doloro/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add(server)

Browse Source
This commit is contained in:
Doloro1978
2026-02-08 00:01:25 +00:00
parent 3c57067a6f
commit 0d3c5c559f
11 changed files with 355 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
config/hosts/aspects/laptop/disko.nix → config/hosts/aspects/doloro-laptop/disko.nix
View File

0
config/hosts/aspects/laptop/home.nix → config/hosts/aspects/doloro-laptop/home.nix
View File

0
config/hosts/aspects/laptop/host.nix → config/hosts/aspects/doloro-laptop/host.nix
View File

41
config/hosts/aspects/servers/rpi5.nix Normal file
View File

@@ -0,0 +1,41 @@
{
den,
__findFile,
modules,
...
}:
{
den.aspects.rpi5 = {
includes = [
modules.raspberry-pi
modules.services.traefik
];
nixos = {
users.users.doloro = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
];
initialPassword = "meowmeowmeow";
};
networking.hostName = "nixos-001-rp5";
networking.firewall = {
enable = true;
allowedTCPPorts = [
80
443
8080
];
allowedUDPPortRanges = [ ];
};
virtualisation.oci-containers.backend = "docker";
services.openssh.enable = true;
nixpkgs.hostPlatform = "aarch64-linux";
};
};
}

0
config/hosts/root.nix → config/hosts/computers.nix
View File

11
config/hosts/servers.nix Normal file
View File

@@ -0,0 +1,11 @@
{ den, __findFile, ... }:
{
# The single rpi5 i have running on the side of my desk
den.hosts.aarch64-linux.rpi5 = {
users.doloro = {
includes = [ <modules/user/groups> ];
aspect = "doloro-server";
};
};
}

38
config/modules/raspberry-pi.nix Normal file
View File

@@ -0,0 +1,38 @@
{
den,
__findFile,
modules,
inputs,
...
}:
{
flake-file.inputs = {
raspberry-pi-nix.url = "github:nix-community/raspberry-pi-nix";
};
modules.raspberry-pi = {
# TODO, make this take an attr set which describes which rpi it is
nixos =
{ pkgs, ... }:
let
rpi-pi = inputs.raspberry-pi-nix;
in
{
imports = [
rpi-pi.nixosModules.raspberry-pi
rpi-pi.nixosModules.sd-image
];
environment.systemPackages = with pkgs; [
libraspberrypi
];
sdImage.compressImage = false;
raspberry-pi-nix.board = "bcm2712"; # Rpi 5 - 64bit
# We need to rebuild kernel for 6.12
# raspberry-pi-nix.kernel-version = "v6_12_17";
raspberry-pi-nix.uboot.enable = false;
hardware.enableRedistributableFirmware = true;
};
};
}

51
config/modules/services/traefik.nix Normal file
View File

@@ -0,0 +1,51 @@
{
den,
__findFile,
modules,
...
}:
{
# Basic traefik
modules.services.traefik = {
services.traefik = {
nixos =
{ config, ... }:
{
enable = true;
staticConfigOptions = {
entryPoints = {
web = {
address = ":80";
http.redirections.entrypoint = {
to = "websecure";
scheme = "https";
};
asDefault = true;
};
websecure = {
address = ":443";
asDefault = true;
http.tls.certResolver = "letsencrypt";
};
traefik = {
address = ":8080";
};
};
certificatesResolvers.letsencrypt.acme = {
email = "doloroo@proton.me";
storage = "${config.services.traefik.dataDir}/acme.json";
httpChallenge.entryPoint = "web";
};
providers = {
docker = {
endpoint = "unix:///var/run/docker.sock";
};
};
api.dashboard = true;
api.insecure = true;
};
};
};
};
}

16
config/modules/user/servers/root.nix Normal file
View File

@@ -0,0 +1,16 @@
{ modules, ... }:
{
# Applys public keys and various root account config
modules.servers.rootAcc =
{ config, user, ... }:
{
nixos = {
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE/4h+WCBBW82puv8SMdUbkWymF4amEMuZitgFztB6oZ" # laptop pub key
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBaa6Z5qtBSLEz+A4fQGYPfkOISsRQlmKkVbcx2zxML7" # pc pub key
];
};
};
};
}