diff --git a/configuration.nix b/configuration.nix index 3e90cf6..c3a5924 100644 --- a/configuration.nix +++ b/configuration.nix @@ -56,7 +56,6 @@ in nix.settings.experimental-features = [ "nix-command" "flakes" ]; networking.hostName = "nixos"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Enable networking networking.networkmanager.enable = true; @@ -116,8 +115,6 @@ in users.users.php.group = "php"; users.groups.php = {}; - - # Enable automatic login for the user. services.xserver.displayManager.autoLogin.enable = true; services.xserver.displayManager.autoLogin.user = "free"; @@ -211,7 +208,6 @@ in }; }; - #networking.enableIPv6 = false; ####### CADDY ####### services.caddy = { @@ -294,9 +290,9 @@ in ###### CREATE DATABASE (WORDPRESS, MATRIX_SYNAPSE, AND NEXTCLOUD) ####### services.postgresql = { enable = true; - package = pkgs.postgresql_14; }; + services.postgresql.authentication = lib.mkForce '' # Generated file; do not edit! # TYPE DATABASE USER ADDRESS METHOD @@ -308,9 +304,10 @@ in services.mysql = { enable = true; - package = pkgs.mariadb_1011; + package = pkgs.mariadb; }; + services.postgresql.initialScript = pkgs.writeText "begin-init.sql" '' CREATE ROLE "ncusr" WITH LOGIN PASSWORD '${personalization.age.secrets.nextclouddb.file}'; CREATE DATABASE "nextclouddb" WITH OWNER "ncusr" @@ -336,12 +333,10 @@ in ; - ####### KEEP AWAKE for DISPLAY and HEADLESS ####### services.xserver.displayManager.gdm.autoSuspend = false; - ####### BACKUP TO INTERNAL DRIVE ####### services.rsnapshot = { enable = true; @@ -353,13 +348,12 @@ backup /home/ localhost/ backup /var/lib/ localhost/ backup /etc/nixos/ localhost/ backup /etc/nix-bitcoin-secrets/ localhost/ - ''; + ''; cronIntervals = { daily = "50 21 * * *"; hourly = "0 * * * *"; - }; - }; - + }; + }; ####### CRON ####### @@ -379,11 +373,10 @@ backup /etc/nix-bitcoin-secrets/ localhost/ client.enable = true; torsocks.enable = true; }; + services.privoxy.enableTor = true; - - ####### Enable the OpenSSH daemon ####### services.openssh = { enable = true; @@ -394,6 +387,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/ }; }; + #######FailtoBan####### services.fail2ban = { enable = true; @@ -414,7 +408,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/ { from=49152; to=65535; } # TURN relay ]; - # Or disable the firewall altogether. + networking.firewall.enable = true; @@ -425,6 +419,7 @@ backup /etc/nix-bitcoin-secrets/ localhost/ options = "--delete-older-than 7d"; }; + system.stateVersion = "22.05"; } diff --git a/flake.lock b/flake.lock index e963288..1695383 100644 --- a/flake.lock +++ b/flake.lock @@ -4,14 +4,15 @@ "inputs": { "darwin": [], "home-manager": "home-manager", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "systems": "systems" }, "locked": { - "lastModified": 1703086954, - "narHash": "sha256-zoYY0tb/e7PwlKt/WqYg6KVtRzsRvINugfFXljbsdTY=", + "lastModified": 1703433843, + "narHash": "sha256-nmtA4KqFboWxxoOAA6Y1okHbZh+HsXaMPFkYHsoDRDw=", "owner": "ryantm", "repo": "agenix", - "rev": "6cb7cd66c2bf0b7cca55025281399af6bb0d1f86", + "rev": "417caa847f9383e111d1397039c9d4337d024bf0", "type": "github" }, "original": { @@ -47,7 +48,7 @@ }, "flake-utils": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1701680307, @@ -71,11 +72,11 @@ ] }, "locked": { - "lastModified": 1682203081, - "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=", + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", "owner": "nix-community", "repo": "home-manager", - "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", "type": "github" }, "original": { @@ -108,11 +109,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1677676435, - "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=", + "lastModified": 1703013332, + "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169", + "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "type": "github" }, "original": { @@ -156,11 +157,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1703013332, - "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", + "lastModified": 1703438236, + "narHash": "sha256-aqVBq1u09yFhL7bj1/xyUeJjzr92fXVvQSSEx6AdB1M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", + "rev": "5f64a12a728902226210bf01d25ec6cbb9d9265b", "type": "github" }, "original": { @@ -191,6 +192,21 @@ "repo": "default", "type": "github" } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root",