michael/nix-dots
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix(oracle): typo

Browse Source
This commit is contained in:
Michael Thomas 2024-05-08 11:02:38 -04:00
parent f65babd85a
commit 646d15f8ee
1 changed files with 33 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
machines/oracle/configuration.nix
View File

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }: { {
pkgs,
config,
lib,
...
}: {
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -10,7 +15,7 @@
networking.domain = "subnet08161027.vcn08161027.oraclevcn.com"; networking.domain = "subnet08161027.vcn08161027.oraclevcn.com";
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedUDPPorts = [ 51820 ]; allowedUDPPorts = [51820];
}; };
services.openssh.enable = true; services.openssh.enable = true;
@ -18,13 +23,13 @@
PasswordAuthentication = false; PasswordAuthentication = false;
}; };
environment.systemPackages = with pkgs; [ wireguard-tools ]; environment.systemPackages = with pkgs; [wireguard-tools];
# Wireguard tunnel # Wireguard tunnel
age.secrets.wireguardOracle.file = ../../secrets/wireguard-oracle.age; age.secrets.wireguardOracle.file = ../../secrets/wireguard-oracle.age;
networking.wg-quick.interfaces = { networking.wg-quick.interfaces = {
wg0 = { wg0 = {
address = [ "10.0.10.1/24" ]; address = ["10.0.10.1/24"];
listenPort = 51820; listenPort = 51820;
privateKeyFile = config.age.secrets.wireguardOracle.path; privateKeyFile = config.age.secrets.wireguardOracle.path;
@ -41,12 +46,12 @@
environment.variables.EDITOR = "nvim"; environment.variables.EDITOR = "nvim";
users.users.michael = { users.users.michael = {
isNormalUser = true; isNormalUser = true;
home = "/home/michael"; home = "/home/michael";
description = "Michael Thomas"; description = "Michael Thomas";
extraGroups = [ "wheel" "networkmanager" ]; extraGroups = ["wheel" "networkmanager"];
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDUYHiTel+RDzygCeNwV25cnBBNioM19EQWqxPC+xq7lNlNcAQ4wi9JIOONVGkshxPXzKZyR3F53Igs9JZr1E9088L52eUp35JhW1pthai82cw1jGkj9wxcKJnU6b7QNDKA+ejPTC/ciFFKytMyPgID0ICzBRQsnj15i4lGvGDgfTQ7qfI2J855H7S7qOpY7cbsGfeoz3f8Ye1FspJFDsNu9QhX05iunBcbni0uLoTtgS5cEBRr7H9RkKR7GCfd4Ae/sp+aeDkLU4aBkEi+A8VLfR74Juia1j/3mAAmkgJKGcBCKUv0ixBGd6XclZmkF8f2Hx0z8mDxJ7U8lsDUSKdvxK7fecsM4F/GTvjrUxV1nLD4SRQ06GtBmGQGDzIn3Nm1URd6gGT9W3486XJsqmGzjuHa5o4WhmBgh/Gs8xUcv7kWD5enrYacBr+HKVJWnnLFp+XfAYaMCT6j/4jc4D9/9hijRbhboICTDxWCWtFgz7QpsO6BQpi/wkR4Ql61vPc= michael@neptune'' ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDUYHiTel+RDzygCeNwV25cnBBNioM19EQWqxPC+xq7lNlNcAQ4wi9JIOONVGkshxPXzKZyR3F53Igs9JZr1E9088L52eUp35JhW1pthai82cw1jGkj9wxcKJnU6b7QNDKA+ejPTC/ciFFKytMyPgID0ICzBRQsnj15i4lGvGDgfTQ7qfI2J855H7S7qOpY7cbsGfeoz3f8Ye1FspJFDsNu9QhX05iunBcbni0uLoTtgS5cEBRr7H9RkKR7GCfd4Ae/sp+aeDkLU4aBkEi+A8VLfR74Juia1j/3mAAmkgJKGcBCKUv0ixBGd6XclZmkF8f2Hx0z8mDxJ7U8lsDUSKdvxK7fecsM4F/GTvjrUxV1nLD4SRQ06GtBmGQGDzIn3Nm1URd6gGT9W3486XJsqmGzjuHa5o4WhmBgh/Gs8xUcv7kWD5enrYacBr+HKVJWnnLFp+XfAYaMCT6j/4jc4D9/9hijRbhboICTDxWCWtFgz7QpsO6BQpi/wkR4Ql61vPc= michael@neptune''
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQr9lluvuGk3qU1bE7HrrZcE36x5hhD5Dat+E4My55aoh+Df/JeuWMPvzS4zLKMsIIZCUX6kbjvTtvWe7gPLflhDOUGI947MK9B01pojDn0LBugz57Ai9fPlG5+AlMWaxWitmP8JB637oxBpqesqxHdiEKW25u9t2qOvjX3kCdcoSYDlW72Xm8ZI9+qKcAlGLnFhiQxM18rjHcZYdn9ZyWRRSC1ocuTqnbh5lsYoMhD+4QWo5LmwMVjr5uix0i+ktqKzENaiDgA/MQIWQrHqUavfjvMRyyQO7bScVTe/PllKFpLOBym2SLC5hD7vG69BBo0dQUto8tAbIgI9Tmv1dx michael@venus'' ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQr9lluvuGk3qU1bE7HrrZcE36x5hhD5Dat+E4My55aoh+Df/JeuWMPvzS4zLKMsIIZCUX6kbjvTtvWe7gPLflhDOUGI947MK9B01pojDn0LBugz57Ai9fPlG5+AlMWaxWitmP8JB637oxBpqesqxHdiEKW25u9t2qOvjX3kCdcoSYDlW72Xm8ZI9+qKcAlGLnFhiQxM18rjHcZYdn9ZyWRRSC1ocuTqnbh5lsYoMhD+4QWo5LmwMVjr5uix0i+ktqKzENaiDgA/MQIWQrHqUavfjvMRyyQO7bScVTe/PllKFpLOBym2SLC5hD7vG69BBo0dQUto8tAbIgI9Tmv1dx michael@venus''
@ -56,35 +61,33 @@
swapDevices = [ swapDevices = [
{ {
device = "/var/lib/swapfile"; device = "/var/lib/swapfile";
size = 4*1024; size = 4 * 1024;
} }
]; ];
# Services # Services
services.caddy = { services.caddy = {
enable = true; enable = true;
package = package = let
let caddyWithPlugins = builtins.fetchurl {
caddyWithPlugins = builtins.fetchurl { url = "https://raw.githubusercontent.com/jpds/nixpkgs/a33b02fa9d664f31dadc8a874eb1a5dbaa9f4ecf/pkgs/servers/caddy/default.nix";
url = "https://raw.githubusercontent.com/jpds/nixpkgs/a33b02fa9d664f31dadc8a874eb1a5dbaa9f4ecf/pkgs/servers/caddy/default.nix"; sha256 = "sha256:1x1g6qyhmclz2jyc5nmfjsri3xx4pw5rd15n2xjkxlgdcvywcv5f";
sha256 = "sha256:1x1g6qyhmclz2jyc5nmfjsri3xx4pw5rd15n2xjkxlgdcvywcv5f"; };
}; in (pkgs.callPackage "${caddyWithPlugins}" {
in externalPlugins = [
(pkgs.callPackage "${caddyWithPlugins}" { {
externalPlugins = [ name = "greenpau/caddy-security";
{ repo = "github.com/greenpau/caddy-security";
name = "greenpau/caddy-security"; version = "v1.1.23";
repo = "github.com/greenpau/caddy-security"; }
version = "v1.1.23"; ];
} vendorHash = "sha256-rGNyeHZZBxVM8GMUQMV/JzkK9S/l8tefaQde/d4x9LA=";
]; });
vendorHash = "sha256-rGNyeHZZBxVM8GMUQMV/JzkK9S/l8tefaQde/d4x9LA=";
});
globalConfig = '' globalConfig = ''
email michaelhthomas@outlook.com email michaelhthomas@outlook.com
''; '';
virtualHosts = { virtualHosts = {
"s.michaelt.xyx".extraConfig = '' "s.michaelt.xyz".extraConfig = ''
respond "Coming soon!" respond "Coming soon!"
''; '';
"auth.s.michaelt.xyz".extraConfig = '' "auth.s.michaelt.xyz".extraConfig = ''
@ -98,7 +101,7 @@
''; '';
}; };
}; };
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [80 443];
services.uptime-kuma = { services.uptime-kuma = {
enable = true; enable = true;