dotfiles/logical/pennyworth.nix

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, lib, ... }:

let
  secrets = import <secrets>;
  yoricc = import ../packages/yori-cc.nix;
in
{
  imports = [
      ../physical/kassala.nix
      ../roles/common.nix
      ../roles/collectd.nix
      ../roles/graphs.nix
      ../roles/xmpp.nix
      ../roles/website.nix
      ../roles/mail.nix
      ../modules/tor-hidden-service.nix
      ../modules/muflax-blog.nix
      ../roles/asterisk.nix
  ];

  networking.hostName = secrets.hostnames.pennyworth;

  services.nixosManual.enable = false;

  environment.noXlibs = true;

  networking.enableIPv6 = lib.mkOverride 30 true;

  system.stateVersion = "16.03";
  
  nginxssl.enable = true;

  services.nginx.virtualHosts."pad.yori.cc" = {
    enableACME = true;
    forceSSL = true;
    locations."/" = {
      proxyPass = "http://127.0.0.1:9140";
    };
  };

  # hidden SSH service

  services.tor.hiddenServices = [
    { name = "ssh";
      port = 22;
      hostname = secrets.tor_hostnames."ssh.pennyworth";
      private_key = "/run/keys/torkeys/ssh.pennyworth.key"; }
  ];


  services.muflax-blog = {
    enable = true;
    web-server = {
      port = 9001;
    };
    hidden-service = {
      hostname = "muflax65ngodyewp.onion";
      private_key = "/run/keys/torkeys/http.muflax.key";
    };
  };
}
-												new server

											
										
										
											2016-04-14 14:02:16 +02:00
+								# Edit this configuration file to define what should be installed on
 								# your system.  Help is available in the configuration.nix(5) man page
 								# and in the NixOS manual (accessible by running ‘nixos-help’).
 								{ config, pkgs, lib, ... }:
 								let
 								  secrets = import <secrets>;
 								  yoricc = import ../packages/yori-cc.nix;
 								in
 								{
 								  imports = [
-												another round of renaming

											
										
										
											2017-02-02 17:22:03 +01:00
+								      ../physical/kassala.nix
-												new server

											
										
										
											2016-04-14 14:02:16 +02:00
+								      ../roles/common.nix
-												add grafana+influxdb

											
										
										
											2017-01-26 14:45:11 +01:00
+								      ../roles/collectd.nix
 								      ../roles/graphs.nix
-												split off functionality into roles

											
										
										
											2017-02-02 16:58:48 +01:00
+								      ../roles/xmpp.nix
 								      ../roles/website.nix
 								      ../roles/mail.nix
-												add tor client + hidden ssh service on pennyworth

											
										
										
											2016-04-21 22:45:06 +02:00
+								      ../modules/tor-hidden-service.nix
-												Temporarily host fmap/muflax65ngodyewp.onion

											
										
										
											2016-04-29 01:07:06 +02:00
+								      ../modules/muflax-blog.nix
-												split off functionality into roles

											
										
										
											2017-02-02 16:58:48 +01:00
+								      ../roles/asterisk.nix
-												new server

											
										
										
											2016-04-14 14:02:16 +02:00
+								  ];
 								  networking.hostName = secrets.hostnames.pennyworth;
-												fix mail on pennyworth

											
										
										
											2016-09-19 20:54:40 +02:00
+								  services.nixosManual.enable = false;
-												add XMPP using prosody

											
										
										
											2016-04-22 19:12:59 +02:00
+								  environment.noXlibs = true;
-												new server

											
										
										
											2016-04-14 14:02:16 +02:00
+								  networking.enableIPv6 = lib.mkOverride 30 true;
 								  system.stateVersion = "16.03";
-												split off functionality into roles

											
										
										
											2017-02-02 16:58:48 +01:00
 								  nginxssl.enable = true;
-												new server

											
										
										
											2016-04-14 14:02:16 +02:00
-												add tmp pad hosting

											
										
										
											2017-01-30 17:41:54 +01:00
+								  services.nginx.virtualHosts."pad.yori.cc" = {
 								    enableACME = true;
 								    forceSSL = true;
 								    locations."/" = {
 								      proxyPass = "http://127.0.0.1:9140";
 								    };
 								  };
-												add tor client + hidden ssh service on pennyworth

											
										
										
											2016-04-21 22:45:06 +02:00
-												add XMPP using prosody

											
										
										
											2016-04-22 19:12:59 +02:00
+								  # hidden SSH service
-												add tor client + hidden ssh service on pennyworth

											
										
										
											2016-04-21 22:45:06 +02:00
+								  services.tor.hiddenServices = [
 								    { name = "ssh";
 								      port = 22;
-												Move Tor hostnames into secrets.nix

											
										
										
											2016-04-29 01:05:09 +02:00
+								      hostname = secrets.tor_hostnames."ssh.pennyworth";
-												add tor client + hidden ssh service on pennyworth

											
										
										
											2016-04-21 22:45:06 +02:00
+								      private_key = "/run/keys/torkeys/ssh.pennyworth.key"; }
 								  ];
-												add XMPP using prosody

											
										
										
											2016-04-22 19:12:59 +02:00
-												Temporarily host fmap/muflax65ngodyewp.onion

											
										
										
											2016-04-29 01:07:06 +02:00
 								  services.muflax-blog = {
 								    enable = true;
 								    web-server = {
 								      port = 9001;
 								    };
 								    hidden-service = {
 								      hostname = "muflax65ngodyewp.onion";
 								      private_key = "/run/keys/torkeys/http.muflax.key";
 								    };
 								  };
-												new server

											
										
										
											2016-04-14 14:02:16 +02:00
+								}