root/the_prg_server_configuration_old
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Alejandra'd the configs

Browse source
This commit is contained in:
Root User 2026-02-06 19:07:12 +01:00
parent 45ec1b2bdc
commit cd0d39bdeb
Signed by: root
GPG key ID: 087F0A95E5766D72
2 changed files with 66 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nix-system-configs/forgejo/forgejo-localconfig.nix
View file

@ -195,10 +195,10 @@ in {
};
boot.initrd.availableKernelModules = ["virtio_pci" "virtio_scsi" "ahci" "sd_mod" "virtio_blk"];
fileSystems."/" = {
fileSystems."/" = {
device = "/dev/vda1";
fsType = "ext4"; # Use "btrfs" or "xfs" if you formatted it differently
};
};

47
nix-system-configs/traefik/traefik-config.nix
View file

@ -59,12 +59,9 @@ in {
LC_TIME = "en_AU.UTF-8";
};
# Enable Tailscale for secure remote access
services.tailscale.enable = true;
# Enable Seatd for Wayland sessions (needed for sway/seat management)
services.seatd = {
enable = true;
@ -117,7 +114,6 @@ in {
};
};
# SSH Agent authentication
security.pam.sshAgentAuth.enable = true;
@ -128,7 +124,6 @@ in {
allowReboot = false;
};
# Enable Traefik service
services.traefik = {
enable = true;
@ -200,7 +195,7 @@ in {
http.services = {
forgejo.loadBalancer = {
servers = [
{ url = "http://10.1.1.4:3000"; }
{url = "http://10.1.1.4:3000";}
];
};
};
@ -217,17 +212,16 @@ in {
dnsProvider = "cloudflare";
environmentFile = "/home/traefikprg/cloudflare/cloudflare.env";
# Reload traefik when certificate is renewed
reloadServices = [ "traefik.service" ];
reloadServices = ["traefik.service"];
};
};
# Ensure traefik service waits for ACME certificates
systemd.services.traefik = {
after = [ "acme-finished-prg-radio.org.target" ];
wants = [ "acme-finished-prg-radio.org.target" ];
after = ["acme-finished-prg-radio.org.target"];
wants = ["acme-finished-prg-radio.org.target"];
};
# Add extra system packages from example.nix (appended to existing list)
environment.systemPackages = with pkgs; [
wget
@ -292,7 +286,7 @@ in {
};
# Home Manager user configuration for traefikprg (from example.nix)
home-manager.users.traefikprg = { pkgs, ... }: {
home-manager.users.traefikprg = {pkgs, ...}: {
home.packages = [
pkgs.atool
pkgs.httpie
@ -318,13 +312,28 @@ in {
settings = {
window = {
opacity = 1.0;
padding = { x = 10; y = 10; };
padding = {
x = 10;
y = 10;
};
};
font = {
normal = { family = "Maple Mono NF"; style = "Regular"; };
bold = { family = "Maple Mono NF"; style = "Bold"; };
italic = { family = "Maple Mono NF"; style = "Italic"; };
bold_italic = { family = "Maple Mono NF"; style = "Bold Italic"; };
normal = {
family = "Maple Mono NF";
style = "Regular";
};
bold = {
family = "Maple Mono NF";
style = "Bold";
};
italic = {
family = "Maple Mono NF";
style = "Italic";
};
bold_italic = {
family = "Maple Mono NF";
style = "Bold Italic";
};
size = 14.0;
};
colors = {
@ -346,7 +355,7 @@ in {
logo_size = "small";
pride_month_disable = false;
pride_month_shown = [];
color_align = { mode = "horizontal"; };
color_align = {mode = "horizontal";};
};
};
@ -367,8 +376,8 @@ in {
'';
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [80 443];
networking.firewall.allowedUDPPorts = [80 443];
# Or disable the firewall altogether.
# networking.firewall.enable = false;