nyanloutre/nixos-config
1
1
Fork 1
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: nyanloutre:2ff32860e578503d62afe90005a8802ee1fea44f
Branches Tags
nyanloutre:master
..
compare: nyanloutre:fab9a81d0e9600a70666346bdb70bd7576ccf41c
Branches Tags
nyanloutre:master

No commits in common. "2ff32860e578503d62afe90005a8802ee1fea44f" and "fab9a81d0e9600a70666346bdb70bd7576ccf41c" have entirely different histories.
2ff32860e5 ... fab9a81d0e

5 changed files with 47 additions and 65 deletions
Show stats Expand all files Collapse all files

61
flake.lock generated
View file

@ -23,11 +23,11 @@
]
},
"locked": {
"lastModified": 1686668177,
"narHash": "sha256-sr4VMrsUG3ePrk8HNL2OeQ/gDqqnGRjzzzDSxRf65lo=",
"lastModified": 1635873573,
"narHash": "sha256-KcrFb8HSNcVTtYNXoUwZxW531cQn6T3YBU6Goo5G9mo=",
"owner": "nyanloutre",
"repo": "dogetipbot-telegram",
"rev": "baafc544b59db91dbe9466565e2f224e3aa76f7b",
"rev": "e781adbbeda8aa0cbaef47558fc28f9e1dd162fb",
"type": "gitlab"
},
"original": {
@ -37,22 +37,6 @@
"type": "gitlab"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1638122382,
@ -91,26 +75,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1686513595,
"narHash": "sha256-H3JNqj7TEiMx5rd8lRiONvgFZvmf3kmwHI2umDdqgFY=",
"lastModified": 1686035213,
"narHash": "sha256-hRcXUoVWWuLqFzQ1QVQx4ewvbnst1NkCxoZhmpzrilA=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bb8b5735d6f7e06b9ddd27de115b0600c1ffbdb4",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-22_11": {
"locked": {
"lastModified": 1669558522,
"narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
"rev": "d83945caa7624015f11b152bf5c6c4363ffe9f7c",
"type": "github"
},
"original": {
@ -121,11 +90,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1686501370,
"narHash": "sha256-G0WuM9fqTPRc2URKP9Lgi5nhZMqsfHGrdEbrLvAPJcg=",
"lastModified": 1686135559,
"narHash": "sha256-pY8waAV8K/sbHBdLn5diPFnQKpNg0YS9w03MrD2lUGE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "75a5ebf473cd60148ba9aec0d219f72e5cf52519",
"rev": "381e92a35e2d196fdd6077680dca0cd0197e75cb",
"type": "github"
},
"original": {
@ -147,27 +116,25 @@
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs-unstable"
],
"nixpkgs-22_11": "nixpkgs-22_11",
"nixpkgs-23_05": [
"nixpkgs-22_11": [
"nixpkgs"
],
"utils": "utils"
},
"locked": {
"lastModified": 1686496219,
"narHash": "sha256-8zXZ/813yzaRA84js98G3XQ3GEEzFGnxhjvVyxkEey0=",
"lastModified": 1671659164,
"narHash": "sha256-DbpT+v1POwFOInbrDL+vMbYV3mVbTkMxmJ5j50QnOcA=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "4966c0f63f04659015f064f2aa34b1893a16dfde",
"rev": "bc667fb6afc45f6cc2d118ab77658faf2227cffd",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"ref": "nixos-23.05",
"ref": "nixos-22.11",
"repo": "nixos-mailserver",
"type": "gitlab"
}

7
flake.nix
View file

@ -1,13 +1,13 @@
{
inputs = {
nixpkgs.url = "flake:nixpkgs/nixos-23.05";
nixpkgs.url = "flake:nixpkgs/nixos-22.11";
nixpkgs-unstable.url = "flake:nixpkgs/nixos-unstable";
utils.url = "github:gytis-ivaskevicius/flake-utils-plus/v1.3.1";
simple-nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.05";
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-22.11";
inputs = {
nixpkgs.follows = "nixpkgs-unstable";
nixpkgs-23_05.follows = "nixpkgs";
nixpkgs-22_11.follows = "nixpkgs";
};
};
dogetipbot-telegram = {
@ -46,6 +46,7 @@
];
hosts.loutreos.modules = [
"${nixpkgs-unstable}/nixos/modules/services/web-apps/photoprism.nix"
simple-nixos-mailserver.nixosModule
dogetipbot-telegram.nixosModule
ipmihddtemp.nixosModule

34
systems/LoutreOS/configuration.nix
View file

@ -22,7 +22,7 @@
supportedFilesystems = [ "zfs" ];
tmp.useTmpfs = true;
tmpOnTmpfs = true;
};
documentation.nixos.enable = false;
@ -57,6 +57,10 @@
id = 100;
interface = "eno1";
};
chinoiseries = {
id = 20;
interface = "eno2";
};
};
interfaces = {
@ -70,6 +74,11 @@
{ address = "10.30.0.1"; prefixLength = 16; }
];
};
chinoiseries = {
ipv4.addresses = [
{ address = "10.40.0.1"; prefixLength = 16; }
];
};
enp0s21u2.useDHCP = true;
};
@ -79,8 +88,8 @@
externalInterface = "bouygues";
# Permet d'utiliser le SNAT plus rapide au lieu de MASQUERADE
# externalIP = "0.0.0.0";
internalIPs = [ "10.30.0.0/16" ];
internalInterfaces = [ "eno2" ];
internalIPs = [ "10.30.0.0/16" "10.40.0.0/16" ];
internalInterfaces = [ "eno2" "chinoiseries" ];
forwardPorts = [
{ destination = "10.30.0.1:22"; proto = "tcp"; sourcePort = 8443;}
{ destination = "10.30.135.35:25565"; proto = "tcp"; sourcePort = 25565; loopbackIPs=[ "195.36.180.44" ];}
@ -123,7 +132,7 @@
services.dhcpd4 = {
enable = true;
interfaces = [ "eno2" ];
interfaces = [ "eno2" "chinoiseries" ];
machines = [
{ ethernetAddress = "50:c7:bf:b6:b8:ef"; hostName = "HS110"; ipAddress = "10.30.50.7"; }
{ ethernetAddress = "ac:1f:6b:4b:01:15"; hostName = "IPMI"; ipAddress = "10.30.1.1"; }
@ -133,6 +142,11 @@
{ ethernetAddress = "e0:98:06:85:e9:ce"; hostName = "salonled"; ipAddress = "10.30.40.1"; }
{ ethernetAddress = "e0:98:06:86:38:fc"; hostName = "bureauled"; ipAddress = "10.30.40.2"; }
{ ethernetAddress = "50:02:91:78:be:be"; hostName = "guirlande"; ipAddress = "10.30.40.3"; }
# YeeLights
{ ethernetAddress = "04:cf:8c:b5:7e:18"; hostName = "yeelink-light-color3_miap7e18"; ipAddress = "10.40.249.0"; }
{ ethernetAddress = "04:cf:8c:b5:2d:28"; hostName = "yeelink-light-color3_miap2d28"; ipAddress = "10.40.249.1"; }
{ ethernetAddress = "04:cf:8c:b5:71:04"; hostName = "yeelink-light-color3_miap7104"; ipAddress = "10.40.249.2"; }
];
extraConfig = ''
option domain-name-servers 89.234.141.66, 80.67.169.12, 80.67.169.40;
@ -141,6 +155,10 @@
option routers 10.30.0.1;
range 10.30.100.0 10.30.200.0;
}
subnet 10.40.0.0 netmask 255.255.0.0 {
option routers 10.40.0.1;
range 10.40.100.0 10.40.200.0;
}
'';
};
@ -150,11 +168,9 @@
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
X11Forwarding = true;
};
permitRootLogin = "no";
passwordAuthentication = false;
forwardX11 = true;
};
users = {

2
systems/LoutreOS/services.nix
View file

@ -62,7 +62,7 @@ in
};
# Certificate setup
certificateScheme = "manual";
certificateScheme = 1;
certificateFile = "/var/lib/acme/${domaine}/fullchain.pem";
keyFile = "/var/lib/acme/${domaine}/key.pem";

8
systems/LoutreOS/web.nix
View file

@ -262,7 +262,7 @@ in
};
};
"ci.nyanlout.re" = simpleReverse 52350;
"gitea.nyanlout.re" = simpleReverse config.services.gitea.settings.server.HTTP_PORT;
"gitea.nyanlout.re" = simpleReverse config.services.gitea.httpPort;
"musique.nyanlout.re" = simpleReverse config.services.navidrome.settings.Port;
"photo.nyanlout.re" = recursiveUpdate (simpleReverse config.services.photoprism.port) {
locations."/" = {
@ -350,16 +350,14 @@ in
gitea = {
enable = true;
httpPort = 3001;
rootUrl = "https://gitea.nyanlout.re/";
database = {
type = "postgres";
port = 5432;
passwordFile = "/var/lib/gitea/custom/conf/database_password";
};
settings = {
server = {
HTTP_PORT = 3001;
ROOT_URL = "https://gitea.nyanlout.re/";
};
ui.DEFAULT_THEME = "arc-green";
log.LEVEL = "Warn";
service.DISABLE_REGISTRATION = true;