summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hosts/base.nix2
-rw-r--r--hosts/cloud/sortug/configuration.nix2
-rw-r--r--hosts/cloud/span/nginx.nix18
-rw-r--r--hosts/local/fw11/configuration.nix3
-rw-r--r--hosts/local/fw11/framework.kbd2
-rw-r--r--hosts/local/fw11/keyboard.nix1
-rw-r--r--hosts/local/gnome.nix5
-rw-r--r--hosts/local/ohira/configuration.nix2
-rw-r--r--hosts/nixos.nix1
9 files changed, 20 insertions, 16 deletions
diff --git a/hosts/base.nix b/hosts/base.nix
index 2ba2c05..8d79398 100644
--- a/hosts/base.nix
+++ b/hosts/base.nix
@@ -1,4 +1,6 @@
{pkgs, ...}: {
+ # fucking linux vulnerability
+ services.printing.enable = false;
# enable flakes
nix = {
gc = {
diff --git a/hosts/cloud/sortug/configuration.nix b/hosts/cloud/sortug/configuration.nix
index fa4aad2..308f010 100644
--- a/hosts/cloud/sortug/configuration.nix
+++ b/hosts/cloud/sortug/configuration.nix
@@ -65,7 +65,7 @@
enable = true;
domains = ["2001:4860:4860::8888" "2001:4860:4860::8844"];
};
- services.tailscale.enable = true;
+ # services.tailscale.enable = true;
# networking.firewall = {
# enable = true;
diff --git a/hosts/cloud/span/nginx.nix b/hosts/cloud/span/nginx.nix
index cda5ab4..4da4b68 100644
--- a/hosts/cloud/span/nginx.nix
+++ b/hosts/cloud/span/nginx.nix
@@ -1,11 +1,14 @@
-{ config, pkgs, ... }: {
-
+{
+ config,
+ pkgs,
+ ...
+}: {
services.nginx = {
enable = true;
appendHttpConfig = ''
limit_req_zone $binary_remote_addr zone=blog:10m rate=10r/s;
'';
- virtualHosts."spandrell.ch" = {
+ virtualHosts."spandrell.ch" = {
enableACME = true;
forceSSL = true;
locations."/" = {
@@ -18,7 +21,7 @@
'';
};
};
- virtualHosts."u.spandrell.ch" = {
+ virtualHosts."u.spandrell.ch" = {
enableACME = true;
forceSSL = true;
locations."/" = {
@@ -31,14 +34,17 @@
'';
};
};
- virtualHosts."s3.spandrell.ch" = {
+ virtualHosts."s3.spandrell.ch" = {
+ extraConfig = ''
+ client_max_body_size 128M;
+ '';
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:9000";
proxyWebsockets = true; # needed if you need to use WebSocket
extraConfig = ''
- proxy_set_header Host $Host;
+ proxy_set_header Host $Host;
'';
};
};
diff --git a/hosts/local/fw11/configuration.nix b/hosts/local/fw11/configuration.nix
index 6375534..284ac0c 100644
--- a/hosts/local/fw11/configuration.nix
+++ b/hosts/local/fw11/configuration.nix
@@ -57,9 +57,6 @@ in {
time.timeZone = "Asia/Bangkok";
# time.timeZone = "Europe/Madrid";
- # Enable CUPS to print documents.
- # services.printing.enable = true;
-
# List services that you want to enable:
services.openssh.enable = true;
diff --git a/hosts/local/fw11/framework.kbd b/hosts/local/fw11/framework.kbd
index 2594bf6..721aade 100644
--- a/hosts/local/fw11/framework.kbd
+++ b/hosts/local/fw11/framework.kbd
@@ -10,7 +10,7 @@ fallthrough true
;; allow-cmd true
;; use 'ls /dev/input/by-id/' for detachable keyboards and
;; 'ls /dev/input/by-path/' for builtin keyboards location'
-input (device-file "/dev/input/event0")
+ input (device-file "/dev/input/event0")
;; Not sure what this does. Please check the docs.
output (uinput-sink "My KMonad output")
)
diff --git a/hosts/local/fw11/keyboard.nix b/hosts/local/fw11/keyboard.nix
index 13852a0..ac39694 100644
--- a/hosts/local/fw11/keyboard.nix
+++ b/hosts/local/fw11/keyboard.nix
@@ -36,6 +36,7 @@
keyboards.internal = {
device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
config = builtins.readFile ./framework.kbd;
+ # device = builtins.pathExists /dev.input/by-id/usb-Lenovo_ThinkPad_Compact_USB_Keyboard_with_TrackPoint-event-kbd
# device = "/dev/input/by-id/usb-Lenovo_ThinkPad_Compact_USB_Keyboard_with_TrackPoint-event-kbd";
# config = builtins.readFile ./thinkpad.kbd;
diff --git a/hosts/local/gnome.nix b/hosts/local/gnome.nix
index 9459392..1220720 100644
--- a/hosts/local/gnome.nix
+++ b/hosts/local/gnome.nix
@@ -6,7 +6,6 @@
pkgs,
...
}: {
-
# Enable the X11 windowing system.
services.xserver.enable = true;
@@ -75,7 +74,7 @@
];
services.flatpak.enable = true;
# Enable CUPS to print documents.
- services.printing.enable = true;
+ services.printing.enable = false;
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
@@ -93,7 +92,6 @@
#media-session.enable = true;
};
-
fonts = {
enableDefaultPackages = true;
fontconfig = {
@@ -133,5 +131,4 @@
# wqy_zenhei
];
};
-
}
diff --git a/hosts/local/ohira/configuration.nix b/hosts/local/ohira/configuration.nix
index e5316f5..480926a 100644
--- a/hosts/local/ohira/configuration.nix
+++ b/hosts/local/ohira/configuration.nix
@@ -82,7 +82,7 @@
};
# Enable CUPS to print documents.
- services.printing.enable = true;
+ services.printing.enable = false;
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
diff --git a/hosts/nixos.nix b/hosts/nixos.nix
index 96d8bf3..e85a2a9 100644
--- a/hosts/nixos.nix
+++ b/hosts/nixos.nix
@@ -16,6 +16,7 @@ in {
# pi4 = mkNixosSystem "aarch64-linux" "headless/pi4";
# # cloud boxes
sortug = mkNixosSystem "x64_64-linux" "cloud/sortug";
+ span = mkNixosSystem "x64_64-linux" "cloud/span";
lightnode = mkNixosSystem "x64_64-linux" "cloud/bkk";
hostinger = mkNixosSystem "x64_64-linux" "cloud/jeet";
# contabo = mkNixosSystem "x64_64-linux" "cloud/contabo";