Infra/pi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ref: cleanup

Browse source
This commit is contained in:
Katharina Heidenreich 2026-03-13 19:51:29 +01:00
parent 0f3ccffd4d
commit 326f4f7f19
7 changed files with 5 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

20
data/services.nix
View file

@ -19,23 +19,3 @@ rec {
}; };
} }

3
data/ssh.nix
View file

@ -3,7 +3,6 @@ let
readKeyFile = filePath: readKeyFile = filePath:
let let
content = builtins.readFile filePath; content = builtins.readFile filePath;
# Split on newlines and filter out empty strings
lines = builtins.filter (line: line != "") ( lines = builtins.filter (line: line != "") (
builtins.filter builtins.isString ( builtins.filter builtins.isString (
builtins.split "\n" content builtins.split "\n" content
@ -11,7 +10,6 @@ let
); );
in lines; in lines;
# Get all keys for a user
getUserKeys = username: getUserKeys = username:
let let
userDir = "${allKeyDir}/${username}"; userDir = "${allKeyDir}/${username}";
@ -19,7 +17,6 @@ let
if builtins.pathExists userDir then if builtins.pathExists userDir then
let let
files = builtins.attrNames (builtins.readDir userDir); files = builtins.attrNames (builtins.readDir userDir);
# Read all key files and flatten the list
allKeys = builtins.concatMap (file: allKeys = builtins.concatMap (file:
readKeyFile "${userDir}/${file}" readKeyFile "${userDir}/${file}"
) files; ) files;

3
network/static-ip.nix
View file

@ -4,15 +4,12 @@ let
net = import ../data/network.nix; net = import ../data/network.nix;
in in
{ {
# Set a static IP address
networking.interfaces.eth0.ipv4.addresses = [{ networking.interfaces.eth0.ipv4.addresses = [{
address = net.ips.pi; address = net.ips.pi;
prefixLength = net.network.cidr; prefixLength = net.network.cidr;
}]; }];
# Set default gateway (your router's IP)
networking.defaultGateway = net.ips.router; networking.defaultGateway = net.ips.router;
# Set DNS servers (fallback when Blocky isn't working)
networking.nameservers = net.fallback_dns_servers; networking.nameservers = net.fallback_dns_servers;
} }

5
services/kea.nix
View file

@ -48,9 +48,8 @@ in
}; };
}; };
# Firewall rules for DHCP
networking.firewall = { networking.firewall = {
allowedUDPPorts = [ 67 68 ]; # DHCP ports allowedUDPPorts = [ 67 68 ];
checkReversePath = false; # Sometimes needed for DHCP checkReversePath = false;
}; };
} }

1
services/kiwix-updater.nix
View file

@ -1,7 +1,6 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
# Import service data (make sure this path is correct)
service_data = import ../data/services.nix; service_data = import ../data/services.nix;
kiwix = service_data.kiwix; kiwix = service_data.kiwix;
zimUrls = kiwix.urls; zimUrls = kiwix.urls;

6
services/kiwix.nix
View file

@ -22,9 +22,9 @@ in {
TZ = "Europe/Berlin"; TZ = "Europe/Berlin";
}; };
extraOptions = [ extraOptions = [
"--memory=512m" # Limit container to 512MB RAM "--memory=512m"
"--memory-swap=512m" # Disable swap usage "--memory-swap=512m"
"--cpus=1" # Limit to 1 CPU core "--cpus=1"
]; ];
autoStart = true; autoStart = true;
}; };

1
services/unbound.nix
View file

@ -28,7 +28,6 @@ in
}; };
}; };
# Allow DNS through the firewall
networking.firewall.allowedTCPPorts = [ 53 ]; networking.firewall.allowedTCPPorts = [ 53 ];
networking.firewall.allowedUDPPorts = [ 53 ]; networking.firewall.allowedUDPPorts = [ 53 ];
} }