dusk/ark
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

woo yea

Browse Source
This commit is contained in:
dusk 2022-07-30 06:54:32 +03:00
parent 91ad7a75f7
commit bc0fd49ad1
Signed by: dusk
GPG Key ID: 1D8F8FAF2294D6EA
3 changed files with 96 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
flake.lock
View File

@ -1,5 +1,27 @@
{ {
"nodes": { "nodes": {
"blog": {
"inputs": {
"flakeUtils": "flakeUtils",
"htmlNix": "htmlNix",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1659152758,
"narHash": "sha256-nbCRaXMAXfNvrqtWT2WtcYsf2Rym0Zv2WFJDmXk5sgY=",
"owner": "yusdacra",
"repo": "yusdacra.gitlab.io",
"rev": "420e525b8b8210e997748e500f55690fd89a8fca",
"type": "gitlab"
},
"original": {
"owner": "yusdacra",
"repo": "yusdacra.gitlab.io",
"type": "gitlab"
}
},
"crane": { "crane": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -110,6 +132,21 @@
"type": "github" "type": "github"
} }
}, },
"flakeUtils": {
"locked": {
"lastModified": 1648297722,
"narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"fufexan": { "fufexan": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -170,6 +207,31 @@
"type": "github" "type": "github"
} }
}, },
"htmlNix": {
"inputs": {
"flakeUtils": [
"blog",
"flakeUtils"
],
"nixpkgs": [
"blog",
"nixpkgs"
]
},
"locked": {
"lastModified": 1645050947,
"narHash": "sha256-BHPdruYD+6VAyfgsZ33jn00okHQZuxY6Veg4EUei85o=",
"owner": "yusdacra",
"repo": "html.nix",
"rev": "18fa28319f4cdca933da8f413a3e3bcfb36d37b0",
"type": "github"
},
"original": {
"owner": "yusdacra",
"repo": "html.nix",
"type": "github"
}
},
"hyprland": { "hyprland": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -301,6 +363,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"blog": "blog",
"fufexan": "fufexan", "fufexan": "fufexan",
"helix": "helix", "helix": "helix",
"home": "home", "home": "home",

2
flake.nix
View File

@ -20,6 +20,8 @@
hyprland.inputs.nixpkgs.follows = "nixpkgs"; hyprland.inputs.nixpkgs.follows = "nixpkgs";
fufexan.url = "github:fufexan/dotfiles"; fufexan.url = "github:fufexan/dotfiles";
fufexan.flake = false; fufexan.flake = false;
blog.url = "gitlab:yusdacra/yusdacra.gitlab.io";
blog.inputs.nixpkgs.follows = "nixpkgs";
}; };
outputs = inputs: let outputs = inputs: let

34
hosts/wolumonde/default.nix
View File

@ -1,4 +1,8 @@
{inputs, ...}: { {
inputs,
pkgs,
...
}: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -6,16 +10,40 @@
boot.cleanTmpDir = true; boot.cleanTmpDir = true;
zramSwap.enable = true; zramSwap.enable = true;
# ssh config
services.fail2ban.enable = true;
services.openssh = { services.openssh = {
enable = true; enable = true;
passwordAuthentication = false; passwordAuthentication = false;
}; };
services.fail2ban.enable = true;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
(builtins.readFile "${inputs.self}/secrets/ssh-key.pub") (builtins.readFile "${inputs.self}/secrets/ssh-key.pub")
]; ];
# nginx
services.nginx = {
enable = true;
virtualHosts."gaze.systems" = {
enableACME = true;
forceSSL = true;
root = "${inputs.blog.packages.${pkgs.system}.website}";
};
};
security.acme = {
acceptTerms = true;
certs = {
"gaze.systems".email = "y.bera003.06@pm.me";
};
};
# firewall stuffs
networking.firewall = {
enable = true;
allowedTCPPorts = [ 22 80 443 ];
allowedUDPPortRanges = [ ];
};
# nixinate for deployment
_module.args.nixinate = { _module.args.nixinate = {
host = builtins.readFile "${inputs.self}/secrets/wolumonde-ip"; host = builtins.readFile "${inputs.self}/secrets/wolumonde-ip";
sshUser = "root"; sshUser = "root";