2024-08-09 20:12:31 +02:00
|
|
|
{
|
|
|
|
|
pkgs,
|
|
|
|
|
lib,
|
|
|
|
|
modulesPath,
|
|
|
|
|
...
|
|
|
|
|
}:
|
|
|
|
|
{
|
|
|
|
|
imports = [ "${modulesPath}/virtualisation/qemu-vm.nix" ];
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
hostName = "archtika";
|
|
|
|
|
firewall.enable = false;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nix.settings.experimental-features = [ "nix-command flakes" ];
|
|
|
|
|
|
|
|
|
|
users.users.dev = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = [ "wheel" ];
|
|
|
|
|
password = "dev";
|
|
|
|
|
};
|
|
|
|
|
|
2025-01-03 15:58:12 +01:00
|
|
|
systemd.tmpfiles.settings = {
|
|
|
|
|
"10-archtika" = {
|
|
|
|
|
"/var/www/archtika-websites" = {
|
|
|
|
|
d = {
|
|
|
|
|
mode = "0777";
|
|
|
|
|
user = "root";
|
|
|
|
|
group = "root";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-08-09 20:12:31 +02:00
|
|
|
|
|
|
|
|
virtualisation = {
|
2025-01-03 15:58:12 +01:00
|
|
|
msize = 65536;
|
2024-08-09 20:12:31 +02:00
|
|
|
graphics = false;
|
2024-10-03 18:51:30 +02:00
|
|
|
memorySize = 2048;
|
|
|
|
|
cores = 2;
|
2024-10-04 17:09:51 +02:00
|
|
|
diskSize = 10240;
|
2024-08-09 20:12:31 +02:00
|
|
|
sharedDirectories = {
|
|
|
|
|
websites = {
|
|
|
|
|
source = "/var/www/archtika-websites";
|
|
|
|
|
target = "/var/www/archtika-websites";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
# Alternatively a bridge network for QEMU could be setup, but requires much more effort
|
|
|
|
|
forwardPorts = [
|
|
|
|
|
{
|
|
|
|
|
from = "host";
|
|
|
|
|
host.port = 15432;
|
|
|
|
|
guest.port = 5432;
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
from = "host";
|
2024-08-14 19:33:41 +02:00
|
|
|
host.port = 18000;
|
|
|
|
|
guest.port = 1800;
|
2024-08-09 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services = {
|
|
|
|
|
postgresql = {
|
|
|
|
|
enable = true;
|
|
|
|
|
ensureDatabases = [ "archtika" ];
|
|
|
|
|
authentication = lib.mkForce ''
|
|
|
|
|
local all all trust
|
|
|
|
|
host all all all trust
|
|
|
|
|
'';
|
|
|
|
|
enableTCPIP = true;
|
2025-01-03 15:58:12 +01:00
|
|
|
extensions = ps: with ps; [ pgjwt ];
|
2024-08-09 20:12:31 +02:00
|
|
|
};
|
|
|
|
|
nginx = {
|
|
|
|
|
enable = true;
|
2024-10-03 18:51:30 +02:00
|
|
|
recommendedProxySettings = true;
|
|
|
|
|
recommendedTlsSettings = true;
|
|
|
|
|
recommendedZstdSettings = true;
|
|
|
|
|
recommendedOptimisation = true;
|
|
|
|
|
|
2024-08-09 20:12:31 +02:00
|
|
|
virtualHosts."_" = {
|
|
|
|
|
listen = [
|
|
|
|
|
{
|
|
|
|
|
addr = "0.0.0.0";
|
2024-08-14 19:33:41 +02:00
|
|
|
port = 1800;
|
2024-08-09 20:12:31 +02:00
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
locations = {
|
2024-10-03 18:51:30 +02:00
|
|
|
"/previews/" = {
|
|
|
|
|
alias = "/var/www/archtika-websites/previews/";
|
|
|
|
|
index = "index.html";
|
|
|
|
|
tryFiles = "$uri $uri/ $uri.html =404";
|
|
|
|
|
};
|
2024-08-09 20:12:31 +02:00
|
|
|
"/" = {
|
2024-09-15 17:54:54 +02:00
|
|
|
root = "/var/www/archtika-websites";
|
2024-08-09 20:12:31 +02:00
|
|
|
index = "index.html";
|
2024-09-15 17:54:54 +02:00
|
|
|
tryFiles = "$uri $uri/ $uri.html =404";
|
2024-08-09 20:12:31 +02:00
|
|
|
};
|
|
|
|
|
};
|
2024-11-19 18:49:40 +01:00
|
|
|
extraConfig = ''
|
|
|
|
|
port_in_redirect off;
|
|
|
|
|
absolute_redirect off;
|
|
|
|
|
'';
|
2024-08-09 20:12:31 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2024-10-30 21:33:44 +01:00
|
|
|
systemd.services.postgresql = {
|
|
|
|
|
path = with pkgs; [
|
|
|
|
|
gnutar
|
|
|
|
|
gzip
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2024-09-01 18:25:32 +02:00
|
|
|
services.getty.autologinUser = "dev";
|
|
|
|
|
|
2024-08-09 20:12:31 +02:00
|
|
|
system.stateVersion = "24.05";
|
|
|
|
|
}
|
