From eafad2af578acee0c234b0b10b092c6c8066992f Mon Sep 17 00:00:00 2001 From: caem Date: Sun, 25 Jun 2023 12:21:00 +0200 Subject: [PATCH] Update homserver config --- packages/nginx/homeserver.nix | 13 ++++++++++++ packages/syncthing/homeserver.nix | 18 ++++++++++++++++ systems/hardware/homeserver.nix | 5 +++++ systems/homeserver.nix | 35 ++++++++++++++++++++++++------- users/media.nix | 8 +++++++ 5 files changed, 72 insertions(+), 7 deletions(-) create mode 100644 packages/nginx/homeserver.nix create mode 100644 packages/syncthing/homeserver.nix create mode 100644 users/media.nix diff --git a/packages/nginx/homeserver.nix b/packages/nginx/homeserver.nix new file mode 100644 index 0000000..1ab6038 --- /dev/null +++ b/packages/nginx/homeserver.nix @@ -0,0 +1,13 @@ +{ ... }: + +{ + services.nginx.enable = true; + services.nginx.virtualHosts."192.168.2.69" = { + root = "/mnt/mass/Torrents"; + extraConfig = '' + autoindex on; + ''; + }; + + networking.firewall.allowedTCPPorts = [ 80 ]; +} diff --git a/packages/syncthing/homeserver.nix b/packages/syncthing/homeserver.nix new file mode 100644 index 0000000..cddef3b --- /dev/null +++ b/packages/syncthing/homeserver.nix @@ -0,0 +1,18 @@ +{ ... }: + +{ + imports = [ + ../../users/media.nix + ]; + + services.syncthing = { + enable = true; + user = "media"; + dataDir = "/mnt/mass"; + configDir = "/mnt/mass/Services/Syncthing"; + guiAddress = "0.0.0.0:8384"; + }; + + networking.firewall.allowedTCPPorts = [ 8384 22000 ]; + networking.firewall.allowedUDPPorts = [ 22000 21027 ]; +} diff --git a/systems/hardware/homeserver.nix b/systems/hardware/homeserver.nix index ae36bf3..6083dac 100644 --- a/systems/hardware/homeserver.nix +++ b/systems/hardware/homeserver.nix @@ -29,6 +29,11 @@ fsType = "zfs"; }; + fileSystems."/mnt/mass" = { + device = "/dev/disk/by-uuid/f04baac4-40a9-4115-b09d-83b252ee69ad"; + fsType = "xfs"; + }; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking diff --git a/systems/homeserver.nix b/systems/homeserver.nix index fc4f368..c32506e 100644 --- a/systems/homeserver.nix +++ b/systems/homeserver.nix @@ -7,20 +7,30 @@ ./persist/homeserver.nix ../sets/meta/sysadmin.nix ../packages/vim/package.nix + ../packages/nginx/homeserver.nix + ../packages/syncthing/homeserver.nix ]; - boot.loader = { - efi = { - canTouchEfiVariables = true; + boot = { + loader = { + efi = { + canTouchEfiVariables = true; + }; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + }; }; - grub = { - enable = true; - efiSupport = true; - device = "nodev"; + + kernel = { + sysctl."net.ipv6.conf.eth0.disable_ipv6" = true; }; }; networking = { + hostName = "homeserver"; + enableIPv6 = false; hostId = "95f846dc"; interfaces = { eno1.ipv4.addresses = [{ @@ -34,5 +44,16 @@ console = { keyMap = "uk"; + nameservers = [ "1.1.1.1" "8.8.8.8" ]; + defaultGateway = "192.168.2.1"; + firewall = { + enable = true; + allowedTCPPorts = [ 22 ]; + }; + }; + + # To not mess up SSH sessions from weird terminals + environment.sessionVariables = rec { + TERM = "xterm"; }; } diff --git a/users/media.nix b/users/media.nix new file mode 100644 index 0000000..96c0a5b --- /dev/null +++ b/users/media.nix @@ -0,0 +1,8 @@ +{ ... }: + +{ + users.users.media = { + isNormalUser = true; + description = "media"; + }; +}