From 93b0545d11bf8c7f065203f7f3eaf1d0e3730dce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Mon, 21 Feb 2022 21:54:09 +0100 Subject: Add initial version --- nixos/machine/lipwig.nix | 58 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 nixos/machine/lipwig.nix (limited to 'nixos/machine/lipwig.nix') diff --git a/nixos/machine/lipwig.nix b/nixos/machine/lipwig.nix new file mode 100644 index 0000000..aa3d448 --- /dev/null +++ b/nixos/machine/lipwig.nix @@ -0,0 +1,58 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + boot.isContainer = true; + boot.loader.initScript.enable = true; + + cynerd.openvpn.enable = true; + + # Git ###################################################################### + services.gitolite = { + enable = false; + user = "git"; + group = "git"; + dataDir = "/var/lib/git"; + adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIaMmBV0wPvG5JQIWxi20IDlLokhRBumTEbUUD9TNWoY Bootstrap gitolite key"; + }; + services.gitDaemon = { + enable = false; + user = "gitdemon"; + group = "gitdaemon"; + basePath = "/var/lib/git/repositories"; + }; + + # CalDAV and CardDAV ####################################################### + services.radicale = { + enable = true; + settings = { + server = { + hosts = [ "0.0.0.0:5232" "[::]:5232" ]; + ssl = true; + certificate = "/run/secrets/radicale/radicale.crt"; + key = "/run/secrets/radicale/radicale.key"; + }; + encoding = { + request = "utf-8"; + stock = "utf-8"; + }; + auth = { + type = "htpasswd"; + htpasswd_filename = "/run/secrets/radicale/users"; + htpasswd_encryption = "bcrypt"; + delay = 1; + }; + storage = { + filesystem_folder = "/var/lib/radicale/"; + }; + web = { + type = "none"; + }; + }; + }; + }; + +} -- cgit v1.2.3