diff --git a/enviroments/server/default.nix b/enviroments/server/default.nix
index 861f142..d3e9d63 100644
--- a/enviroments/server/default.nix
+++ b/enviroments/server/default.nix
@@ -1,7 +1,63 @@
-{ pkgs, ... }:
+{ config, ... }:
{
imports = [
../common
];
+ services = let
+ headscaleDomain = "headscale.jan-leila.com";
+ in {
+ nfs.server = {
+ enable = true;
+ exports = ''
+ /home/leyla 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
+ /home/eve 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
+ /home/ester 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
+ /home/users 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
+ '';
+ };
+
+ headscale = {
+ enable = true;
+ address = "0.0.0.0";
+ port = 8080;
+ settings = {
+ server_url = "https://${headscaleDomain}";
+ dns_config.base_domain = "jan-leila.com";
+ logtail.enabled = false;
+ };
+ };
+
+ nginx = {
+ enable = false; # TODO: enable this when you want to test all the configs
+ virtualHosts = {
+ ${headscaleDomain} = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ proxyPass =
+ "http://localhost:${toString config.services.headscale.port}";
+ proxyWebsockets = true;
+ };
+ };
+ };
+ };
+ };
+
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "jan-leila@protonmail.com";
+ };
+
+ # disable computer sleeping
+ systemd.targets = {
+ sleep.enable = false;
+ suspend.enable = false;
+ hibernate.enable = false;
+ hybrid-sleep.enable = false;
+ };
+
+ networking.firewall.allowedTCPPorts = [ 2049 ];
+
+ environment.systemPackages = [ config.services.headscale.package ];
}
\ No newline at end of file
diff --git a/hosts/defiant/configuration.nix b/hosts/defiant/configuration.nix
index 9e4a1e6..d2b1348 100644
--- a/hosts/defiant/configuration.nix
+++ b/hosts/defiant/configuration.nix
@@ -20,14 +20,9 @@
efiInstallAsRemovable = true;
};
- virtualisation.docker.enable = true;
- users.extraGroups.docker.members = [ "leyla" ];
-
nixpkgs.config.allowUnfree = true;
- services = let
- headscaleDomain = "headscale.jan-leila.com";
- in {
+ services = {
zfs = {
autoScrub.enable = true;
autoSnapshot.enable = true;
@@ -50,87 +45,7 @@
# Get rid of xTerm
excludePackages = [ pkgs.xterm ];
};
-
- nfs.server = {
- enable = true;
- exports = ''
- /srv/nfs4/docker 192.168.1.0/24(rw,sync,crossmnt,no_subtree_check)
-
- /srv/nfs4/leyla 192.168.1.0/22(rw,sync,no_subtree_check,nohide)
- /srv/nfs4/eve 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
- /srv/nfs4/share 192.168.1.0/22(rw,sync,no_subtree_check,crossmnt)
-
- # /export 192.168.1.10(rw,fsid=0,no_subtree_check) 192.168.1.15(rw,fsid=0,no_subtree_check)
- # /export/kotomi 192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
- # /export/mafuyu 192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
- # /export/sen 192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
- # /export/tomoyo 192.168.1.10(rw,nohide,insecure,no_subtree_check) 192.168.1.15(rw,nohide,insecure,no_subtree_check)
- '';
- };
-
- headscale = {
- enable = true;
- address = "0.0.0.0";
- port = 8080;
- settings = {
- server_url = "https://${headscaleDomain}";
- dns_config.base_domain = "jan-leila.com";
- logtail.enabled = false;
- };
- };
-
- nginx = {
- enable = false; # TODO: enable this when you want to test all the configs
- virtualHosts = {
- ${headscaleDomain} = {
- forceSSL = true;
- enableACME = true;
- locations."/" = {
- proxyPass =
- "http://localhost:${toString config.services.headscale.port}";
- proxyWebsockets = true;
- };
- };
- };
- };
};
-
- security.acme = {
- acceptTerms = true;
- defaults.email = "jan-leila@protonmail.com";
- };
-
- # disable computer sleeping
- systemd.targets = {
- sleep.enable = false;
- suspend.enable = false;
- hibernate.enable = false;
- hybrid-sleep.enable = false;
- };
-
- fileSystems = {
- "/srv/nfs4/docker" = {
- device = "/home/docker";
- options = [ "bind" ];
- };
-
- "/srv/nfs4/users" = {
- device = "/home/users";
- options = [ "bind" ];
- };
-
- "/srv/nfs4/leyla" = {
- device = "/home/leyla";
- options = [ "bind" ];
- };
-
- "/srv/nfs4/eve" = {
- device = "/home/eve";
- options = [ "bind" ];
- };
- };
-
- environment.systemPackages = [ config.services.headscale.package ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions