196 lines
4.3 KiB
Nix
196 lines
4.3 KiB
Nix
{ modulesPath, pkgs, lib, ... }:
|
|
{
|
|
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
|
|
|
networking.hostName = "lunasa";
|
|
zramSwap.enable = true;
|
|
services.openssh.enable = true;
|
|
boot.tmp.cleanOnBoot = true;
|
|
boot.loader.grub.device = "/dev/sda";
|
|
boot.initrd.availableKernelModules = [
|
|
"ata_piix"
|
|
"uhci_hcd"
|
|
"xen_blkfront"
|
|
"vmw_pvscsi"
|
|
];
|
|
boot.initrd.kernelModules = [ "nvme" ];
|
|
fileSystems."/" = {
|
|
device = "/dev/sda1";
|
|
fsType = "ext4";
|
|
};
|
|
|
|
nix = {
|
|
package = pkgs.nixVersions.nix_2_22;
|
|
|
|
settings = {
|
|
auto-optimise-store = lib.mkDefault true;
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
"ca-derivations"
|
|
];
|
|
};
|
|
};
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKoDv47WF/WGsIn47xdmkNeScQSF3yTzLhaZoR+kFUJy''
|
|
];
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
1935 # the RTMP port for OwnCast
|
|
6667 # irc plaintext
|
|
];
|
|
|
|
services.owncast = {
|
|
enable = true;
|
|
port = 8001;
|
|
};
|
|
|
|
services.ergochat = {
|
|
enable = true;
|
|
settings = {
|
|
accounts = {
|
|
authentication-enabled = true;
|
|
multiclient = {
|
|
allowed-by-default = true;
|
|
always-on = "opt-out";
|
|
auto-away = "opt-out";
|
|
enabled = true;
|
|
};
|
|
registration = {
|
|
allow-before-connect = true;
|
|
bcrypt-cost = 4;
|
|
email-verification = {
|
|
enabled = false;
|
|
};
|
|
enabled = true;
|
|
throttling = {
|
|
duration = "10m";
|
|
enabled = true;
|
|
max-attempts = 30;
|
|
};
|
|
};
|
|
};
|
|
channels = {
|
|
default-modes = "+ntC";
|
|
registration = {
|
|
enabled = true;
|
|
};
|
|
};
|
|
datastore = {
|
|
autoupgrade = true;
|
|
path = "/var/lib/ergo/ircd.db";
|
|
};
|
|
history = {
|
|
autoreplay-on-join = 0;
|
|
autoresize-window = "3d";
|
|
channel-length = 2048;
|
|
chathistory-maxmessages = 100;
|
|
client-length = 256;
|
|
enabled = true;
|
|
restrictions = {
|
|
expire-time = "1w";
|
|
grace-period = "1h";
|
|
query-cutoff = "none";
|
|
};
|
|
retention = {
|
|
allow-individual-delete = false;
|
|
enable-account-indexing = false;
|
|
};
|
|
tagmsg-storage = {
|
|
default = false;
|
|
whitelist = [
|
|
"+draft/react"
|
|
"+react"
|
|
];
|
|
};
|
|
znc-maxmessages = 2048;
|
|
};
|
|
limits = {
|
|
awaylen = 390;
|
|
channellen = 64;
|
|
identlen = 20;
|
|
kicklen = 390;
|
|
nicklen = 32;
|
|
topiclen = 390;
|
|
};
|
|
network = {
|
|
name = "testnetwork";
|
|
};
|
|
server = {
|
|
casemapping = "permissive";
|
|
check-ident = false;
|
|
enforce-utf = true;
|
|
forward-confirm-hostnames = false;
|
|
ip-cloaking = {
|
|
enabled = false;
|
|
};
|
|
ip-limits = {
|
|
count = false;
|
|
throttle = false;
|
|
};
|
|
listeners = {
|
|
":6667" = { };
|
|
};
|
|
lookup-hostnames = false;
|
|
max-sendq = "1M";
|
|
name = "example.com";
|
|
relaymsg = {
|
|
enabled = false;
|
|
};
|
|
};
|
|
oper-classes = {
|
|
"chat-moderator" = {
|
|
title = "Chat Moderator";
|
|
capabilities = [
|
|
"kill"
|
|
"ban"
|
|
"nofakelag"
|
|
"relaymsg"
|
|
"vhosts"
|
|
"sajoin"
|
|
"samode"
|
|
"snomasks"
|
|
"roleplay"
|
|
];
|
|
};
|
|
"server-admin" = {
|
|
title = "Server Admin";
|
|
extends = "chat-moderator";
|
|
capabilities = [
|
|
"rehash"
|
|
"accreg"
|
|
"chanreg"
|
|
"history"
|
|
"defcon"
|
|
"massmessage"
|
|
];
|
|
};
|
|
};
|
|
opers = {
|
|
admin = {
|
|
class = "server-admin";
|
|
password = "$2a$04$uSnmJ2i4AVYR.z/kpCirsuNQGpFLUzsmIogK6qvc9mvf8UMDKjTPG";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
services.caddy = {
|
|
enable = true;
|
|
email = "shadows@with.al";
|
|
|
|
virtualHosts = {
|
|
"lina.cool" = {
|
|
extraConfig = ''
|
|
encode gzip
|
|
reverse_proxy 127.0.0.1:8001
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
system.stateVersion = "23.11";
|
|
}
|