phundrak/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(hosts): add NaroMk3 to the existing hosts

Browse Source
This commit is contained in:
Lucien Cartier-Tilet
2025-12-06 16:35:30 +01:00
parent 473a6f5b75
commit 9071957b4c
14 changed files with 320 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
system/services/default.nix
View File

@@ -9,5 +9,6 @@
./printing.nix
./ssh.nix
./sunshine.nix
./traefik.nix
];
}

5
system/services/ssh.nix
View File

@@ -18,9 +18,14 @@ in {
example = true;
default = false;
};
port = mkOption {
type = types.int;
default = 22;
};
};
config.services.openssh = mkIf cfg.enable {
inherit (cfg) enable;
ports = [cfg.port];
settings = {
AllowUsers = cfg.allowedUsers;
PermitRootLogin = "no";

60
system/services/traefik.nix Normal file
View File

@@ -0,0 +1,60 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.mySystem.services.traefik;
in {
options.mySystem.services.traefik = {
enable = mkEnableOption "Enable Traefik";
dataDir = mkOption {
type = types.path;
default = "/tank/traefik";
};
email = mkOption {
type = types.str;
default = "";
};
};
config.services.traefik = {
inherit (cfg) enable;
dynamicConfigFile = "${cfg.dataDir}/dynamic_config.toml";
staticConfigOptions = {
api.dashboard = true;
log = {
level = "INFO";
filePath = "${cfg.dataDir}/traefik.log";
format = "json";
};
accessLog.filePath = "${cfg.dataDir}/access.log";
entryPoints = {
http = {
address = ":80";
asDefault = true;
http.redirections.entrypoint = {
to = "https";
scheme = "https";
};
};
https = {
address = ":443";
asDefault = true;
httpChallenge.entryPoint = "https";
};
};
providers.docker = {
endpoint = "unix:///var/run/docker.sock";
exposedByDefault = false;
};
certificatesResolvers.cloudflare.acme = {
inherit (cfg) email;
storage = "${cfg.dataDir}/acme.json";
dnsChallenge = {
provider = "cloudflare";
resolvers = ["1.1.1.1:53" "1.0.0.1:53"];
};
};
};
};
}