Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

flake: reformat with nixfmt

Browse source
This commit is contained in:
Infinidoge 2025-01-28 20:33:04 -05:00
parent a79e641851
commit eaf4f56ac0
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
117 changed files with 2667 additions and 1592 deletions
Download patch file Download diff file Expand all files Collapse all files

85
hosts/Infini-DL360/default.nix
View file

@ -1,4 +1,11 @@
{ config, lib, pkgs, private, ... }: {
{
config,
lib,
pkgs,
private,
...
}:
{
imports = [
./hardware-configuration.nix
./disks.nix
@ -57,19 +64,39 @@
networking = {
firewall = {
allowedUDPPorts = [ 80 443 ];
allowedTCPPorts = [ 80 443 25565 ];
allowedUDPPorts = [
80
443
];
allowedTCPPorts = [
80
443
25565
];
};
bridges = {
br0 = {
interfaces = [ "eno1" "eno2" "eno3" "eno4" ];
interfaces = [
"eno1"
"eno2"
"eno3"
"eno4"
];
};
};
interfaces.br0.ipv4.addresses = [{ address = "192.168.137.11"; prefixLength = 24; }];
interfaces.br0.ipv4.addresses = [
{
address = "192.168.137.11";
prefixLength = 24;
}
];
dhcpcd.denyInterfaces = [ "eno*" ];
defaultGateway = { address = "192.168.137.1"; interface = "br0"; };
defaultGateway = {
address = "192.168.137.1";
interface = "br0";
};
nat = {
enable = true;
@ -89,10 +116,12 @@
services.fail2ban.enable = true;
environment.etc."fail2ban/filter.d/nginx-url-probe.local".text = lib.mkDefault (lib.mkAfter ''
[Definition]
failregex = ^<HOST>.*GET.*(\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
'');
environment.etc."fail2ban/filter.d/nginx-url-probe.local".text = lib.mkDefault (
lib.mkAfter ''
[Definition]
failregex = ^<HOST>.*GET.*(\.php|admin|wp\-).* HTTP/\d.\d\" 404.*$
''
);
services.fail2ban.jails.nginx-url-probe.settings = {
enabled = true;
@ -127,22 +156,26 @@
services.minecraft-servers.servers.emd-server.autoStart = lib.mkForce false;
services.borgbackup.jobs."persist" = let tmux = lib.getExe pkgs.tmux; in {
preHook = ''
${tmux} -S /run/minecraft/friend-server.sock send-keys "say Server is backing up..." Enter
${tmux} -S /run/minecraft/friend-server.sock send-keys save-off Enter
${tmux} -S /run/minecraft/friend-server.sock send-keys save-all Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys "say Server is backing up..." Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys save-off Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys save-all Enter
'';
postHook = ''
${tmux} -S /run/minecraft/friend-server.sock send-keys save-on Enter
${tmux} -S /run/minecraft/friend-server.sock send-keys "say Backup complete" Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys save-on Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys "say Backup complete" Enter
'';
};
services.borgbackup.jobs."persist" =
let
tmux = lib.getExe pkgs.tmux;
in
{
preHook = ''
${tmux} -S /run/minecraft/friend-server.sock send-keys "say Server is backing up..." Enter
${tmux} -S /run/minecraft/friend-server.sock send-keys save-off Enter
${tmux} -S /run/minecraft/friend-server.sock send-keys save-all Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys "say Server is backing up..." Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys save-off Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys save-all Enter
'';
postHook = ''
${tmux} -S /run/minecraft/friend-server.sock send-keys save-on Enter
${tmux} -S /run/minecraft/friend-server.sock send-keys "say Backup complete" Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys save-on Enter
${tmux} -S /run/minecraft/sister-server.sock send-keys "say Backup complete" Enter
'';
};
systemd.services.setup-infiniband = {
wantedBy = [ "network.target" ];