SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 22:11:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
nixos-config/hosts/srv-public/default.nix

108 lines
2.3 KiB
Nix
Raw Blame History

{ config, ... }:
{
system.stateVersion = "24.11";
meta = {
domains.validate = true;
ports.validate = true;
};
custom = {
sops = {
enable = true;
agePublicKey = "age1g9fm9w3j2ep7qrqmq9wx09p3ynn3xm7elp36eursj2fvh6yw5q6st448jz";
};
boot.loader.grub.enable = true;
services = {
resolved.enable = true;
tailscale = {
enable = true;
ssh.enable = true;
};
crowdsec = {
enable = true;
sources = {
iptables = true;
sshd = true;
caddy = true;
};
bouncers.firewall = true;
};
forgejo = {
enable = true;
doBackups = true;
domain = "git.sstork.dev";
ssh.enable = true;
};
hedgedoc = {
enable = true;
doBackups = true;
domain = "docs.sprouted.cloud";
};
outline = {
enable = true;
domain = "outline.sprouted.cloud";
};
it-tools = {
enable = true;
domain = "tools.sprouted.cloud";
};
stirling-pdf = {
enable = true;
domain = "pdf.sprouted.cloud";
};
privatebin = {
enable = true;
domain = "pastebin.sprouted.cloud";
};
openspeedtest = {
enable = true;
domain = "speedtest.sprouted.cloud";
};
caddy.virtualHosts =
let
inherit (config.custom) services;
in
{
forgejo = {
inherit (services.forgejo) domain port;
};
hedgedoc = {
inherit (services.hedgedoc) domain port;
};
outline = {
inherit (services.outline) domain port;
};
it-tools = {
inherit (services.it-tools) domain port;
};
stirling-pdf = {
inherit (services.stirling-pdf) domain port;
};
privatebin = {
inherit (services.privatebin) domain port;
};
openspeedtest = {
inherit (services.openspeedtest) domain port;
tls = false;
extraReverseProxyConfig = ''
request_buffers 35MiB
response_buffers 35MiB
flush_interval -1
'';
};
};
};
};
}
Reference in a new issue View git blame Copy permalink