{ inputs = { nixpkgs.url = "nixpkgs/nixos-unstable"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = { self, nixpkgs, ... }: let lib = nixpkgs.lib; in { # Windows with NixOS WSL nixosConfigurations.Felia = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./wsl-configuration.nix ]; specialArgs = { # includeHardware = false; hostname = "Felia"; _services.openssh = { permitRootLogin = "no"; enable = true; }; }; }; nixosConfigurations.lizzi = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./configuration.nix ]; specialArgs = { hostname = "lizzi"; _networking = { interfaces.eth1.ipv4.addresses = [{ address = "71.0.0.1"; prefixLength = 24; }]; firewall = { enable = true; allowedTCPPorts = [ 80 443 22 ]; }; useDHCP = false; # required so that we get IP address from linode interfaces.eth0.useDHCP = true; }; _boot.loader.grub.enable = true; _boot.loader.grub.version = 2; _services.openssh = { permitRootLogin = "no"; enable = true; }; _services.gitea = { enable = true; stateDir = "/gitea"; rootUrl = "https://git.pegasust.com"; settings = { repository = { "ENABLE_PUSH_CREATE_USER" = true; "ENABLE_PUSH_CREATE_ORG" = true; }; }; }; # Highly suspect that thanks to nginx, ipv6 is disabled? _services.nginx = { enable = true; clientMaxBodySize = "100m"; # Allow big file transfers over git :^) recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts."git.pegasust.com" = { # Gitea hostname sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem"; sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem"; forceSSL = true; # Runs on port 80 and 443 locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea }; }; }; }; # Generic machine nixosConfigurations.pixi = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./configuration.nix ]; specialArgs = { hostname = "pixi"; _networking = { # interfaces.eth1.ipv4.addresses = [{ # address = "71.0.0.1"; # prefixLength = 24; # }]; firewall = { enable = false; allowedTCPPorts = [ 80 443 22 ]; }; useDHCP = false; # interfaces.eth0.useDHCP = true; }; _boot.loader.grub.enable = true; _boot.loader.grub.version = 2; _services.openssh = { permitRootLogin = "no"; enable = true; }; _services.gitea = { enable = true; stateDir = "/gitea"; rootUrl = "https://git.pegasust.com"; settings = { repository = { "ENABLE_PUSH_CREATE_USER" = true; "ENABLE_PUSH_CREATE_ORG" = true; }; }; }; _services.nginx = { enable = true; clientMaxBodySize = "100m"; # Allow big file transfers over git :^) recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts."git.pegasust.com" = { # Gitea hostname sslCertificate = "/var/lib/acme/git.pegasust.com/fullchain.pem"; sslCertificateKey = "/var/lib/acme/git.pegasust.com/key.pem"; forceSSL = true; # Runs on port 80 and 443 locations."/".proxyPass = "http://localhost:3000/"; # Proxy to Gitea }; }; }; }; nixosConfigurations.nyx = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./configuration.nix ]; specialArgs = { hostname = "nyx"; _networking = { enableIPv6 = false; interfaces.eth1.ipv4.addresses = [{ address = "71.0.0.2"; prefixLength = 24; }]; firewall.enable = true; useDHCP = false; interfaces.eth0.useDHCP = true; }; _boot.loader.grub.enable = true; _boot.loader.grub.version = 2; _services.openssh = { permitRootLogin = "no"; enable = true; }; }; }; nixosConfigurations.nixos = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./configuration.nix ]; specialArgs = { hostname = "nixos"; }; }; }; }