From e7ec54ef4f93e34897a37e7bbe55036eb8d5df3d Mon Sep 17 00:00:00 2001 From: m3tam3re Date: Thu, 26 Sep 2024 14:45:59 +0200 Subject: [PATCH] video10 --- home/features/desktop/hyprland.nix | 2 +- hosts/common/default.nix | 10 ++-- hosts/m3-kratos/configuration.nix | 6 +- .../m3-kratos/services/containers/default.nix | 1 + hosts/m3-kratos/services/containers/httpd.nix | 56 +++++++++++++++++++ 5 files changed, 67 insertions(+), 8 deletions(-) create mode 100644 hosts/m3-kratos/services/containers/httpd.nix diff --git a/home/features/desktop/hyprland.nix b/home/features/desktop/hyprland.nix index e9a40a3..cb3456c 100644 --- a/home/features/desktop/hyprland.nix +++ b/home/features/desktop/hyprland.nix @@ -30,7 +30,7 @@ in { ]; input = { - kb_layout = "de,us"; + kb_layout = "us"; kb_variant = ""; kb_model = ""; kb_rules = ""; diff --git a/hosts/common/default.nix b/hosts/common/default.nix index 80c4811..494cd2e 100644 --- a/hosts/common/default.nix +++ b/hosts/common/default.nix @@ -40,7 +40,9 @@ }; }; - nix = { + nix = let + flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs; + in { settings = { experimental-features = "nix-command flakes"; trusted-users = [ @@ -53,10 +55,8 @@ options = "--delete-older-than 30d"; }; optimise.automatic = true; - registry = - (lib.mapAttrs (_: flake: {inherit flake;})) - ((lib.filterAttrs (_: lib.isType "flake")) inputs); - nixPath = ["/etc/nix/path"]; + registry = lib.mapAttrs (_: flake: {inherit flake;}) flakeInputs; + nixPath = ["/etc/nix/path"] ++ lib.mapAttrsToList (flakeName: _: "${flakeName}=flake:${flakeName}") flakeInputs; }; users.defaultUserShell = pkgs.fish; } diff --git a/hosts/m3-kratos/configuration.nix b/hosts/m3-kratos/configuration.nix index 2273336..e8904a4 100644 --- a/hosts/m3-kratos/configuration.nix +++ b/hosts/m3-kratos/configuration.nix @@ -21,7 +21,7 @@ # Enable networking networking.networkmanager.enable = true; - + networking.networkmanager.unmanaged = ["interface-name:ve-*"]; # Set your time zone. time.timeZone = "Europe/Berlin"; @@ -86,8 +86,10 @@ # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. + networking.nat.enable = true; + networking.nat.internalInterfaces = ["ve-+"]; + networking.nat.externalInterface = "enp1s0"; # networking.firewall.enable = false; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/hosts/m3-kratos/services/containers/default.nix b/hosts/m3-kratos/services/containers/default.nix index 9352d16..ea6429b 100644 --- a/hosts/m3-kratos/services/containers/default.nix +++ b/hosts/m3-kratos/services/containers/default.nix @@ -1,6 +1,7 @@ { imports = [ ./echo.nix + ./httpd.nix ./nginx.nix ]; } diff --git a/hosts/m3-kratos/services/containers/httpd.nix b/hosts/m3-kratos/services/containers/httpd.nix new file mode 100644 index 0000000..a23cb52 --- /dev/null +++ b/hosts/m3-kratos/services/containers/httpd.nix @@ -0,0 +1,56 @@ +{ + containers.httpd = { + autoStart = true; + ephemeral = true; + privateNetwork = true; + hostAddress = "192.168.100.10"; + localAddress = "192.168.100.11"; + forwardPorts = [ + { + containerPort = 80; + hostPort = 80; + } + ]; + config = {...}: { + services.httpd = { + enable = true; + adminAddr = "foo@example.org"; + }; + networking.firewall.allowedTCPPorts = [80]; + system.stateVersion = "24.05"; + }; + bindMounts = { + "/root/data" = { + hostPath = "/home/m3tam3re/data/"; + isReadOnly = false; + }; + }; + }; + containers.httpd2 = { + autoStart = true; + ephemeral = true; + privateNetwork = true; + hostAddress = "192.168.100.10"; + localAddress = "192.168.100.12"; + forwardPorts = [ + { + containerPort = 80; + hostPort = 8080; + } + ]; + config = {...}: { + services.httpd = { + enable = true; + adminAddr = "foo@example.org"; + }; + networking.firewall.allowedTCPPorts = [80]; + system.stateVersion = "24.05"; + }; + bindMounts = { + "/root/data" = { + hostPath = "/home/m3tam3re/data/"; + isReadOnly = false; + }; + }; + }; +}