eliribble
/
nixos-systems
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: eliribble:f44f8346f4c890aa3e998ff039b6b6898b3f2ea5
Branches Tags
eliribble:main
..
compare: eliribble:6271f38fff4058e1e7047e14acfb31b39b9901fa
Branches Tags
eliribble:main

No commits in common. "f44f8346f4c890aa3e998ff039b6b6898b3f2ea5" and "6271f38fff4058e1e7047e14acfb31b39b9901fa" have entirely different histories.
f44f8346f4 ... 6271f38fff

1 changed files with 23 additions and 54 deletions
Show Stats Expand all files Collapse all files

77
quinn/etc/nixos/configuration.nix
View File

@ -92,7 +92,6 @@
fish
git
htop
lsof
#mongodb
neovim
nginx
@ -120,7 +119,6 @@
# enable = true;
# enableSSHSupport = true;
# };
programs.mosh.enable = true;
# Make neovim the default editor
programs.neovim.enable = true;
@ -135,7 +133,7 @@
enableACME = false;
locations."/".extraConfig = ''
proxy_pass http://127.0.0.1:10000;
client_body_buffer_size 128k;
client_body_buffer_size 128k;
client_max_body_size 10G;
#Timeout if the real server is dead
@ -183,12 +181,15 @@
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Disable the resolved stub listener, let Pihole do it
services.resolved = {
extraConfig = ''
DNSStubListener=no
'';
};
# Enable radvd for advertising IPv6 local addresses
#services.radvd.config = ''
#interface enp2s0 {
#AdvDefaultLifetime 0;
#AdvSendAdvert on;
#prefix fc00::5/48 { };
#};
#'';
#services.radvd.enable = true;
# Set up a samba share for the scanner
services.samba = {
@ -231,7 +232,12 @@
];
};
networking.useNetworkd = true;
#networking.interfaces = {
#enp2s0.ipv6.addresses = [{
#address = "fc00:0000:000::5";
#prefixLength = 48;
#}];
#};
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
@ -256,31 +262,6 @@
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
systemd.network.enable = true;
systemd.network.networks."10-wan" = {
matchConfig.Name = "enp2s0";
networkConfig = {
# start a DHCP Client for IPv4 Addressing/Routing
DHCP = "ipv4";
# accept Router Advertisements for Stateless IPv6 Autoconfiguraton (SLAAC)
IPv6AcceptRA = true;
};
addresses = [{
addressConfig = {
Address="fd00::2/64";
};
} {
addressConfig = {
Address="::/0";
Scope="global";
};
}];
# make routing on this interface a dependency for network-online.target
linkConfig.RequiredForOnline = "routable";
};
systemd.services.scan-uploader = {
enable = true;
wantedBy = [ "multi-user.target" ];
@ -305,35 +286,23 @@
autoStart = true;
environment = {
TZ = "America/Phoenix";
DNSMASQ_LISTENING = "all";
DNSMASQ_LISTENING = "all";
};
extraOptions = ["--network=bridge"];
image = "docker.io/pihole/pihole:2024.07.0";
ports = [
"53:53/tcp"
"53:53/udp"
"67:67"
"127.0.0.1:10000:80"
"192.168.1.5:53:53/tcp"
"192.168.1.5:53:53/udp"
"192.168.1.5:67:67"
"127.0.0.1:10000:80"
];
volumes = [
"/etc/pihole/config:/etc/pihole"
"/etc/pihole/dnsmasq.d:/etc/dnsmasq.d"
"/etc/pihole/dnsmasq.d:/etc/dnsmasq.d"
];
};
};
virtualisation.podman.enable = true;
virtualisation.podman.dockerSocket.enable = true;
virtualisation.podman.defaultNetwork.settings = {
dns_enabled = false;
ipv6_enabled = true;
subnets = [{
gateway = "10.88.0.1";
subnet = "10.88.0.0/16";
}
{
gateway = "fd00::1:8:1";
subnet = "fd00::1:8:0/122";
}];
};
virtualisation.podman.defaultNetwork.settings.dns_enabled = true;
}