Clean up packages and refactor nginx config
This commit is contained in:
parent
f210353ce5
commit
375758a958
|
@ -19,7 +19,6 @@
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
raspberrypi-tools
|
raspberrypi-tools
|
||||||
git
|
git
|
||||||
tmux
|
|
||||||
htop
|
htop
|
||||||
vim
|
vim
|
||||||
];
|
];
|
||||||
|
@ -43,7 +42,7 @@
|
||||||
users.users.coolneng = {
|
users.users.coolneng = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
home = "/home/coolneng";
|
home = "/home/coolneng";
|
||||||
extraGroups = [ "wheel" "lp" "scanner" ];
|
extraGroups = [ "wheel" "lp" "scanner" "docker" ];
|
||||||
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDG7JtfAqcbZV28wkNTfSWSqTOo5buH+dyT0w6SlTqq+KFh5DxREB0yGuM1UfjLpyLQ0XI7UbhCwNG28Li4yv/hwPGq63TF1kl+w4sjQKFn4bOUv1NvsfSN3oTamjfYoVsrapCiXqOvZkzEKMF47MSwOfPkqZ6ihU5V3INA0IZbl1Ri+r9MsIzvY76ZHBiF6rVqQJjdXVDbcLMViOrM56FpyK+ICo+uTkErsEbYFwevVTv9memOh778RRPesBobpZjggWOI4HXXxqk35myInYjHve9K4ox6YZMjwnwnEftONr2HyoBBcBNT+wWd1jtYxCoCWQ3vVkn4LGBDOQ3+HKb4rT3JxI66VfFyQWGJPdgJL5/ZNRlBqA7CpAtE7JaR6l7d3mCCoGW2B0atWiEXecwb8dz4CzzYm1r9Wz27L74OtPzUqcV7mQjCVDcnRsY/MtfhzyWzhB3tujVqnRtF3VrFSrm0YXS1ZWG4dltX1cfgud8s8XwwBKcFw5NdCrVxq3nRMNlGcSqbXC+RnrkK/i6ciAriZdXgFrmnBl+6qEmqIO15u2IPvDhnQs18DzRkHnPQegphhHhHix5aaqNbLfSRZNCTQaqE774X+0kuU/RWylI4muIyf4k9x+et4txeU2OC6l0W0LMpbsELzXIRr/ZBFrGHbE7/KLi8HNiAJ0KmAQ== coolneng@monolith" ];
|
openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDG7JtfAqcbZV28wkNTfSWSqTOo5buH+dyT0w6SlTqq+KFh5DxREB0yGuM1UfjLpyLQ0XI7UbhCwNG28Li4yv/hwPGq63TF1kl+w4sjQKFn4bOUv1NvsfSN3oTamjfYoVsrapCiXqOvZkzEKMF47MSwOfPkqZ6ihU5V3INA0IZbl1Ri+r9MsIzvY76ZHBiF6rVqQJjdXVDbcLMViOrM56FpyK+ICo+uTkErsEbYFwevVTv9memOh778RRPesBobpZjggWOI4HXXxqk35myInYjHve9K4ox6YZMjwnwnEftONr2HyoBBcBNT+wWd1jtYxCoCWQ3vVkn4LGBDOQ3+HKb4rT3JxI66VfFyQWGJPdgJL5/ZNRlBqA7CpAtE7JaR6l7d3mCCoGW2B0atWiEXecwb8dz4CzzYm1r9Wz27L74OtPzUqcV7mQjCVDcnRsY/MtfhzyWzhB3tujVqnRtF3VrFSrm0YXS1ZWG4dltX1cfgud8s8XwwBKcFw5NdCrVxq3nRMNlGcSqbXC+RnrkK/i6ciAriZdXgFrmnBl+6qEmqIO15u2IPvDhnQs18DzRkHnPQegphhHhHix5aaqNbLfSRZNCTQaqE774X+0kuU/RWylI4muIyf4k9x+et4txeU2OC6l0W0LMpbsELzXIRr/ZBFrGHbE7/KLi8HNiAJ0KmAQ== coolneng@monolith" ];
|
||||||
shell = "/run/current-system/sw/bin/fish";
|
shell = "/run/current-system/sw/bin/fish";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,13 +1,7 @@
|
||||||
# Syncthing and Radicale configuration
|
# Syncthing and Radicale configuration
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
|
# Enable Syncthing
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
syncthing
|
|
||||||
radicale
|
|
||||||
];
|
|
||||||
|
|
||||||
# Enable syncthing
|
|
||||||
services.syncthing = {
|
services.syncthing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
openDefaultPorts = true;
|
openDefaultPorts = true;
|
||||||
|
|
|
@ -1,10 +1,6 @@
|
||||||
# Software development configuration
|
# Software development configuration
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
gitea
|
|
||||||
];
|
|
||||||
|
|
||||||
# Gitea setup with daily backup
|
# Gitea setup with daily backup
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -20,8 +16,4 @@
|
||||||
dump.enable = true;
|
dump.enable = true;
|
||||||
appName = "Gitea";
|
appName = "Gitea";
|
||||||
};
|
};
|
||||||
|
|
||||||
# Restart nginx after startup
|
|
||||||
systemd.services.nginx.after = [ "gitea.service" ];
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,11 +4,6 @@
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
ddclient
|
|
||||||
];
|
|
||||||
|
|
||||||
# Dynamic DNS configuration
|
# Dynamic DNS configuration
|
||||||
services.ddclient = {
|
services.ddclient = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,12 +1,6 @@
|
||||||
# CUPS and SANE configuration
|
# CUPS and SANE configuration
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
{
|
{
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
cups
|
|
||||||
sane-backends
|
|
||||||
];
|
|
||||||
|
|
||||||
# Enable CUPS with Zeroconf
|
# Enable CUPS with Zeroconf
|
||||||
services.printing = {
|
services.printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -3,10 +3,8 @@
|
||||||
{
|
{
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
nginx
|
|
||||||
postgresql_11
|
postgresql_11
|
||||||
libressl
|
libressl
|
||||||
miniflux
|
|
||||||
];
|
];
|
||||||
|
|
||||||
services.nginx = {
|
services.nginx = {
|
||||||
|
@ -52,28 +50,30 @@
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
sslCertificate = "/var/lib/acme/coolneng.duckdns.org/fullchain.pem";
|
sslCertificate = "/var/lib/acme/coolneng.duckdns.org/fullchain.pem";
|
||||||
sslCertificateKey = "/var/lib/acme/coolneng.duckdns.org/key.pem";
|
sslCertificateKey = "/var/lib/acme/coolneng.duckdns.org/key.pem";
|
||||||
locations."/radicale/" = {
|
locations = {
|
||||||
|
"/radicale/" = {
|
||||||
proxyPass = "http://localhost:5232/";
|
proxyPass = "http://localhost:5232/";
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_set_header X-Script-Name /radicale;
|
proxy_set_header X-Script-Name /radicale;
|
||||||
proxy_pass_header Authorization;
|
proxy_pass_header Authorization;
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
locations."/syncthing/" = {
|
"/syncthing/" = {
|
||||||
proxyPass = "http://localhost:8384/";
|
proxyPass = "http://localhost:8384/";
|
||||||
};
|
};
|
||||||
locations."/gitea/" = {
|
"/gitea/" = {
|
||||||
proxyPass = "http://localhost:3000/";
|
proxyPass = "http://localhost:3000/";
|
||||||
};
|
};
|
||||||
locations."/miniflux/" = {
|
"/miniflux/" = {
|
||||||
proxyPass = "http://localhost:8080/miniflux/";
|
proxyPass = "http://localhost:8080/miniflux/";
|
||||||
};
|
};
|
||||||
locations."/wallabag/" = {
|
"/wallabag/" = {
|
||||||
proxyPass = "http://localhost:8081/";
|
proxyPass = "http://localhost:8081/";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
# ACME certs configuration
|
# ACME certs configuration
|
||||||
security.acme.certs = {
|
security.acme.certs = {
|
||||||
|
@ -133,4 +133,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Restart nginx after
|
||||||
|
systemd.services.nginx.after = [ "gitea.service" "syncthing.service" "miniflux.service" ];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue