nixos-configs/machine/catacomb/default.nix

99 lines
2.1 KiB
Nix

{ pkgs, lib, ... }:
{
imports = [
./hardware-configuration.nix
./mopidy.nix
];
beatific.hostName = "catacomb";
beatific.defaults.tvbSync = false;
boot = {
loader = {
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
generic-extlinux-compatible.enable = true;
};
};
system.stateVersion = "22.11"; # Read the usual warning
swapDevices = [ { device = "/swap"; size = 1024; } ];
environment.systemPackages = with pkgs; [
lsof # list open files
mpv # cli media player
smartmontools # provides smartctl
usbutils # provides lsusb
];
networking = {
hostId = "beeeeee5"; # this must be consistent for ZFS
firewall = {
enable = true;
allowedTCPPorts = [ 80 139 445 ];
allowedUDPPorts = [ 137 138 ];
};
wireless = {
enable = true;
networks."mysterious humming noise".pskRaw = "ext:MHN_PSK";
secretsFile = "/root/wifi.env";
};
};
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# To avoid needing an active user session, run a single system instance
systemWide = true;
};
services.openssh.settings.PasswordAuthentication = true;
services.rsyncd.enable = true;
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
default = {
default = true;
locations."/".return = "444";
};
"mopidy.home.ktvb.site" = {
listen = [
{ addr = "10.22.20.2"; }
{ addr = "catacomb.lan"; }
];
locations."/" = {
proxyWebsockets = true;
proxyPass = "http://localhost:6680";
};
};
};
};
users.users.tvb = {
uid = 1001;
extraGroups = [
"pipewire"
];
packages = [
(pkgs.writeShellScriptBin "yt-dlp" ''
exec $HOME/.env/bin/yt-dlp "$@"
'')
];
};
users.users.katydid = {
isNormalUser = true;
uid = 1002;
};
nix.settings.cores = 4;
}