1 # Edit this configuration file to define what should be installed on
2 # your system. Help is available in the configuration.nix(5) man page, on
3 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
5 { config, lib, pkgs, chirp, ... }:
9 [ # Include the results of the hardware scan.
10 ./hardware-configuration.nix
13 # Use the GRUB 2 boot loader.
14 boot.loader.systemd-boot.enable = true;
15 # boot.loader.grub.efiSupport = true;
16 # boot.loader.grub.efiInstallAsRemovable = true;
17 # boot.loader.efi.efiSysMountPoint = "/boot/efi";
18 # Define on which hard drive you want to install Grub.
19 # boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
21 nix.settings.experimental-features = [ "nix-command" "flakes" ];
22 nix.package = pkgs.nixVersions.nix_2_28;
26 options = "--delete-older-than 30d";
28 nix.optimise.automatic = true;
29 system.autoUpgrade = {
34 networking.hostName = "pschdev"; # Define your hostname.
35 # Pick only one of the below networking options.
36 # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
37 # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
39 networking.firewall = {
41 allowedTCPPorts = [ 80 443 9418 ];
45 time.timeZone = "Europe/Amsterdam";
47 # Configure network proxy if necessary
48 # networking.proxy.default = "http://user:password@proxy:port/";
49 # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
51 # Select internationalisation properties.
52 i18n.defaultLocale = "de_DE.UTF-8";
54 font = "Lat2-Terminus16";
55 keyMap = "de-latin1-nodeadkeys";
56 # useXkbConfig = true; # use xkb.options in tty.
59 # Enable the X11 windowing system.
60 # services.xserver.enable = true;
62 # Configure keymap in X11
63 # services.xserver.xkb.layout = "us";
64 # services.xserver.xkb.options = "eurosign:e,caps:escape";
66 # Enable CUPS to print documents.
67 # services.printing.enable = true;
70 # hardware.pulseaudio.enable = true;
72 # services.pipewire = {
74 # pulse.enable = true;
77 # Enable touchpad support (enabled default in most desktopManager).
78 # services.libinput.enable = true;
80 # Define a user account. Don't forget to set a password with ‘passwd’.
83 extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
84 packages = with pkgs; [
90 sudo.wheelNeedsPassword = false;
93 # nixpkgs.config.allowUnfree = true;
95 # List packages installed in system profile. To search, run:
97 environment.systemPackages = with pkgs; [
98 vim wget file git fzf bat
117 shell = "${pkgs.git}/bin/git-shell";
118 openssh.authorizedKeys.keys = [
119 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQOPefMnq0qvFjYxlrdlSmUgyCbvV85gkfRykVlTnrn ps@nixos"
122 users.groups.git = {};
127 init.defaultBranch = "main";
128 user.name = "Patrick";
129 user.email = "patrick.schoenberger@posteo.de";
133 # Some programs need SUID wrappers, can be configured further or are
134 # started in user sessions.
135 # programs.mtr.enable = true;
136 # programs.gnupg.agent = {
138 # enableSSHSupport = true;
141 # List services that you want to enable:
143 # Enable the OpenSSH daemon.
148 AllowTcpForwarding no
149 AllowAgentForwarding no
150 PasswordAuthentication no
155 services.qemuGuest.enable = true;
156 # virtualisation.qemu.guestAgent.enable = true;
157 programs.mosh.enable = true;
161 virtualHosts."psch.dev".extraConfig = ''
164 virtualHosts."chirp.psch.dev".extraConfig = ''
165 reverse_proxy http://localhost:8080 {
169 protocols tls1.3 tls1.3
172 virtualHosts."git.psch.dev".extraConfig = ''
174 reverse_proxy localhost:8082
181 users.users.chirp = {
184 home = "/var/lib/chirp";
187 users.groups.chirp = {};
189 systemd.services.chirp = {
190 description = "Chirp SystemD Service";
191 wantedBy = ["multi-user.target"];
192 after = ["network.target"];
194 WorkingDirectory = "/var/lib/chirp";
195 ExecStart = "${chirp.packages.${pkgs.system}.default}/bin/chirp";
203 services.gitDaemon = {
205 basePath = "/srv/git";
206 repositories = [ "/srv/git" ];
211 services.lighttpd = {
213 document-root = "/srv/www";
221 robots=noindex, nofollow
223 about-filter=${pkgs.writeShellScript "markdown" ''
224 ${pkgs.md4c}/bin/md2html --github --ftables
228 gitweb.enable = true;
230 users.users."lighttpd".extraGroups = [ "git" ];
234 projectroot = "/srv/git";
237 # Open ports in the firewall.
238 # networking.firewall.allowedTCPPorts = [ ... ];
239 # networking.firewall.allowedUDPPorts = [ ... ];
240 # Or disable the firewall altogether.
241 # networking.firewall.enable = false;
243 # Copy the NixOS configuration file and link it from the resulting system
244 # (/run/current-system/configuration.nix). This is useful in case you
245 # accidentally delete configuration.nix.
246 # system.copySystemConfiguration = true;
248 # This option defines the first version of NixOS you have installed on this particular machine,
249 # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
251 # Most users should NEVER change this value after the initial install, for any reason,
252 # even if you've upgraded your system to a new NixOS release.
254 # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
255 # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
256 # to actually do that.
258 # This value being lower than the current NixOS release does NOT mean your system is
259 # out of date, out of support, or vulnerable.
261 # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
262 # and migrated your data accordingly.
264 # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
265 system.stateVersion = "24.05"; # Did you read the comment?
projects / flake_server / blob