nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: nyanloutre:2ff32860e578503d62afe90005a8802ee1fea44f
Branches Tags
nyanloutre:master
..
compare: nyanloutre:fab9a81d0e9600a70666346bdb70bd7576ccf41c
Branches Tags
nyanloutre:master

No commits in common. "2ff32860e578503d62afe90005a8802ee1fea44f" and "fab9a81d0e9600a70666346bdb70bd7576ccf41c" have entirely different histories.
2ff32860e5 ... fab9a81d0e

5 changed files with 47 additions and 65 deletions
Show stats Expand all files Collapse all files

61
flake.lock generated
View file

@ -23,11 +23,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1686668177, "lastModified": 1635873573,
"narHash": "sha256-sr4VMrsUG3ePrk8HNL2OeQ/gDqqnGRjzzzDSxRf65lo=", "narHash": "sha256-KcrFb8HSNcVTtYNXoUwZxW531cQn6T3YBU6Goo5G9mo=",
"owner": "nyanloutre", "owner": "nyanloutre",
"repo": "dogetipbot-telegram", "repo": "dogetipbot-telegram",
"rev": "baafc544b59db91dbe9466565e2f224e3aa76f7b", "rev": "e781adbbeda8aa0cbaef47558fc28f9e1dd162fb",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@ -37,22 +37,6 @@
"type": "gitlab" "type": "gitlab"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": { "flake-utils": {
"locked": { "locked": {
"lastModified": 1638122382, "lastModified": 1638122382,
@ -91,26 +75,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1686513595, "lastModified": 1686035213,
"narHash": "sha256-H3JNqj7TEiMx5rd8lRiONvgFZvmf3kmwHI2umDdqgFY=", "narHash": "sha256-hRcXUoVWWuLqFzQ1QVQx4ewvbnst1NkCxoZhmpzrilA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bb8b5735d6f7e06b9ddd27de115b0600c1ffbdb4", "rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-22_11": {
"locked": {
"lastModified": 1669558522,
"narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -121,11 +90,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1686501370, "lastModified": 1686135559,
"narHash": "sha256-G0WuM9fqTPRc2URKP9Lgi5nhZMqsfHGrdEbrLvAPJcg=", "narHash": "sha256-pY8waAV8K/sbHBdLn5diPFnQKpNg0YS9w03MrD2lUGE=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "75a5ebf473cd60148ba9aec0d219f72e5cf52519", "rev": "381e92a35e2d196fdd6077680dca0cd0197e75cb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -147,27 +116,25 @@
"simple-nixos-mailserver": { "simple-nixos-mailserver": {
"inputs": { "inputs": {
"blobs": "blobs", "blobs": "blobs",
"flake-compat": "flake-compat",
"nixpkgs": [ "nixpkgs": [
"nixpkgs-unstable" "nixpkgs-unstable"
], ],
"nixpkgs-22_11": "nixpkgs-22_11", "nixpkgs-22_11": [
"nixpkgs-23_05": [
"nixpkgs" "nixpkgs"
], ],
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1686496219, "lastModified": 1671659164,
"narHash": "sha256-8zXZ/813yzaRA84js98G3XQ3GEEzFGnxhjvVyxkEey0=", "narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=",
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"rev": "4966c0f63f04659015f064f2aa34b1893a16dfde", "rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
"owner": "simple-nixos-mailserver", "owner": "simple-nixos-mailserver",
"ref": "nixos-23.05", "ref": "nixos-22.11",
"repo": "nixos-mailserver", "repo": "nixos-mailserver",
"type": "gitlab" "type": "gitlab"
} }

7
flake.nix
View file

@ -1,13 +1,13 @@
{ {
inputs = { inputs = {
nixpkgs.url = "flake:nixpkgs/nixos-23.05"; nixpkgs.url = "flake:nixpkgs/nixos-22.11";
nixpkgs-unstable.url = "flake:nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "flake:nixpkgs/nixos-unstable";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1"; utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1";
simple-nixos-mailserver = { simple-nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.05"; url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.11";
inputs = { inputs = {
nixpkgs.follows = "nixpkgs-unstable"; nixpkgs.follows = "nixpkgs-unstable";
nixpkgs-23_05.follows = "nixpkgs"; nixpkgs-22_11.follows = "nixpkgs";
}; };
}; };
dogetipbot-telegram = { dogetipbot-telegram = {
@ -46,6 +46,7 @@
]; ];
hosts.loutreos.modules = [ hosts.loutreos.modules = [
"${nixpkgs-unstable}/nixos/modules/services/web-apps/photoprism.nix"
simple-nixos-mailserver.nixosModule simple-nixos-mailserver.nixosModule
dogetipbot-telegram.nixosModule dogetipbot-telegram.nixosModule
ipmihddtemp.nixosModule ipmihddtemp.nixosModule

34
systems/LoutreOS/configuration.nix
View file

@ -22,7 +22,7 @@
supportedFilesystems = [ "zfs" ]; supportedFilesystems = [ "zfs" ];
tmp.useTmpfs = true; tmpOnTmpfs = true;
}; };
documentation.nixos.enable = false; documentation.nixos.enable = false;
@ -57,6 +57,10 @@
id = 100; id = 100;
interface = "eno1"; interface = "eno1";
}; };
chinoiseries = {
id = 20;
interface = "eno2";
};
}; };
interfaces = { interfaces = {
@ -70,6 +74,11 @@
{ address = "10.30.0.1"; prefixLength = 16; } { address = "10.30.0.1"; prefixLength = 16; }
]; ];
}; };
chinoiseries = {
ipv4.addresses = [
{ address = "10.40.0.1"; prefixLength = 16; }
];
};
enp0s21u2.useDHCP = true; enp0s21u2.useDHCP = true;
}; };
@ -79,8 +88,8 @@
externalInterface = "bouygues"; externalInterface = "bouygues";
# Permet d'utiliser le SNAT plus rapide au lieu de MASQUERADE # Permet d'utiliser le SNAT plus rapide au lieu de MASQUERADE
# externalIP = "0.0.0.0"; # externalIP = "0.0.0.0";
internalIPs = [ "10.30.0.0/16" ]; internalIPs = [ "10.30.0.0/16" "10.40.0.0/16" ];
internalInterfaces = [ "eno2" ]; internalInterfaces = [ "eno2" "chinoiseries" ];
forwardPorts = [ forwardPorts = [
{ destination = "10.30.0.1:22"; proto = "tcp"; sourcePort = 8443;} { destination = "10.30.0.1:22"; proto = "tcp"; sourcePort = 8443;}
{ destination = "10.30.135.35:25565"; proto = "tcp"; sourcePort = 25565; loopbackIPs=[ "195.36.180.44" ];} { destination = "10.30.135.35:25565"; proto = "tcp"; sourcePort = 25565; loopbackIPs=[ "195.36.180.44" ];}
@ -123,7 +132,7 @@
services.dhcpd4 = { services.dhcpd4 = {
enable = true; enable = true;
interfaces = [ "eno2" ]; interfaces = [ "eno2" "chinoiseries" ];
machines = [ machines = [
{ ethernetAddress = "50:c7:bf:b6:b8:ef"; hostName = "HS110"; ipAddress = "10.30.50.7"; } { ethernetAddress = "50:c7:bf:b6:b8:ef"; hostName = "HS110"; ipAddress = "10.30.50.7"; }
{ ethernetAddress = "ac:1f:6b:4b:01:15"; hostName = "IPMI"; ipAddress = "10.30.1.1"; } { ethernetAddress = "ac:1f:6b:4b:01:15"; hostName = "IPMI"; ipAddress = "10.30.1.1"; }
@ -133,6 +142,11 @@
{ ethernetAddress = "e0:98:06:85:e9:ce"; hostName = "salonled"; ipAddress = "10.30.40.1"; } { ethernetAddress = "e0:98:06:85:e9:ce"; hostName = "salonled"; ipAddress = "10.30.40.1"; }
{ ethernetAddress = "e0:98:06:86:38:fc"; hostName = "bureauled"; ipAddress = "10.30.40.2"; } { ethernetAddress = "e0:98:06:86:38:fc"; hostName = "bureauled"; ipAddress = "10.30.40.2"; }
{ ethernetAddress = "50:02:91:78:be:be"; hostName = "guirlande"; ipAddress = "10.30.40.3"; } { ethernetAddress = "50:02:91:78:be:be"; hostName = "guirlande"; ipAddress = "10.30.40.3"; }
# YeeLights
{ ethernetAddress = "04:cf:8c:b5:7e:18"; hostName = "yeelink-light-color3_miap7e18"; ipAddress = "10.40.249.0"; }
{ ethernetAddress = "04:cf:8c:b5:2d:28"; hostName = "yeelink-light-color3_miap2d28"; ipAddress = "10.40.249.1"; }
{ ethernetAddress = "04:cf:8c:b5:71:04"; hostName = "yeelink-light-color3_miap7104"; ipAddress = "10.40.249.2"; }
]; ];
extraConfig = '' extraConfig = ''
option domain-name-servers 89.234.141.66, 80.67.169.12, 80.67.169.40; option domain-name-servers 89.234.141.66, 80.67.169.12, 80.67.169.40;
@ -141,6 +155,10 @@
option routers 10.30.0.1; option routers 10.30.0.1;
range 10.30.100.0 10.30.200.0; range 10.30.100.0 10.30.200.0;
} }
subnet 10.40.0.0 netmask 255.255.0.0 {
option routers 10.40.0.1;
range 10.40.100.0 10.40.200.0;
}
''; '';
}; };
@ -150,11 +168,9 @@
services.openssh = { services.openssh = {
enable = true; enable = true;
settings = { permitRootLogin = "no";
PermitRootLogin = "no"; passwordAuthentication = false;
PasswordAuthentication = false; forwardX11 = true;
X11Forwarding = true;
};
}; };
users = { users = {

2
systems/LoutreOS/services.nix
View file

@ -62,7 +62,7 @@ in
}; };
# Certificate setup # Certificate setup
certificateScheme = "manual"; certificateScheme = 1;
certificateFile = "/var/lib/acme/${domaine}/fullchain.pem"; certificateFile = "/var/lib/acme/${domaine}/fullchain.pem";
keyFile = "/var/lib/acme/${domaine}/key.pem"; keyFile = "/var/lib/acme/${domaine}/key.pem";

8
systems/LoutreOS/web.nix
View file

@ -262,7 +262,7 @@ in
}; };
}; };
"ci.nyanlout.re" = simpleReverse 52350; "ci.nyanlout.re" = simpleReverse 52350;
"gitea.nyanlout.re" = simpleReverse config.services.gitea.settings.server.HTTP_PORT; "gitea.nyanlout.re" = simpleReverse config.services.gitea.httpPort;
"musique.nyanlout.re" = simpleReverse config.services.navidrome.settings.Port; "musique.nyanlout.re" = simpleReverse config.services.navidrome.settings.Port;
"photo.nyanlout.re" = recursiveUpdate (simpleReverse config.services.photoprism.port) { "photo.nyanlout.re" = recursiveUpdate (simpleReverse config.services.photoprism.port) {
locations."/" = { locations."/" = {
@ -350,16 +350,14 @@ in
gitea = { gitea = {
enable = true; enable = true;
httpPort = 3001;
rootUrl = "https://gitea.nyanlout.re/";
database = { database = {
type = "postgres"; type = "postgres";
port = 5432; port = 5432;
passwordFile = "/var/lib/gitea/custom/conf/database_password"; passwordFile = "/var/lib/gitea/custom/conf/database_password";
}; };
settings = { settings = {
server = {
HTTP_PORT = 3001;
ROOT_URL = "https://gitea.nyanlout.re/";
};
ui.DEFAULT_THEME = "arc-green"; ui.DEFAULT_THEME = "arc-green";
log.LEVEL = "Warn"; log.LEVEL = "Warn";
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;