# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, lib, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # networking.hostName = "nixos"; # Define your hostname. # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. networking.hostName = "laurel"; networking.firewall.allowedTCPPorts = [ 80 443 ]; time.timeZone = "Europe/London"; i18n.defaultLocale = "en_US.UTF-8"; nixpkgs.config.packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; # Enable sound. sound.enable = true; hardware.pulseaudio.enable = true; hardware.opengl = { enable = true; extraPackages = with pkgs; [ intel-media-driver vaapiIntel vaapiVdpau libvdpau-va-gl intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) ]; }; environment.systemPackages = with pkgs; [ vim wget curl ]; users.users.op = { isNormalUser = true; extraGroups = [ "wheel" "tty" ]; home = "/home/op"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4oThdAy5wQtzCarxDPuzWX6ImYw0c1QfkF0+wZNE6o np@myrtle" ]; }; services.openssh.enable = true; services.tailscale.enable = true; services.nginx = { enable = true; user = "op"; }; services.invidious = { enable = true; port = 3333; domain = "tube.laurel"; settings = { db = { user = "invidious"; dbname = "invidious"; }; registration_enabled = true; login_enabled = true; admins = [ "op" ]; video_loop = false; autoplay = true; continue = false; continue_autoplay = false; player_style = "youtube"; listen = false; quality = "hd720"; comments = [ "youtube" ]; captions = [ "en" ]; unseen_only = true; local = true; }; }; services.nginx.virtualHosts."tube.laurel" = { listen = [{ port = 80; addr = "0.0.0.0"; }]; locations."/" = { proxyPass = "http://127.0.0.1:${builtins.toString config.services.invidious.port}"; proxyWebsockets = true; extraConfig = '' proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; # so Invidious knows domain proxy_set_header Connection ""; # to keep alive ''; }; }; services.podgrab = { enable = true; port = 3434; }; services.nginx.virtualHosts."podcast.laurel" = { listen = [{ port = 80; addr = "0.0.0.0"; }]; locations."/" = { proxyPass = "http://127.0.0.1:${builtins.toString config.services.podgrab.port}"; proxyWebsockets = true; }; }; services.nginx.virtualHosts."oppi.li" = { listen = [{ port = 8282; addr = "0.0.0.0"; }]; root = "/home/op/site/docs"; locations."/" = { tryFiles = "$uri $uri/ =404"; index = "index.html"; }; }; nix.settings.experimental-features = [ "nix-command" "flakes" ]; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # # Most users should NEVER change this value after the initial install, for any reason, # even if you've upgraded your system to a new NixOS release. # # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, # so changing it will NOT upgrade your system. # # This value being lower than the current NixOS release does NOT mean your system is # out of date, out of support, or vulnerable. # # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, # and migrated your data accordingly. # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "23.11"; # Did you read the comment? }