diff --git a/machines/oracle/configuration.nix b/machines/oracle/configuration.nix index e4c5199..940bfe5 100644 --- a/machines/oracle/configuration.nix +++ b/machines/oracle/configuration.nix @@ -1,4 +1,9 @@ -{ pkgs, config, lib, ... }: { +{ + pkgs, + config, + lib, + ... +}: { imports = [ ./hardware-configuration.nix ]; @@ -10,7 +15,7 @@ networking.domain = "subnet08161027.vcn08161027.oraclevcn.com"; networking.firewall = { enable = true; - allowedUDPPorts = [ 51820 ]; + allowedUDPPorts = [51820]; }; services.openssh.enable = true; @@ -18,13 +23,13 @@ PasswordAuthentication = false; }; - environment.systemPackages = with pkgs; [ wireguard-tools ]; + environment.systemPackages = with pkgs; [wireguard-tools]; # Wireguard tunnel age.secrets.wireguardOracle.file = ../../secrets/wireguard-oracle.age; networking.wg-quick.interfaces = { wg0 = { - address = [ "10.0.10.1/24" ]; + address = ["10.0.10.1/24"]; listenPort = 51820; privateKeyFile = config.age.secrets.wireguardOracle.path; @@ -41,12 +46,12 @@ environment.variables.EDITOR = "nvim"; users.users.michael = { - isNormalUser = true; - home = "/home/michael"; - description = "Michael Thomas"; - extraGroups = [ "wheel" "networkmanager" ]; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = [ + isNormalUser = true; + home = "/home/michael"; + description = "Michael Thomas"; + extraGroups = ["wheel" "networkmanager"]; + shell = pkgs.zsh; + openssh.authorizedKeys.keys = [ ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDUYHiTel+RDzygCeNwV25cnBBNioM19EQWqxPC+xq7lNlNcAQ4wi9JIOONVGkshxPXzKZyR3F53Igs9JZr1E9088L52eUp35JhW1pthai82cw1jGkj9wxcKJnU6b7QNDKA+ejPTC/ciFFKytMyPgID0ICzBRQsnj15i4lGvGDgfTQ7qfI2J855H7S7qOpY7cbsGfeoz3f8Ye1FspJFDsNu9QhX05iunBcbni0uLoTtgS5cEBRr7H9RkKR7GCfd4Ae/sp+aeDkLU4aBkEi+A8VLfR74Juia1j/3mAAmkgJKGcBCKUv0ixBGd6XclZmkF8f2Hx0z8mDxJ7U8lsDUSKdvxK7fecsM4F/GTvjrUxV1nLD4SRQ06GtBmGQGDzIn3Nm1URd6gGT9W3486XJsqmGzjuHa5o4WhmBgh/Gs8xUcv7kWD5enrYacBr+HKVJWnnLFp+XfAYaMCT6j/4jc4D9/9hijRbhboICTDxWCWtFgz7QpsO6BQpi/wkR4Ql61vPc= michael@neptune'' ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQr9lluvuGk3qU1bE7HrrZcE36x5hhD5Dat+E4My55aoh+Df/JeuWMPvzS4zLKMsIIZCUX6kbjvTtvWe7gPLflhDOUGI947MK9B01pojDn0LBugz57Ai9fPlG5+AlMWaxWitmP8JB637oxBpqesqxHdiEKW25u9t2qOvjX3kCdcoSYDlW72Xm8ZI9+qKcAlGLnFhiQxM18rjHcZYdn9ZyWRRSC1ocuTqnbh5lsYoMhD+4QWo5LmwMVjr5uix0i+ktqKzENaiDgA/MQIWQrHqUavfjvMRyyQO7bScVTe/PllKFpLOBym2SLC5hD7vG69BBo0dQUto8tAbIgI9Tmv1dx michael@venus'' @@ -56,35 +61,33 @@ swapDevices = [ { device = "/var/lib/swapfile"; - size = 4*1024; + size = 4 * 1024; } ]; # Services services.caddy = { enable = true; - package = - let - caddyWithPlugins = builtins.fetchurl { - url = "https://raw.githubusercontent.com/jpds/nixpkgs/a33b02fa9d664f31dadc8a874eb1a5dbaa9f4ecf/pkgs/servers/caddy/default.nix"; - sha256 = "sha256:1x1g6qyhmclz2jyc5nmfjsri3xx4pw5rd15n2xjkxlgdcvywcv5f"; - }; - in - (pkgs.callPackage "${caddyWithPlugins}" { - externalPlugins = [ - { - name = "greenpau/caddy-security"; - repo = "github.com/greenpau/caddy-security"; - version = "v1.1.23"; - } - ]; - vendorHash = "sha256-rGNyeHZZBxVM8GMUQMV/JzkK9S/l8tefaQde/d4x9LA="; - }); + package = let + caddyWithPlugins = builtins.fetchurl { + url = "https://raw.githubusercontent.com/jpds/nixpkgs/a33b02fa9d664f31dadc8a874eb1a5dbaa9f4ecf/pkgs/servers/caddy/default.nix"; + sha256 = "sha256:1x1g6qyhmclz2jyc5nmfjsri3xx4pw5rd15n2xjkxlgdcvywcv5f"; + }; + in (pkgs.callPackage "${caddyWithPlugins}" { + externalPlugins = [ + { + name = "greenpau/caddy-security"; + repo = "github.com/greenpau/caddy-security"; + version = "v1.1.23"; + } + ]; + vendorHash = "sha256-rGNyeHZZBxVM8GMUQMV/JzkK9S/l8tefaQde/d4x9LA="; + }); globalConfig = '' email michaelhthomas@outlook.com ''; virtualHosts = { - "s.michaelt.xyx".extraConfig = '' + "s.michaelt.xyz".extraConfig = '' respond "Coming soon!" ''; "auth.s.michaelt.xyz".extraConfig = '' @@ -98,7 +101,7 @@ ''; }; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + networking.firewall.allowedTCPPorts = [80 443]; services.uptime-kuma = { enable = true;