diff options
| author | polwex <polwex@sortug.com> | 2024-07-21 01:49:04 +0700 |
|---|---|---|
| committer | polwex <polwex@sortug.com> | 2024-07-21 01:49:04 +0700 |
| commit | e64f7a78e01e5fa661471cb518cc71fc33223b5a (patch) | |
| tree | 691c444cf66e2f9d1ee63e4589ed09ec502baa3b /hosts/cloud/bkk/configuration.nix | |
| parent | 0816d59542658a62928050ef5f08e1460e554959 (diff) | |
m
Diffstat (limited to 'hosts/cloud/bkk/configuration.nix')
| -rw-r--r-- | hosts/cloud/bkk/configuration.nix | 72 |
1 files changed, 30 insertions, 42 deletions
diff --git a/hosts/cloud/bkk/configuration.nix b/hosts/cloud/bkk/configuration.nix index 42f6b2c..9769419 100644 --- a/hosts/cloud/bkk/configuration.nix +++ b/hosts/cloud/bkk/configuration.nix @@ -1,49 +1,37 @@ -{ modulesPath, lib, pkgs, ... }: { + modulesPath, + lib, + pkgs, + ... +}: { imports = [ ./hardware-configuration.nix ./nginx.nix - ]; - boot = { - loader.grub = { - enable = true; - device = "/dev/vda"; - }; - }; - users.users.root.openssh.authorizedKeys.keys = - [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+qXhCHNrSZmy4HEXaFn6xAp1w2GzQBMOfVdbR3E81Q cloudboxes" ]; + ../../users.nix + ../../base.nix + ../../server.nix + ]; + boot = { + loader.grub = { + enable = true; + device = "/dev/vda"; + }; + }; - # enable flakes - nix = { - package = pkgs.nixFlakes; - extraOptions = '' - experimental-features = nix-command flakes - ''; - settings = { - keep-outputs = true; - keep-derivations = true; - }; - }; - - services.openssh = { - enable = true; - passwordAuthentication = false; - # ports = [5522]; - }; - networking = { - hostName = "yn-bkk"; # use Digital Ocean metadata server - }; - networking.firewall = { - enable = false; - # allowedTCPPorts = [ 993 465 40308 80 443 53 51820 5522 ]; - # allowedUDPPorts = [ 993 465 40308 80 443 53 50000 50001 50002 50003 50004 50005 50006 50007 50008 50009 50010 51820 5522 ]; - }; - services.ntfy-sh = { - enable = true; - settings = { - base-url = "https://n.urbit.men"; - listen-http = ":8090"; - }; - }; + networking = { + hostName = "yn-bkk"; # use Digital Ocean metadata server + }; + networking.firewall = { + enable = false; + # allowedTCPPorts = [ 993 465 40308 80 443 53 51820 5522 ]; + # allowedUDPPorts = [ 993 465 40308 80 443 53 50000 50001 50002 50003 50004 50005 50006 50007 50008 50009 50010 51820 5522 ]; + }; + services.ntfy-sh = { + enable = true; + settings = { + base-url = "https://n.urbit.men"; + listen-http = ":8090"; + }; + }; system.stateVersion = "24.05"; # Did you read the comment? } |