Initial commit

nixos-apps/ewanick.com.nix

@@ -0,0 +1,14 @@
+{
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+      "ewanick.com" = {
+        serverAliases = [ "www.ewanick.com" ];
+        extraConfig = ''
+          root * /workspace/nixos-apps/ewanick.com/
+          file_server
+        '';
+      };
+    };
+  };
+}

nixos-apps/ewanick.com/index.html

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+  <meta charset="utf-8">
+  <meta http-equiv="x-ua-compatible" content="ie=edge">
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <meta name="theme-color" content="#000000">
+  <title>Elm App using Nix Starter Template</title>
+  <link rel="stylesheet" href="main.css">
+
+  <script src="main.min.js"></script>
+</head>
+
+<body>
+  <noscript>
+    You need to enable JavaScript to run this app.
+  </noscript>
+  <div id="root"></div>
+  <script>var app = Elm.Main.init({ node: document.getElementById("root") });</script>
+</body>
+
+</html>

nixos-apps/ewanick.com/main.css

@@ -0,0 +1,86 @@
+html,
+body {
+  height: 100%;
+}
+
+body {
+  background-color: #fff1e5;
+  font-size: 20px;
+  color: #070707;
+  margin: 0px;
+  font-family: 'IBM Plex Sans', sans-serif;
+}
+
+h1 {
+  display: block;
+  font-size: 2em;
+  font-weight: bold;
+  margin: 0em 0em 1em 0em;
+}
+
+a {
+  color: #070707;
+  border-bottom: 1px dashed #070707;
+  padding-bottom: 0px;
+  text-decoration: none;
+  transition: padding 0.25s;
+}
+
+a:hover {
+  padding-bottom: 2px;
+}
+
+#hwaet {
+  padding: 2em;
+  max-width: 1000px;
+  margin-right: auto;
+  margin-left: auto;
+}
+
+#controls {
+  display: flex
+}
+
+.control {
+  margin-right: 1em;
+  display: flex;
+  flex-direction: column;
+  width: 10em;
+  font-size: 0.75em;
+  text-align: center;
+}
+
+
+input[type="range"] {
+  width: 100%;
+  margin-bottom: 1em;
+}
+
+input[type=range] {
+  -webkit-appearance: none;
+}
+
+input[type=range]::-webkit-slider-runnable-track {
+  height: .35em;
+  background: #070707;
+  border: none;
+  border-radius: 3px;
+}
+
+input[type=range]::-webkit-slider-thumb {
+  -webkit-appearance: none;
+  border: none;
+  height: 1.1em;
+  width: 1.1em;
+  border-radius: 50%;
+  background: #070707;
+  margin-top: -4px;
+}
+
+input[type=range]:focus {
+  outline: none;
+}
+
+#footer {
+  font-size: 0.8em;
+}

nixos-apps/fancytypist.com.nix

@@ -0,0 +1,27 @@
+{
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+      "fancytypist.com" = {
+        serverAliases = [ "www.fancytypist.com" ];
+        extraConfig = ''
+          respond "Hello, world! fancytypist.com"
+        '';
+      };
+
+      "fancytypist.ca" = {
+        serverAliases = [ "www.fancytypist.ca" ];
+        extraConfig = ''
+          respond "Hello, world! fancytypist.ca"
+        '';
+      };
+
+      "fancytypist.dev" = {
+        serverAliases = [ "www.fancytypist.dev" ];
+        extraConfig = ''
+          respond "Hello, world! fancytypist.dev"
+        '';
+      };
+    };
+  };
+}

nixos-apps/git.ewanick.com.nix

@@ -0,0 +1,25 @@
+{
+  services.gitea = {
+    enable = true;
+    appName = "Bill's Gitea server, hosted on Linode using NixOS";
+    domain = "git.ewanick.com";
+    rootUrl = "https://git.ewanick.com/";
+    httpPort = 3000;
+    settings = {
+      service = {
+        DISABLE_REGISTRATION = true;
+      };
+    };
+  };
+
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+      "git.ewanick.com" = {
+        extraConfig = ''
+          reverse_proxy localhost:3000
+        '';
+      };
+    };
+  };
+}

server-config/configuration.nix

@@ -0,0 +1,109 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+
+      # Applications that run on this server
+      /workspace/nixos-apps/ewanick.com.nix
+      /workspace/nixos-apps/fancytypist.com.nix
+      /workspace/nixos-apps/git.ewanick.com.nix
+    ];
+
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  networking.usePredictableInterfaceNames = false;
+  networking.hostName = "linode-nixos";
+
+  # Set your time zone.
+  time.timeZone = "America/Toronto";
+
+  # Nix daemon config
+  nix = {
+    # Automate garbage collection
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 7d";
+    };
+
+    package = pkgs.nixVersions.stable;
+    extraOptions = ''
+      # https://github.com/nix-community/nix-direnv#home-manager
+      keep-outputs = true
+      keep-derivations = true
+
+      # Enable the nix 2.0 CLI and flakes support feature-flags
+      experimental-features = nix-command flakes
+    '';
+
+    settings = {
+      # Automate `nix store --optimise`
+      auto-optimise-store = true;
+
+      # Required by Cachix to be used as non-root user
+      trusted-users = [ "root" "bill" ];
+    };
+  };
+
+  # Configure keymap in X11
+  services.xserver.layout = "us";
+  services.xserver.xkbOptions = "ctrl:swapcaps";
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.alice = {
+    isNormalUser = true;
+    home = "/home/alice";
+    description = "Alice Foobar";
+    extraGroups = [ "wheel" "networkmanager" ];
+    packages = with pkgs; [
+      tldr
+    ];
+    openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBDVbzPri8LUe9p1r96Jvdkm7HveJ7FLtGAe8GhDmgQR alice@foobar" ];
+  };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    wget
+    git
+    kitty
+
+    # Linode tools
+    inetutils
+    mtr
+    sysstat
+  ];
+
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "no";
+  };
+
+  # Open ports in the firewall.
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.useDHCP = false;
+  networking.interfaces.eth0.useDHCP = true;
+
+  services.longview = {
+    enable = true;
+    apiKeyFile = "/var/lib/longview/apiKeyFile";
+  };
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "22.11"; # Did you read the comment?
+
+}

server-config/flake.lock

@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1680665430,
+        "narHash": "sha256-MTVhTukwza1Jlq2gECITZPFnhROmylP2uv3O3cSqQCE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "5233fd2ba76a3accb5aaa999c00509a11fd0793c",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-22.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

server-config/flake.nix

@@ -0,0 +1,21 @@
+{
+  description = "System flake for Linode NixOS server";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
+  };
+
+  outputs = inputs@{ nixpkgs, ... }:
+    {
+      nixosConfigurations.linode-nixos =
+        let
+          system = "x86_64-linux";
+          pkgs = nixpkgs.legacyPackages.${system};
+        in
+        nixpkgs.lib.nixosSystem {
+          modules = [
+            ./configuration.nix
+          ];
+        };
+    };
+}

server-config/hardware-configuration.nix

@@ -0,0 +1,45 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  boot.kernelParams = [ "console=ttyS0,19200n8" ];
+  boot.loader.grub.extraConfig = ''
+    serial --speed-19200 --unit=0 --word=8 --parity=no --stop=1;
+    terminal_input serial;
+    terminal_output serial;
+  '';
+
+  boot.loader.grub.forceInstall = true;
+  boot.loader.grub.device = "nodev";
+  boot.loader.timeout = 10;
+
+  fileSystems."/" =
+    { device = "/dev/sda";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/sdb"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s5.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}