "/persist";
};
networking = {
networkmanager.enable = true;
enableIPv6 = false;
firewall = {
allowedTCPPorts = [80 443];
};
};
boot.loader = {
systemd-boot.enable = true;
efi = {
canTouchEfiVariables = true;
};
};
services.caddy = {
email = "infrastructure@wanderingcrow.net";
acmeCA = "https://acme-v02.api.letsencrypt.org/directory";
};
#FIXME(TODO) Migrate this into another file, probably a module
#sops = {
# secrets = {
# "aws/access_key" = {};
# "aws/secret_key" = {};
# "aws/region" = {};
# };
# templates = {
# "aws_shared_credentials".content = ''
# [default]
# aws_access_key_id=${config.sops.placeholder."aws/access_key"}
# aws_secret_access_key=${config.sops.placeholder."aws/secret_key"}
# '';
# "aws_env".content = ''
# AWS_REGION=${config.sops.placeholder."aws/region"}
# '';
# };
#};
#security.acme = {
# acceptTerms = true;
# defaults = {
# email = "infrastructure@wanderingcrow.net";
# group = config.services.caddy.group;
# dnsProvider = "route53";
# credentialFiles = {
# "AWS_SHARED_CREDENTIALS_FILE" = config.sops.templates."aws_shared_credentials".path;
# };
# environmentFile = config.sops.templates."aws_env".path;
# };
# certs = {
# "wanderingcrow.net" = {};
# "umami.wanderingcrow.net" = {};
# "garage.wanderingcrow.net" = {};
# "bar.wanderingcrow.net" = {};
# "home.wanderingcrow.net" = {};
# "homebox.wanderingcrow.net" = {};
# "cache.wanderingcrow.net" = {};
# "openhab.wanderingcrow.net" = {};
# "frigate.wanderingcrow.net" = {};
# "notes.wanderingcrow.net" = {};
# "budget.wanderingcrow.net" = {};
# "matrix.wanderingcrow.net" = {};
# "ta.wanderingcrow.net" = {};
# "chat.wanderingcrow.net" = {};
# "netbox.wanderingcrow.net" = {};
# "notify.wanderingcrow.net" = {};
# "logs.wanderingcrow.net" = {};
# "psychal.link" = {};
# # Sites I host for someone else
# "swgalaxyproject.com" = {};
# "nnsbluegrass.com" = {};
# };
#};
}
Reference in a new issue View git blame Copy permalink