orbekk.hledger-web.journalFile =
- services.samba = {
- enable = true;
- extraConfig = ''
- guest account = readonly
- map to guest = bad user
- '';
- shares = {
- public = {
- path = "/storage/upload";
- browseable = "yes";
- "read only" = "no";
- "guest ok" = "yes";
- "create mask" = "0666";
- "directory mask" = "0777";
- "force user" = "readonly";
- "force group" = "readonly";
+ services.samba = {
+ enable = true;
+ extraConfig = ''
+ guest account = readonly
+ map to guest = bad user
+ '';
+ shares = {
+ public = {
+ path = "/storage/upload";
+ browseable = "yes";
+ "read only" = "no";
+ "guest ok" = "yes";
+ "create mask" = "0666";
+ "directory mask" = "0777";
+ "force user" = "readonly";
+ "force group" = "readonly";
+ };
- };
- services.transmission = {
- enable = true;
- home = "/storage/upload";
- settings.peer-port = 56732;
- settings.rpc-bind-address = "";
- settings.rpc-whitelist = "172.20.*.*";
- settings.alt-speed-time-enabled = true;
- settings.alt-speed-time-begin = 6 * 60; # 06:00
- settings.alt-speed-time-end = 23 * 60 + 59; # 23:59
- settings.alt-speed-up = 0;
- settings.alt-speed-down = 0;
- };
- = "/var/run/netns/vpn";
- users.users.transmission.extraGroups = ["readonly"];
+ services.transmission = {
+ enable = true;
+ home = "/storage/upload";
+ settings.peer-port = 56732;
+ settings.rpc-bind-address = "";
+ settings.rpc-whitelist = "172.20.*.*";
+ settings.alt-speed-time-enabled = true;
+ settings.alt-speed-time-begin = 6 * 60; # 06:00
+ settings.alt-speed-time-end = 23 * 60 + 59; # 23:59
+ settings.alt-speed-up = 0;
+ settings.alt-speed-down = 0;
+ };
+ = "/var/run/netns/vpn";
+ users.users.transmission.extraGroups = ["readonly"];
- boot = {
- kernelParams = [ "console=tty0" ''console="ttyS0,115200n8"'' ];
+ boot = {
+ kernelParams = [ "console=tty0" ''console="ttyS0,115200n8"'' ];
- loader.grub.extraConfig = ''
- GRUB_TERMINAL="serial"
- GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
- serial --speed 115200 --unit=0
- terminal_input serial
- terminal_output serial
- '';
- loader.grub.enable = true;
- loader.grub.device = "/dev/disk/by-id/usb-Kingston_DataTraveler_2.0_5B751B9A49E4-0:0";
- };
+ loader.grub.extraConfig = ''
+ GRUB_TERMINAL="serial"
+ GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
+ serial --speed 115200 --unit=0
+ terminal_input serial
+ terminal_output serial
+ '';
+ loader.grub.enable = true;
+ loader.grub.device = "/dev/disk/by-id/usb-Kingston_DataTraveler_2.0_5B751B9A49E4-0:0";
+ };
- networking = { hostName = lib.mkForce "dragon"; };
- networking.firewall.enable = false;
- networking.interfaces.router-vport.useDHCP = true;
- networking.interfaces.wg-vpn-vport = {
- useDHCP = true;
- ipv6.addresses = [{address = "2001:470:8e2e:1000::d"; prefixLength = 127; }];
- ipv6.routes = [
- {address = "${vpnPrefix}::"; prefixLength = 64; via = "${vpnPrefix}::c"; }
- ];
- };
- networking.resolvconf.useLocalResolver = false;
- networking.dhcpcd.enable = true;
- networking.dhcpcd.extraConfig = ''
- clientid dragon
- '';
+ networking = { hostName = lib.mkForce "dragon"; };
+ networking.firewall.enable = false;
+ networking.interfaces.router-vport = {
+ useDHCP = true;
+ ipv4.addresses = [{address = ""; prefixLength = 24;}];
+ };
+ networking.interfaces.wg-vpn-vport = {
+ useDHCP = true;
+ ipv6.addresses = [{address = "2001:470:8e2e:1000::d"; prefixLength = 127; }];
+ ipv6.routes = [
+ {address = "${vpnPrefix}::"; prefixLength = 64; via = "${vpnPrefix}::c"; }
+ ];
+ };
+ networking.resolvconf.useLocalResolver = false;
+ networking.dhcpcd.enable = true;
+ networking.dhcpcd.extraConfig = ''
+ clientid dragon
+ '';
- # Required to enable password authentication for one user.
- = lib.mkForce true;
- services.openssh = {
- enable = lib.mkDefault true;
- settings.PasswordAuthentication = false;
- extraConfig = ''
- Match User readonly
+ # Required to enable password authentication for one user.
+ = lib.mkForce true;
+ services.openssh = {
+ enable = lib.mkDefault true;
+ settings.PasswordAuthentication = false;
+ extraConfig = ''
+ Match User readonly
PasswordAuthentication yes
- '';
- };
+ '';
+ };
- users.users.breakds = {
- uid = 1101;
- shell = pkgs.bashInteractive;
- home = "/home/breakds";
- createHome = false;
- isNormalUser = true;
- description = "Break Yang";
- openssh.authorizedKeys.keyFiles = [ ../data/ ];
- };
+ users.users.breakds = {
+ uid = 1101;
+ shell = pkgs.bashInteractive;
+ home = "/home/breakds";
+ createHome = false;
+ isNormalUser = true;
+ description = "Break Yang";
+ openssh.authorizedKeys.keyFiles = [ ../data/ ];
+ };
- system.stateVersion = lib.mkForce "17.09";
+ system.stateVersion = lib.mkForce "17.09";
- # hardware-configuration.nix
- boot.initrd.availableKernelModules =
- [ "ehci_pci" "ahci" "uhci_hcd" "xhci_pci" "usb_storage" "sd_mod" ];
- boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [ ];
- boot.tmp.useTmpfs = true;
+ # hardware-configuration.nix
+ boot.initrd.availableKernelModules =
+ [ "ehci_pci" "ahci" "uhci_hcd" "xhci_pci" "usb_storage" "sd_mod" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+ boot.tmp.useTmpfs = true;
- fileSystems."/" = {
- device = "/dev/disk/by-label/nixos-ssd";
- fsType = "ext4";
- options = [
- "noatime,discard"
- ];
- };
- # fileSystems."/mnt/storage-old" = {
- # device = "/dev/disk/by-id/ata-HGST_HDN724040ALE640_PK1334PCKEXU9X-part3";
- # fsType = "btrfs";
- # options = [
- # "subvol=storage,device=/dev/disk/by-id/ata-HGST_HDN724040ALE640_PK1334PCKHV0LS-part3,device=/dev/disk/by-id/ata-HGST_HDN724040ALE640_PK1334PCKEXU9X-part3,noatime,discard"
- # ];
- # };
- fileSystems."/storage" = {
- device = "/dev/disk/by-label/storage-ssd";
- fsType = "btrfs";
- options = ["discard=async"];
- };
- swapDevices = [ { label = "swap"; } ];
+ fileSystems."/" = {
+ device = "/dev/disk/by-label/nixos-ssd";
+ fsType = "ext4";
+ options = [
+ "noatime,discard"
+ ];
+ };
+ # fileSystems."/mnt/storage-old" = {
+ # device = "/dev/disk/by-id/ata-HGST_HDN724040ALE640_PK1334PCKEXU9X-part3";
+ # fsType = "btrfs";
+ # options = [
+ # "subvol=storage,device=/dev/disk/by-id/ata-HGST_HDN724040ALE640_PK1334PCKHV0LS-part3,device=/dev/disk/by-id/ata-HGST_HDN724040ALE640_PK1334PCKEXU9X-part3,noatime,discard"
+ # ];
+ # };
+ fileSystems."/storage" = {
+ device = "/dev/disk/by-label/storage-ssd";
+ fsType = "btrfs";
+ options = ["discard=async"];
+ };
+ swapDevices = [ { label = "swap"; } ];
- nix.settings.trusted-users = [ "builder" ];
- nix.settings.max-jobs = lib.mkDefault 8;
- hardware.enableRedistributableFirmware = lib.mkDefault true;
+ nix.settings.trusted-users = [ "builder" ];
+ nix.settings.max-jobs = lib.mkDefault 8;
+ hardware.enableRedistributableFirmware = lib.mkDefault true;