dhimas/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

temp

Browse Source
This commit is contained in:
Hadi 2024-06-18 11:26:35 +02:00 committed by GitHub
parent cb4a8f024f
commit 40648d4041
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/modules/server/adguard.nix
View File

@ -1,8 +1,10 @@
# Network-wide ads & trackers blocking DNS server
# Change your router primary DNS server to {this server IP} to make it network wide.
{ {
services.adguardhome ={ services.adguardhome ={
enable = true; enable = true;
host = "0.0.0.0"; host = "0.0.0.0";
port = 3000; port = 3000;
openFirewall = true; openFirewall = true; # Open port 53(dns) & 3000(webui)
}; };
} }

1
hosts/modules/server/cloudflare-dyndns.nix
View File

@ -1,3 +1,4 @@
# CloudFlare Dynamic DNS client
{ {
services.cloudflare-dyndns = { services.cloudflare-dyndns = {
enable = true; enable = true;

2
hosts/modules/server/homepage/default.nix
View File

@ -25,7 +25,7 @@ let
''; '';
in { in {
."startpage/index.html".text = '' # fix "startpage/index.html".text = ''
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">

1
hosts/modules/server/nextcloud.nix
View File

@ -1,3 +1,4 @@
# Nextcloud
{ pkgs, ... }: { pkgs, ... }:
let let
hostname = "cloud.anotherhadi.com"; hostname = "cloud.anotherhadi.com";

1
hosts/modules/server/nginx.nix
View File

@ -1,3 +1,4 @@
# Nginx Reverse Proxy & ACME certs
{config, ...}:{ {config, ...}:{
services.nginx.enable = true; services.nginx.enable = true;
security.acme = { security.acme = {

3
hosts/modules/server/ntfy-sh.nix
View File

@ -1,3 +1,4 @@
# Push Notification Server
# https://mynixos.com/nixpkgs/options/services.ntfy-sh # https://mynixos.com/nixpkgs/options/services.ntfy-sh
let let
hostname = "ntfy.anotherhadi.com"; hostname = "ntfy.anotherhadi.com";
@ -9,7 +10,7 @@ in{
settings = { settings = {
base-url = url; base-url = url;
listen-http = "${port}"; listen-http = "${port}";
# auth-file # auth-file = "/etc/ntfy-sh/authfile"
auth-default-access = "deny-all"; auth-default-access = "deny-all";
behind-proxy = true; behind-proxy = true;
}; };

1
hosts/modules/server/openssh.nix
View File

@ -1,3 +1,4 @@
# SSH server
{ {
services.openssh = { services.openssh = {
enable = true; enable = true;

1
hosts/modules/server/security.nix
View File

@ -1,3 +1,4 @@
# Firewall & fail2ban
{ {
networking.firewall.enable = true; networking.firewall.enable = true;
services.fail2ban = { services.fail2ban = {

3
hosts/modules/server/unifi.nix
View File

@ -1,6 +1,7 @@
# unifi controller service
{ {
services.unifi = { services.unifi = {
enable = true; enable = true;
openFirewall = true; openFirewall = true; # 8443(webui) and other port use by AP
}; };
} }

1
hosts/modules/server/vaultwarden.nix
View File

@ -1,3 +1,4 @@
# Password manager
let let
hostname = "vault.anotherhadi.com"; hostname = "vault.anotherhadi.com";
url = "https://"+hostname; url = "https://"+hostname;