code.dumpstack.io/configuration.nix

# nix-channel --add https://nixos.org/channels/nixos-unstable nixos
# nix-channel --update
#
{ config, pkgs, lib, ... }:
let
  var = import ./var.nix;
in {
  imports = [
    ./hardware-configuration.nix
  ];

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/vda";

  swapDevices = [
    { device = "/var/swapfile";
      size = 2048; # MiB
    }
  ];

  networking.hostName = builtins.replaceStrings ["."] ["-"] "${var.hostname}";

  networking.firewall =  {
    enable = true;
    allowedTCPPorts = [ 80 443 ];
  };

  users.extraUsers.root = {
    openssh.authorizedKeys.keys = [ var.pubkey ];
  };

  services.openssh.enable = true;

  environment.systemPackages = with pkgs; [
    vim
  ];

  services.gitea = {
    enable = true;
    appName = "${var.hostname}";

    settings = {
      server = {
        ROOT_URL = "https://${var.hostname}";
        DOMAIN = "${var.hostname}";
      };
      service = {
        DISABLE_REGISTRATION = true;
      };
      attachment = {
        ENABLED = false;
      };
      other = {
        SHOW_FOOTER_VERSION = false;
      };
      "repository.signing" = {
        DEFAULT_TRUST_MODEL = "committer";
      };
    };
  };

  security.acme.defaults.email = var.email;
  security.acme.acceptTerms = true;

  services.nginx = {
    enable = true;
    virtualHosts."${var.hostname}" = {
      enableACME = true;
      forceSSL = true;

      locations."/".proxyPass = "http://127.0.0.1:3000";
    };
  };

  system.autoUpgrade = {
    enable = true;
    allowReboot = true;
  };

  system.stateVersion = "19.03";

  nix = {
    optimise.automatic = true;
    gc = {
      automatic = true;
      options = "--delete-older-than 7d";
    };
  };
}
Use unstable channel 2022-03-20 16:33:00 +00:00			`# nix-channel --add https://nixos.org/channels/nixos-unstable nixos`
Use Gitea from unstable and switch NixOS state to 19.03 2019-07-24 06:33:16 +00:00			`# nix-channel --update`
			`#`
Temporary fix for https://github.com/NixOS/nixpkgs/issues/74849 2019-12-04 17:33:37 +00:00			`{ config, pkgs, lib, ... }:`
Initial 2019-02-02 19:45:05 +00:00			`let`
Move out variables 2024-06-24 13:23:06 +00:00			`var = import ./var.nix;`
Initial 2019-02-02 19:45:05 +00:00			`in {`
Use Gitea from unstable and switch NixOS state to 19.03 2019-07-24 06:33:16 +00:00			`imports = [`
			`./hardware-configuration.nix`
			`];`
Initial 2019-02-02 19:45:05 +00:00
			`boot.loader.grub.enable = true;`
			`boot.loader.grub.device = "/dev/vda";`

Use unstable channel 2022-03-20 16:33:00 +00:00			`swapDevices = [`
			`{ device = "/var/swapfile";`
			`size = 2048; # MiB`
			`}`
			`];`

Move out variables 2024-06-24 13:23:06 +00:00			`networking.hostName = builtins.replaceStrings ["."] ["-"] "${var.hostname}";`
Initial 2019-02-02 19:45:05 +00:00
			`networking.firewall = {`
			`enable = true;`
			`allowedTCPPorts = [ 80 443 ];`
			`};`

			`users.extraUsers.root = {`
Move out variables 2024-06-24 13:23:06 +00:00			`openssh.authorizedKeys.keys = [ var.pubkey ];`
Initial 2019-02-02 19:45:05 +00:00			`};`

			`services.openssh.enable = true;`

			`environment.systemPackages = with pkgs; [`
			`vim`
			`];`

			`services.gitea = {`
			`enable = true;`
Move out variables 2024-06-24 13:23:06 +00:00			`appName = "${var.hostname}";`
Sync with upstream module updates 2024-06-24 10:12:16 +00:00
Use unstable channel 2022-03-20 16:33:00 +00:00			`settings = {`
Sync with upstream module updates 2024-06-24 10:12:16 +00:00			`server = {`
Move out variables 2024-06-24 13:23:06 +00:00			`ROOT_URL = "https://${var.hostname}";`
			`DOMAIN = "${var.hostname}";`
Sync with upstream module updates 2024-06-24 10:12:16 +00:00			`};`
			`service = {`
			`DISABLE_REGISTRATION = true;`
Use unstable channel 2022-03-20 16:33:00 +00:00			`};`
Sync with upstream module updates 2024-06-24 10:12:16 +00:00			`attachment = {`
			`ENABLED = false;`
Use unstable channel 2022-03-20 16:33:00 +00:00			`};`
Sync with upstream module updates 2024-06-24 10:12:16 +00:00			`other = {`
Use unstable channel 2022-03-20 16:33:00 +00:00			`SHOW_FOOTER_VERSION = false;`
			`};`
			`"repository.signing" = {`
			`DEFAULT_TRUST_MODEL = "committer";`
			`};`
			`};`
Initial 2019-02-02 19:45:05 +00:00			`};`
Temporary fix for https://github.com/NixOS/nixpkgs/issues/74849 2019-12-04 17:33:37 +00:00
Move out variables 2024-06-24 13:23:06 +00:00			`security.acme.defaults.email = var.email;`
Use unstable channel 2022-03-20 16:33:00 +00:00			`security.acme.acceptTerms = true;`
Initial 2019-02-02 19:45:05 +00:00
			`services.nginx = {`
			`enable = true;`
Move out variables 2024-06-24 13:23:06 +00:00			`virtualHosts."${var.hostname}" = {`
Initial 2019-02-02 19:45:05 +00:00			`enableACME = true;`
			`forceSSL = true;`

			`locations."/".proxyPass = "http://127.0.0.1:3000";`
			`};`
			`};`

Use unstable channel 2022-03-20 16:33:00 +00:00			`system.autoUpgrade = {`
			`enable = true;`
			`allowReboot = true;`
			`};`
Auto reboot after kernel changed 2019-04-12 17:24:45 +00:00
Use Gitea from unstable and switch NixOS state to 19.03 2019-07-24 06:33:16 +00:00			`system.stateVersion = "19.03";`
Auto garbage collect 2019-04-12 17:25:39 +00:00
Auto optimize storage 2019-04-12 17:41:59 +00:00			`nix = {`
			`optimise.automatic = true;`
			`gc = {`
			`automatic = true;`
			`options = "--delete-older-than 7d";`
			`};`
			`};`
Initial 2019-02-02 19:45:05 +00:00			`}`