summaryrefslogtreecommitdiff
path: root/configuration.nix
blob: 775bc994a3b404db807e916e2d05e2bb09205a30 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
{ ... }:

let
  bensIp = "68.107.97.20";
in
{
  nixpkgs.config.packageOverrides = pkgs: {
    ibb = import ./ibb/default.nix {};
  };

  networking.firewall.allowedTCPPorts = [ 22 80 443 ];

  services = {

    ibb.enable = true;

    nginx = {
      enable = true;
      recommendedGzipSettings = true;
      recommendedOptimisation = true;
      recommendedProxySettings = true;
      recommendedTlsSettings = true;
      virtualHosts = {
        "simatime.com".locations."/".proxyPass = "http://${bensIp}:8000";
        "dev.simatime.com".locations."/".proxyPass = "http://${bensIp}:3000";
        "hero.simatime.com".locations."/".proxyPass = "http://${bensIp}:3001";
        "tv.simatime.com".locations."/".proxyPass = "http://${bensIp}:8096"; # emby runs on port 8096
        "influencedbybooks.com" = {
          forceSSL = true;
          enableACME = true;
          locations = {
            "/" = {
              proxyPass = "http://localhost:3000";
            };
          };
        };
      };
    };
  };

  boot.cleanTmpDir = true;
  networking.hostName = "simatime";
  networking.firewall.allowPing = true;
  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCiNB0iF9ClawNEizBtdYucqp1tAXXRbqvlPS6PFRrtiwSl+SJD29BCLgA5rLxcmFhBHZ/iId/En7GPFEzI/gMu071J7pUI4OcW0UVZju3GNc6ZEz/a6AD2u79JiXEDHfPEdmMqAe36kkaK0KJWSQP3xsFRwJ+8F8HHbSwoCLL+GJhBgAWHQLGfKesNrDacNljNDU3CgkEnDmu8QKuSzH2k1vrr69q2u2iMSAdiStDBAWEjN5nCVrm2XB2vmFLMtXpX2n8JI+znOGzRRDc8dNXejQeDMZGyV6jfVidEIX7vdgSydGjTRKcCLVAsKY3z0gYBZ8u8EUNujgcFBnnAvytj ben@neb"
  ];
}