summary refs log tree commit diff
path: root/host/Rory-ovh/configuration.nix
diff options
context:
space:
mode:
Diffstat (limited to 'host/Rory-ovh/configuration.nix')
-rwxr-xr-xhost/Rory-ovh/configuration.nix96
1 files changed, 96 insertions, 0 deletions
diff --git a/host/Rory-ovh/configuration.nix b/host/Rory-ovh/configuration.nix
new file mode 100755

index 0000000..ec2dc13
--- /dev/null
+++ b/host/Rory-ovh/configuration.nix
@@ -0,0 +1,96 @@
+{
+  pkgs,
+  lib,
+  nixpkgs-master,
+  matrix-synapse-unwrapped-patched,
+  draupnir,
+  spacebar,
+  ...
+}:
+
+{
+  imports = [
+    ../../modules/base-server.nix
+
+    ./services/nginx/nginx.nix
+    ./services/postgres.nix
+    ./vm.nix
+  ];
+  boot.loader.grub.devices = lib.mkForce [ "nodev" ];
+
+  networking = {
+    hostName = "Rory-ovh";
+    nat = {
+      enable = true;
+      internalInterfaces = [
+        "ve-+"
+        "vb-+"
+      ];
+      externalInterface = "enp98s0f0";
+      enableIPv6 = false;
+    };
+    enableIPv6 = lib.mkForce false;
+    nameservers = lib.mkForce [ "1.1.1.1" ];
+    firewall.enable = lib.mkForce true;
+    resolvconf.enable = false;
+    defaultGateway = lib.mkForce null;
+    defaultGateway6 = lib.mkForce null;
+    firewall.allowedTCPPorts = [
+      25565
+    ];
+  };
+
+  systemd.network = {
+    enable = true;
+    networks.enp98s0f0 = {
+      name = "enp98s0f0";
+      DHCP = "no";
+      #gateway = [ "51.210.113.254" ];
+      routes = [
+        {
+          Gateway = "51.210.113.254";
+          GatewayOnLink = true;
+        }
+      ];
+      address = [ "51.210.113.110/32" ];
+    };
+  };
+
+  nixpkgs.config.permittedInsecurePackages = [
+    "olm-3.2.16"
+    "dotnet-runtime-wrapped-7.0.20"
+    "dotnet-runtime-7.0.20"
+    "dotnet-sdk-7.0.20"
+  ];
+  services.irqbalance.enable = true;
+
+  environment.memoryAllocator.provider = "jemalloc";
+
+  networking.firewall.interfaces."ve-spacebar".allowedTCPPorts = [ 5432 ];
+  containers."spacebar" = import ./services/containers/spacebar/container.nix {
+    inherit
+      pkgs
+      lib
+      spacebar
+      ;
+  };
+  
+  # prevent a hang on rebuild with forgotten shells...
+  systemd.services."container@spacebar" = {
+    # dependency on postgres for good measure...
+    after = [ "postgresql.service" ];
+    wants = [ "postgresql.service" ];
+    # preStop = ''
+    #   for pid in $(pgrep -f "nixos-container root-login spacebar"); do
+    #     echo "Killing shell with PID $pid"
+    #     kill -9 "$pid"
+    #   done
+    # '';
+  };
+
+  system.stateVersion = "22.11"; # DO NOT EDIT!
+
+  environment.systemPackages = with pkgs; [ waypipe ];
+
+  nix.nrBuildUsers = 128;
+}
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2026-02-05 17:16:41 +0000