update
This commit is contained in:
Ray Andrew
parent
9ed6d096bf
commit
24a46b4c85
3 changed files with 57 additions and 9 deletions
12
flake.lock
12
flake.lock
|
|
@ -17,16 +17,16 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1726447378,
|
||||
"narHash": "sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ=",
|
||||
"owner": "nixos",
|
||||
"lastModified": 1726583932,
|
||||
"narHash": "sha256-zACxiQx8knB3F8+Ze+1BpiYrI+CbhxyWpcSID9kVhkQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "086b448a5d54fd117f4dc2dee55c9f0ff461bdc1",
|
||||
"rev": "658e7223191d2598641d50ee4e898126768fe847",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.05",
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,7 +2,8 @@
|
|||
description = "Ray VPS config";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||
# nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||
hardware.url = "github:NixOS/nixos-hardware";
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,9 @@
|
|||
|
||||
users.users = {
|
||||
root = {
|
||||
openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7uSjbOgWMdaEzRGlEKM7kvT7q6jnAEZPQELAH6WAEM'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID4/EIEDcL9c1najb9J9205DyaJA/4jjH5jeME3JihFk'' ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7uSjbOgWMdaEzRGlEKM7kvT7q6jnAEZPQELAH6WAEM"
|
||||
];
|
||||
};
|
||||
rayandrew = {
|
||||
initialPassword = "mamamia";
|
||||
|
|
@ -45,6 +47,19 @@
|
|||
];
|
||||
extraGroups = ["wheel"];
|
||||
};
|
||||
cgit = {
|
||||
createHome = true;
|
||||
isSystemUser = true;
|
||||
shell = "${pkgs.git}/bin/git-shell";
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7uSjbOgWMdaEzRGlEKM7kvT7q6jnAEZPQELAH6WAEM"
|
||||
];
|
||||
group = "cgit";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = {
|
||||
cgit = {};
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
|
|
@ -84,8 +99,11 @@
|
|||
ipv4.routes = [ { address = "172.31.1.1"; prefixLength = 32; } ];
|
||||
ipv6.routes = [ { address = "fe80::1"; prefixLength = 128; } ];
|
||||
};
|
||||
|
||||
};
|
||||
firewall.allowedTCPPorts = [
|
||||
80
|
||||
443
|
||||
];
|
||||
};
|
||||
services.udev.extraRules = ''
|
||||
ATTR{address}=="96:00:03:b7:a9:ed", NAME="eth0"
|
||||
|
|
@ -98,5 +116,34 @@
|
|||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
htop
|
||||
];
|
||||
|
||||
services.cgit."git.rs.ht" = {
|
||||
enable = true;
|
||||
# mirrors = {
|
||||
# dotfiles = { owner = "thedroneely"; url = "https://github.com/tdro/dotfiles.git"; };
|
||||
# "thedroneely.com" = { owner = "thedroneely"; url = "https://github.com/tdro/thedroneely.com"; };
|
||||
# clones = {
|
||||
# cgit = { owner = "thedroneely"; url = "https://git.zx2c4.com/cgit"; };
|
||||
# };
|
||||
scanPath = "/srv/cgit/repos";
|
||||
extraConfig = ''
|
||||
robots=noindex
|
||||
'';
|
||||
};
|
||||
|
||||
services.nginx.virtualHosts."git.rs.ht" = {
|
||||
addSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
|
||||
security.acme = {
|
||||
acceptTerms = true;
|
||||
defaults.email = "rs@rs.ht";
|
||||
};
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue