From e7990ebbba8c9b903687c177588b45e9294f8d11 Mon Sep 17 00:00:00 2001 From: Martin Fischer Date: Wed, 18 Dec 2024 09:24:08 +0100 Subject: refactor(tente): group services --- nixos/tente-configuration.nix | 47 +++++++++++++++++++++---------------------- 1 file changed, 23 insertions(+), 24 deletions(-) (limited to 'nixos') diff --git a/nixos/tente-configuration.nix b/nixos/tente-configuration.nix index b7192ea..3c52332 100644 --- a/nixos/tente-configuration.nix +++ b/nixos/tente-configuration.nix @@ -76,45 +76,44 @@ in ]; networking.firewall.allowedUDPPorts = []; - # List services that you want to enable: - - # Enable the OpenSSH daemon. - services.openssh.enable = true; - users.groups.www-data = {}; systemd.tmpfiles.rules = [ "d /srv/www 2770 root www-data -" ]; - services.gitolite = { - enable = true; - adminPubkey = ""; # TODO: submit PR to nixpkgs to make this option optional - user = "git"; - group = "git"; - dataDir = "/srv/gitolite"; - extraGitoliteRc = '' - $RC{UMASK} = 0027; - ''; - }; - - security.acme = { - acceptTerms = true; # https://letsencrypt.org/repository/ - defaults.email = acmeEmail; - }; + services = { + openssh.enable = true; + + gitolite = { + enable = true; + adminPubkey = ""; # TODO: submit PR to nixpkgs to make this option optional + user = "git"; + group = "git"; + dataDir = "/srv/gitolite"; + extraGitoliteRc = '' + $RC{UMASK} = 0027; + ''; + }; - services.nginx = { - enable = true; - group = "www-data"; + nginx = { + enable = true; + group = "www-data"; + }; # My personal website - virtualHosts."${domain}" = { + nginx.virtualHosts.${domain} = { enableACME = true; forceSSL = true; root = "/srv/www/${domain}"; }; }; + security.acme = { + acceptTerms = true; # https://letsencrypt.org/repository/ + defaults.email = acmeEmail; + }; + # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. -- cgit v1.2.3