nix/hosts/thought/configuration.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 |
{ pkgs, ... }:
{
imports = [
./disko-config.nix
./hardware-configuration.nix
];
system.stateVersion = "24.05";
swapDevices = [
{
device = "/swapfile";
size = 2048; # MB
}
];
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
time.timeZone = "Europe/Kyiv";
i18n.defaultLocale = "en_US.UTF-8";
networking = {
hostName = "vps";
useDHCP = true;
# Interface names will be auto-detected in hardware-configuration.nix
# Using generic DHCP setting
interfaces = { };
firewall = {
enable = true;
allowedTCPPorts = [
80
443
2222
];
};
};
environment.systemPackages = with pkgs; [
neovim
git
htop
tmux
];
age.identityPaths = [ "/keys.txt" ]; # TODO: i dont like that i overwrites literally everything
services = {
caddy = {
enable = true;
package = pkgs.caddy.withPlugins {
plugins = [ "github.com/mholt/caddy-l4@v0.0.0-20260116154418-93f52b6a03ba" ];
hash = "sha256-s8D9p8k/Gote8s4fk0pv35R7aIwRi5ze7gbBHj+Fm8U=";
};
};
openssh = {
enable = true;
ports = [ 2222 ];
settings = {
PasswordAuthentication = false;
PermitRootLogin = "no";
};
};
};
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
settings = {
auto-optimise-store = true;
experimental-features = [
"nix-command"
"flakes"
];
};
};
}
|