diff --git a/common/default.nix b/common/default.nix index 927d8d9..0fb708b 100644 --- a/common/default.nix +++ b/common/default.nix @@ -5,14 +5,17 @@ pkgs, ... }: { + imports = [./syncthing.nix]; #nixpkgs.config.permittedInsecurePackages = ["electron-25.9.0" "electron-24.8.6"]; - networking.hosts = { - "192.168.178.35" = ["jellyfin.fritz.box" "grafana.fritz.box"]; - }; - environment.systemPackages = with pkgs; [ - xdg-desktop-portal-hyprland - xdg-desktop-portal - ]; + # networking.hosts = { + # "192.168.178.35" = ["jellyfin.fritz.box" "grafana.fritz.box"]; + # }; + # environment.systemPackages = with pkgs; [ + # xdg-desktop-portal-hyprland + # xdg-desktop-portal + # ]; + networking.firewall.allowedTCPPorts = [8384 22000]; + networking.firewall.allowedUDPPorts = [22000 21027]; nix.settings = { trusted-users = ["xqtc"]; substituters = [ diff --git a/common/syncthing.nix b/common/syncthing.nix new file mode 100644 index 0000000..c44cfc0 --- /dev/null +++ b/common/syncthing.nix @@ -0,0 +1,19 @@ +{ + config, + lib, + inputs, + ... +}: { + services.syncthing = { + enable = true; + user = "xqtc"; + dataDir = "/home/xqtc/syncthing"; + configDir = "${config.services.syncthing.dataDir}/.config/syncthing"; + settings = { + gui = { + user = "xqtc"; + # insecureSkipHostcheck = true; + }; + }; + }; +} diff --git a/home/modules/nixvim.nix b/home/modules/nixvim.nix index 43630cc..f6c9e73 100644 --- a/home/modules/nixvim.nix +++ b/home/modules/nixvim.nix @@ -43,7 +43,7 @@ pylsp.enable = true; bashls.enable = true; lua-ls.enable = true; - gopls.enable = true; + gopls.enable = true; nushell.enable = true; clangd.enable = true; svelte.enable = true; diff --git a/home/modules/shell.nix b/home/modules/shell.nix index 47317d1..5adf0b8 100644 --- a/home/modules/shell.nix +++ b/home/modules/shell.nix @@ -16,7 +16,7 @@ shellAliases = {ls = "eza -l --icons --header --git --group-directories-first";}; extraConfig = "maxfetch"; configFile = { - text = builtins.readFile ../config-files/config.nu; + text = builtins.readFile ../config-files/config.nu; }; }; carapace.enable = true; diff --git a/hosts/x86_64-linux/beleth/calibre-web.nix b/hosts/x86_64-linux/beleth/calibre-web.nix index 9b10a28..812e81e 100644 --- a/hosts/x86_64-linux/beleth/calibre-web.nix +++ b/hosts/x86_64-linux/beleth/calibre-web.nix @@ -1,5 +1,8 @@ -{config, lib, ...}: { + config, + lib, + ... +}: { services.calibre-web = { enable = true; options = { diff --git a/hosts/x86_64-linux/beleth/default.nix b/hosts/x86_64-linux/beleth/default.nix index 4f1298c..35dac51 100644 --- a/hosts/x86_64-linux/beleth/default.nix +++ b/hosts/x86_64-linux/beleth/default.nix @@ -14,32 +14,40 @@ with lib; { ./transmission.nix ./lanrarari.nix ../../gc.nix + ../../../common ]; services.caddy = { enable = true; email = "xqtc@tutanota.com"; configFile = pkgs.writeText "Caddyfile" '' - heroin.trade { - root * /var/www/website/build/ - file_server - } - demos.heroin.trade { - root * /var/www/demos/ - file_server browse - } - jellyfin.heroin.trade { - reverse_proxy http://127.0.0.1:8096 - } - calibre.heroin.trade { - reverse_proxy http://localhost:3000 - } - grafana.heroin.trade { - reverse_proxy http://127.0.0.1:2342 + heroin.trade { + root * /var/www/website/build/ + file_server + } + syncthing.heroin.trade { + reverse_proxy http://localhost:8384 { + header_up Some-Header "localhost" } + } + demos.heroin.trade { + root * /var/www/demos/ + file_server browse + } + jellyfin.heroin.trade { + reverse_proxy http://127.0.0.1:8096 + } + calibre.heroin.trade { + reverse_proxy http://localhost:3000 + } + grafana.heroin.trade { + reverse_proxy http://127.0.0.1:2342 + } ''; }; + services.syncthing.settings.gui.insecureSkipHostcheck = true; + nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings = { @@ -69,6 +77,7 @@ with lib; { ]; openssh.authorizedKeys.keys = [ # TODO: Add remaining keys from https://meta.sr.ht/~xqrc.keys + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTLJqIVwnqFO64rnc66d234TFOdFXpDS9fJUA4/f4in xqtc@alastor" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7UkcmSVo+SeB5Obevz3mf3UHruYxn0UHUzoOs2gDBy xqtc@asmodeus" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPf3w5bHAssHthg9SPXVpG4w9v8m16X/0J3bjg08P6EA xqtc@seraphim" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYa+LoHGGvu12iBufUcr3GD8tsq4LuJdwLjaDkTr0SL xqtc@lilith" diff --git a/hosts/x86_64-linux/beleth/lanrarari.nix b/hosts/x86_64-linux/beleth/lanrarari.nix index f412c5a..b19b1b6 100644 --- a/hosts/x86_64-linux/beleth/lanrarari.nix +++ b/hosts/x86_64-linux/beleth/lanrarari.nix @@ -1,4 +1,8 @@ -{config, pkgs, lib, ...}: { + config, + pkgs, + lib, + ... +}: { services.lanraragi.enable = true; } diff --git a/hosts/x86_64-linux/beleth/transmission.nix b/hosts/x86_64-linux/beleth/transmission.nix index 212cf79..34f4c24 100644 --- a/hosts/x86_64-linux/beleth/transmission.nix +++ b/hosts/x86_64-linux/beleth/transmission.nix @@ -1,5 +1,8 @@ -{config, lib, ...}: { + config, + lib, + ... +}: { services.transmission = { enable = true; }; diff --git a/hosts/x86_64-linux/lilith/default.nix b/hosts/x86_64-linux/lilith/default.nix index 366d254..82ebc31 100644 --- a/hosts/x86_64-linux/lilith/default.nix +++ b/hosts/x86_64-linux/lilith/default.nix @@ -200,7 +200,7 @@ # Open ports in the firewall. networking.firewall.allowedTCPPorts = [22 2234 8080 5173]; - networking.firewall.allowedUDPPorts = [ 2234 ]; + networking.firewall.allowedUDPPorts = [2234]; # Or disable the firewall altogether. # networking.firewall.enable = false;