# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, chirp, ... }:
{
imports =
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.package = pkgs.nixVersions.nix_2_28;
- networking.hostName = "nixos"; # Define your hostname.
+ nix.gc = {
+ automatic = true;
+ options = "--delete-older-than 30d";
+ };
+ nix.optimise.automatic = true;
+ system.autoUpgrade = {
+ enable = true;
+ allowReboot = true;
+ };
+
+ networking.hostName = "pschdev"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
- vim neovim wget file git
- zig fzf bat
+ vim wget file git fzf bat
+ helix
+ gitui
bintools
- htop
+ btop htop
+ systemctl-tui
tmux
+ md4c
- forgejo
- mbedtls
pkg-config
];
group = "git";
home = "/srv/git";
createHome = true;
+ homeMode = "750";
shell = "${pkgs.git}/bin/git-shell";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQOPefMnq0qvFjYxlrdlSmUgyCbvV85gkfRykVlTnrn ps@nixos"
};
services.qemuGuest.enable = true;
# virtualisation.qemu.guestAgent.enable = true;
+ programs.mosh.enable = true;
services.caddy = {
enable = true;
virtualHosts."psch.dev".extraConfig = ''
- respond hello :D
+ respond "hello :D"
'';
virtualHosts."chirp.psch.dev".extraConfig = ''
- reverse_proxy http://localhost:8080
+ reverse_proxy http://localhost:8080 {
+ request_buffers 8192
+ }
tls {
protocols tls1.3 tls1.3
}
'';
+ virtualHosts."git.psch.dev".extraConfig = ''
+ redir / /cgit
+ reverse_proxy localhost:8082
+ '';
};
- services.dbus.enable = true;
-
- # virtualHosts."git.psch.dev".extraConfig = ''
- # reverse_proxy unix//run/fcgiwrap.socket {
- # transport fastcgi {
- # split .cgi
- # }
- # }
- # '';
-
# services.chirp = {
# enable = true;
# };
+ users.users.chirp = {
+ isSystemUser = true;
+ group = "chirp";
+ home = "/var/lib/chirp";
+ createHome = true;
+ };
+ users.groups.chirp = {};
+
+ systemd.services.chirp = {
+ description = "Chirp SystemD Service";
+ wantedBy = ["multi-user.target"];
+ after = ["network.target"];
+ serviceConfig = {
+ WorkingDirectory = "/var/lib/chirp";
+ ExecStart = "${chirp.packages.${pkgs.system}.default}/bin/chirp";
+ Restart = "always";
+ Type = "simple";
+ User = "chirp";
+ Group = "chirp";
+ };
+ };
- # services."cgit".cgit = {
- # enable = true;
- # scanPath = "/srv/git";
- # };
+ services.gitDaemon = {
+ enable = true;
+ basePath = "/srv/git";
+ repositories = [ "/srv/git" ];
+ exportAll = true;
+ port = 9418;
+ };
+
+ services.lighttpd = {
+ enable = true;
+ document-root = "/srv/www";
+ port = 8082;
+
+ cgit = {
+ enable = true;
+ subdir = "cgit";
+ configText = ''
+ scan-path=/srv/git
+ robots=noindex, nofollow
+ readme=:readme.md
+ about-filter=${pkgs.writeShellScript "markdown" ''
+ ${pkgs.md4c}/bin/md2html --github --ftables
+ ''}
+ '';
+ };
+ gitweb.enable = true;
+ };
+ users.users."lighttpd".extraGroups = [ "git" ];
+
+ services.gitweb = {
+ gitwebTheme = false;
+ projectroot = "/srv/git";
+ };
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
projects / flake_server / blobdiff