rayandrew/vps
rayandrew/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update

Browse source
This commit is contained in:
Ray Andrew 2024-09-27 21:29:24 +00:00
parent 9ed6d096bf
commit 24a46b4c85
3 changed files with 57 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
flake.lock
View file

@ -17,16 +17,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1726447378, "lastModified": 1726583932,
"narHash": "sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ=", "narHash": "sha256-zACxiQx8knB3F8+Ze+1BpiYrI+CbhxyWpcSID9kVhkQ=",
"owner": "nixos", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "086b448a5d54fd117f4dc2dee55c9f0ff461bdc1", "rev": "658e7223191d2598641d50ee4e898126768fe847",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "NixOS",
"ref": "nixos-24.05", "ref": "nixpkgs-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

3
flake.nix
View file

@ -2,7 +2,8 @@
description = "Ray VPS config"; description = "Ray VPS config";
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; # nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
hardware.url = "github:NixOS/nixos-hardware"; hardware.url = "github:NixOS/nixos-hardware";
}; };

51
hosts/git/configuration.nix
View file

@ -35,7 +35,9 @@
users.users = { users.users = {
root = { root = {
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7uSjbOgWMdaEzRGlEKM7kvT7q6jnAEZPQELAH6WAEM'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4/EIEDcL9c1najb9J9205DyaJA/4jjH5jeME3JihFk'' ]; openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7uSjbOgWMdaEzRGlEKM7kvT7q6jnAEZPQELAH6WAEM"
];
}; };
rayandrew = { rayandrew = {
initialPassword = "mamamia"; initialPassword = "mamamia";
@ -45,6 +47,19 @@
]; ];
extraGroups = ["wheel"]; extraGroups = ["wheel"];
}; };
cgit = {
createHome = true;
isSystemUser = true;
shell = "${pkgs.git}/bin/git-shell";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7uSjbOgWMdaEzRGlEKM7kvT7q6jnAEZPQELAH6WAEM"
];
group = "cgit";
};
};
users.groups = {
cgit = {};
}; };
services.openssh = { services.openssh = {
@ -84,8 +99,11 @@
ipv4.routes = [ { address = "172.31.1.1"; prefixLength = 32; } ]; ipv4.routes = [ { address = "172.31.1.1"; prefixLength = 32; } ];
ipv6.routes = [ { address = "fe80::1"; prefixLength = 128; } ]; ipv6.routes = [ { address = "fe80::1"; prefixLength = 128; } ];
}; };
}; };
firewall.allowedTCPPorts = [
80
443
];
}; };
services.udev.extraRules = '' services.udev.extraRules = ''
ATTR{address}=="96:00:03:b7:a9:ed", NAME="eth0" ATTR{address}=="96:00:03:b7:a9:ed", NAME="eth0"
@ -98,5 +116,34 @@
}; };
}; };
environment.systemPackages = with pkgs; [
vim
htop
];
services.cgit."git.rs.ht" = {
enable = true;
# mirrors = {
# dotfiles = { owner = "thedroneely"; url = "https://github.com/tdro/dotfiles.git"; };
# "thedroneely.com" = { owner = "thedroneely"; url = "https://github.com/tdro/thedroneely.com"; };
# clones = {
# cgit = { owner = "thedroneely"; url = "https://git.zx2c4.com/cgit"; };
# };
scanPath = "/srv/cgit/repos";
extraConfig = ''
robots=noindex
'';
};
services.nginx.virtualHosts."git.rs.ht" = {
addSSL = true;
enableACME = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "rs@rs.ht";
};
system.stateVersion = "24.05"; system.stateVersion = "24.05";
} }