quasar/configuration.nix

# vim: tabstop=2 shiftwidth=2 expandtab
let
  base-domain = "005540.xyz";
in
{ lib, ... }: {
  imports = [
    ./hardware-configuration.nix
    ./audit.nix

    ./openssh.nix
    ./tailscale.nix

    ./firewall.nix
    ./fail2ban.nix

    ./borgbackup.nix

    # disabled since scanner only supports non-encrypted stuff
    #./ftp.nix
    #./samba.nix

    (import ./acme.nix { inherit base-domain; })
    (import ./nginx.nix { inherit base-domain; })
    ./postgresql.nix

    (import ./sourcehut.nix { inherit base-domain; })

    (import ./paperless.nix { inherit base-domain lib; })

    ./userprogs.nix
  ];

  environment.sessionVariables = {
    TERM = "xterm-256color";
  };

  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;
  networking.hostName = "quasar";
  networking.domain = "";
  nix.allowedUsers = [ "@wheel" "root" ];
  system.stateVersion = "23.11";
}
feat(neovim): enable modeline support to be able to modify per-file settings 2024-08-22 09:50:54 +00:00			`# vim: tabstop=2 shiftwidth=2 expandtab`
chore: make sourcehut take the base-domain as an argument 2024-08-22 16:53:07 +00:00			`let`
			`base-domain = "005540.xyz";`
			`in`
fix(paperless): use the new consume path for samba share 2024-08-30 11:08:38 +02:00			`{ lib, ... }: {`
initial commit 2024-08-22 09:37:38 +00:00			`imports = [`
			`./hardware-configuration.nix`
security: enable audit logging of program launch 2024-08-30 14:20:29 +02:00			`./audit.nix`

chore: reorganize some configs to be in the proper place 2024-08-29 15:26:31 +02:00			`./openssh.nix`
feat(tailscale): setup tailscale 2024-08-30 14:01:57 +02:00			`./tailscale.nix`
security: enable audit logging of program launch 2024-08-30 14:20:29 +02:00
chore: split firewall config into separate files 2024-08-22 16:38:49 +00:00			`./firewall.nix`
feat(security): fail2ban setup 2024-08-27 15:36:49 +02:00			`./fail2ban.nix`
security: enable audit logging of program launch 2024-08-30 14:20:29 +02:00
feat(backup): backup server to borgbase daily 2024-08-24 16:26:18 +00:00			`./borgbackup.nix`
docspell testing 2024-08-23 08:28:25 +00:00
security: disable ftp & samba service scanner only suports plaintext communication 2024-08-30 14:32:49 +02:00			`# disabled since scanner only supports non-encrypted stuff`
			`#./ftp.nix`
			`#./samba.nix`
feat(paperless): install ftp for scan-to-network 2024-08-27 12:15:04 +02:00
chore: make sourcehut take the base-domain as an argument 2024-08-22 16:53:07 +00:00			`(import ./acme.nix { inherit base-domain; })`
chore: move nginx configuration to own file 2024-08-22 16:55:59 +00:00			`(import ./nginx.nix { inherit base-domain; })`
chore: move postgresql config to own file 2024-08-22 16:57:30 +00:00			`./postgresql.nix`
docspell testing 2024-08-23 08:28:25 +00:00
			`(import ./sourcehut.nix { inherit base-domain; })`
feat(paperless): install paperless 2024-08-25 19:12:37 +02:00
fix(paperless): use the new consume path for samba share 2024-08-30 11:08:38 +02:00			`(import ./paperless.nix { inherit base-domain lib; })`
docspell testing 2024-08-23 08:28:25 +00:00
chore: split user progs into own file 2024-08-22 16:40:51 +00:00			`./userprogs.nix`
initial commit 2024-08-22 09:37:38 +00:00			`];`

fix terminal is not setup correctly error 2024-08-23 08:49:55 +00:00			`environment.sessionVariables = {`
			`TERM = "xterm-256color";`
			`};`

initial commit 2024-08-22 09:37:38 +00:00			`boot.tmp.cleanOnBoot = true;`
			`zramSwap.enable = true;`
			`networking.hostName = "quasar";`
			`networking.domain = "";`
security: only allow root and @wheel to access nix 2024-08-30 14:16:59 +02:00			`nix.allowedUsers = [ "@wheel" "root" ];`
initial commit 2024-08-22 09:37:38 +00:00			`system.stateVersion = "23.11";`
			`}`