kekl

configuration.nix

@@ -0,0 +1,46 @@
+{ config, lib, pkgs, ... }:
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+			
+			# modules
+			./modules/jellyfin.nix
+			./modules/iperf.nix
+			./modules/networking.nix
+			./modules/virt.nix
+			./modules/sec.nix
+			./modules/pkgs.nix
+			./modules/user.nix
+		];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  time.timeZone = "Europe/Berlin";
+	
+	nixpkgs.config.allowUnfree = true;
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+	
+  programs = { 
+		gnupg = {
+			agent = {
+				enable = true;
+				enableSSHSupport = true;
+			};
+		};
+	};
+	
+  services = {
+		openssh = {
+			enable = true;	
+		};	
+	};
+
+  system.stateVersion = "24.11";
+
+}
+

hardware-configuration.nix

@@ -0,0 +1,47 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems = {
+		"/boot" =
+			{ 
+				device = "/dev/disk/by-uuid/2742-5C4A";
+				fsType = "vfat";
+				options = [ "fmask=0022" "dmask=0022" ];
+			};
+		"/" = 
+			{
+				device = "/dev/disk/by-uuid/95ea99d1-a02f-48a2-803a-57c0c4993ec3";
+				fsType = "ext4";
+			};
+		"/media/MEDIA" = 
+			{
+				device = "/dev/disk/by-label/MEDIA";
+				fsType = "ext4";
+			};
+		"/media/WD_2TB" = 
+			{
+				device = "/dev/disk/by-label/WD_2TB";
+				fsType = "ext4";
+			};
+
+	};
+
+
+  swapDevices = [ ];
+
+  networking.useDHCP = lib.mkDefault true;
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

modules/iperf.nix

@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+{
+	services = {
+		iperf3 = {
+			enable = true;
+		};
+	};
+}

modules/jellyfin.nix

@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+{
+	services = {
+		jellyfin = {
+			enable = true;
+		};
+	};
+}

modules/networking.nix

@@ -0,0 +1,13 @@
+{ config, pkgs, ... }:
+{
+	networking = {
+		hostName = "odessa";
+		networkmanager = {
+			enable = true;	
+		};
+		firewall = {
+			enable = true;
+			allowedTCPPorts = [ 80 443 1337 5021 8000 8080 ];
+		};
+	};
+}

modules/pkgs.nix

@@ -0,0 +1,14 @@
+{ config, pkgs, ... }:
+{
+	environment.systemPackages = with pkgs; [
+    vim
+		wget
+		neofetch
+		git
+		curl
+		unzip
+		htop
+		btop
+		iftop
+	];
+}

modules/sec.nix

@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+{
+	security = {
+    doas = {
+      enable = true;
+      extraRules = [
+        {
+          users = [ "fabian" ];
+          noPass = true;
+          keepEnv = true;
+        }
+      ];
+    };
+  };
+}

modules/user.nix

@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+{
+	users.users.fabian = {
+    isNormalUser = true;
+		initialPassword = "1601";
+    extraGroups = [ "wheel" "docker" "input" "plugdev" ];
+  };
+}

modules/virt.nix

@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+{
+	environment.systemPackages = with pkgs; [
+		docker-compose
+	];
+
+	virtualisation = {
+    docker = {
+      enable = true;
+    };
+  };
+}