Drift/brzeczyszczykiewicz-flake
Drift
/
brzeczyszczykiewicz-flake
Archived
16
0
Fork 0
Code Issues Pull Requests Activity
This repository has been archived on 2023-12-19. You can view files and clone it, but cannot push or open issues or pull requests.
brzeczyszczykiewicz-flake/flake.nix

95 lines
3.1 KiB
Nix
Raw Blame History

{
description = "bokhylle";
inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
inputs.grzegorz.url = "github:Programvareverkstedet/grzegorz";
inputs.grzegorz.inputs.nixpkgs.follows = "nixpkgs";
inputs.grzegorz-clients.url = "github:Programvareverkstedet/grzegorz-clients";
inputs.grzegorz-clients.inputs.nixpkgs.follows = "nixpkgs";
outputs = {
self,
nixpkgs,
grzegorz,
grzegorz-clients,
...
}@inputs:
{
inherit inputs;
nixosConfigurations.brzeczyszczykiewicz = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
grzegorz.nixosModules.grzegorz-kiosk
grzegorz-clients.nixosModules.grzegorz-webui
./hardware-configuration.nix
({ config, ... }: {
system.stateVersion = "23.05";
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true;
networking.hostName = "brzeczyszczykiewicz";
networking.domain = "pvv.ntnu.no";
networking.search = [ "pvv.ntnu.no" ];
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
services.xserver.layout = "no";
services.xserver.xkbVariant = "";
console.keyMap = "no";
services.pipewire.enable = true;
services.pipewire.alsa.enable = true;
services.pipewire.alsa.support32Bit = true;
services.pipewire.pulse.enable = true;
users.users.pvv = {
isNormalUser = true;
description = "pvv";
extraGroups = [ "networkmanager" "wheel" ];
#packages = [ ];
};
services.grzegorz.enable = true;
services.grzegorz.listenAddr = "::1";
services.grzegorz.listenPort = 31337;
services.grzegorz-webui.enable = true;
services.grzegorz-webui.listenAddr = "::1";
services.grzegorz-webui.apiBase = "http://[::1]:${builtins.toString config.services.grzegorz-webui.listenPort}";
#services.grzegorz-webui.apiBase = "https://brzeczyszczykiewicz.pvv.ntnu.no/api";
security.acme.acceptTerms = true;
security.acme.defaults.email = "pederbs@pvv.ntnu.no";
services.nginx.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx.virtualHosts."brzeczyszczykiewicz.pvv.ntnu.no" = {
forceSSL = false;
enableACME = false;
serverAliases = [
"brzeczyszczykiewicz.pvv.org"
"bokhylle.pvv.ntnu.no"
"bokhylle.pvv.org"
];
extraConfig = ''
allow 129.241.210.128/25;
allow 2001:700:300:1900::/64;
deny all;
'';
locations."/" = {
proxyPass = "http://localhost:${builtins.toString config.services.grzegorz-webui.listenPort}";
proxyWebsockets = true;
};
};
})
];
};
};
}
Reference in New Issue View Git Blame Copy Permalink