1 files changed, 96 insertions, 0 deletions
diff --git a/host/Rory-ovh/configuration.nix b/host/Rory-ovh/configuration.nix
new file mode 100755
index 0000000..ec2dc13
--- /dev/null
+++ b/host/Rory-ovh/configuration.nix
@@ -0,0 +1,96 @@
+{
+ pkgs,
+ lib,
+ nixpkgs-master,
+ matrix-synapse-unwrapped-patched,
+ draupnir,
+ spacebar,
+ ...
+}:
+
+{
+ imports = [
+ ../../modules/base-server.nix
+
+ ./services/nginx/nginx.nix
+ ./services/postgres.nix
+ ./vm.nix
+ ];
+ boot.loader.grub.devices = lib.mkForce [ "nodev" ];
+
+ networking = {
+ hostName = "Rory-ovh";
+ nat = {
+ enable = true;
+ internalInterfaces = [
+ "ve-+"
+ "vb-+"
+ ];
+ externalInterface = "enp98s0f0";
+ enableIPv6 = false;
+ };
+ enableIPv6 = lib.mkForce false;
+ nameservers = lib.mkForce [ "1.1.1.1" ];
+ firewall.enable = lib.mkForce true;
+ resolvconf.enable = false;
+ defaultGateway = lib.mkForce null;
+ defaultGateway6 = lib.mkForce null;
+ firewall.allowedTCPPorts = [
+ 25565
+ ];
+ };
+
+ systemd.network = {
+ enable = true;
+ networks.enp98s0f0 = {
+ name = "enp98s0f0";
+ DHCP = "no";
+ #gateway = [ "51.210.113.254" ];
+ routes = [
+ {
+ Gateway = "51.210.113.254";
+ GatewayOnLink = true;
+ }
+ ];
+ address = [ "51.210.113.110/32" ];
+ };
+ };
+
+ nixpkgs.config.permittedInsecurePackages = [
+ "olm-3.2.16"
+ "dotnet-runtime-wrapped-7.0.20"
+ "dotnet-runtime-7.0.20"
+ "dotnet-sdk-7.0.20"
+ ];
+ services.irqbalance.enable = true;
+
+ environment.memoryAllocator.provider = "jemalloc";
+
+ networking.firewall.interfaces."ve-spacebar".allowedTCPPorts = [ 5432 ];
+ containers."spacebar" = import ./services/containers/spacebar/container.nix {
+ inherit
+ pkgs
+ lib
+ spacebar
+ ;
+ };
+
+ # prevent a hang on rebuild with forgotten shells...
+ systemd.services."container@spacebar" = {
+ # dependency on postgres for good measure...
+ after = [ "postgresql.service" ];
+ wants = [ "postgresql.service" ];
+ # preStop = ''
+ # for pid in $(pgrep -f "nixos-container root-login spacebar"); do
+ # echo "Killing shell with PID $pid"
+ # kill -9 "$pid"
+ # done
+ # '';
+ };
+
+ system.stateVersion = "22.11"; # DO NOT EDIT!
+
+ environment.systemPackages = with pkgs; [ waypipe ];
+
+ nix.nrBuildUsers = 128;
+}
|
