Zuckerberg
2ed58e1ec5
- Update nixpkgs (Feb 27), home-manager, microvm, nix-index-database, claude-code-nix, dailybot - Remove navidrome service, nginx proxy, dashy entry, and gatus monitor - Add noto-fonts-subset patch for libreoffice/collabora (noto-fonts 2026.02.01 switched from variable to static font filenames) - Add incus-lts writableTmpDirAsHomeHook overlay for sandbox HOME fix - Add samba4Full overlay to disable CephFS (ceph pinned to python3.11)
114 lines
2.5 KiB
Nix
114 lines
2.5 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
];
|
|
|
|
# system.autoUpgrade.enable = true;
|
|
|
|
# p2p mesh network
|
|
services.tailscale.exitNode = true;
|
|
|
|
services.iperf3.enable = true;
|
|
|
|
# email server
|
|
mailserver.enable = true;
|
|
|
|
# nextcloud
|
|
services.nextcloud.enable = true;
|
|
|
|
# git
|
|
services.gitea = {
|
|
enable = true;
|
|
hostname = "git.neet.dev";
|
|
};
|
|
|
|
# IRC
|
|
services.thelounge = {
|
|
enable = true;
|
|
port = 9000;
|
|
fileUploadBaseUrl = "https://files.neet.cloud/irc/";
|
|
host = "irc.neet.dev";
|
|
fileHost = {
|
|
host = "files.neet.cloud";
|
|
path = "/irc";
|
|
};
|
|
};
|
|
|
|
# mumble
|
|
services.murmur = {
|
|
enable = true;
|
|
port = 23563;
|
|
domain = "voice.neet.space";
|
|
};
|
|
|
|
# IRC bot
|
|
services.drastikbot = {
|
|
enable = true;
|
|
wolframAppIdFile = "/run/agenix/wolframalpha";
|
|
};
|
|
age.secrets.wolframalpha = {
|
|
file = ../../secrets/wolframalpha.age;
|
|
owner = config.services.drastikbot.user;
|
|
};
|
|
backup.group."dailybot".paths = [
|
|
config.services.drastikbot.dataDir
|
|
];
|
|
|
|
# matrix home server
|
|
services.matrix = {
|
|
enable = true;
|
|
host = "neet.space";
|
|
enable_registration = false;
|
|
element-web = {
|
|
enable = true;
|
|
host = "chat.neet.space";
|
|
};
|
|
jitsi-meet = {
|
|
enable = false; # disabled until vulnerable libolm dependency is removed/fixed
|
|
host = "meet.neet.space";
|
|
};
|
|
turn = {
|
|
host = "turn.neet.space";
|
|
secret = "a8369a0e96922abf72494bb888c85831b";
|
|
};
|
|
};
|
|
# pin postgresql for matrix (will need to migrate eventually)
|
|
services.postgresql.package = pkgs.postgresql_15;
|
|
|
|
# proxied web services
|
|
services.nginx.enable = true;
|
|
# TODO replace with a proper file hosting service
|
|
services.nginx.virtualHosts."tmp.neet.dev" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
root = "/var/www/tmp";
|
|
};
|
|
|
|
# redirect neet.cloud to nextcloud instance on runyan.org
|
|
services.nginx.virtualHosts."neet.cloud" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
extraConfig = ''
|
|
return 302 https://runyan.org$request_uri;
|
|
'';
|
|
};
|
|
|
|
# owncast live streaming
|
|
services.owncast.enable = true;
|
|
services.owncast.hostname = "live.neet.dev";
|
|
|
|
# librechat
|
|
services.librechat-container.enable = true;
|
|
services.librechat-container.host = "chat.neet.dev";
|
|
|
|
# push notifications
|
|
services.ntfy-sh.enable = true;
|
|
services.ntfy-sh.hostname = "ntfy.neet.dev";
|
|
|
|
# uptime monitoring
|
|
services.gatus.enable = true;
|
|
services.gatus.hostname = "status.neet.dev";
|
|
}
|