feat: initial

2026-03-09 22:06:13 +01:00 · 2026-03-09 22:06:13 +01:00 · bba9ceff39
commit bba9ceff39
18 changed files with 750 additions and 0 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -0,0 +1,108 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  nixosHardwareVersion = "7f1836531b126cfcf584e7d7d71bf8758bb58969";
+
+  timeZone = "Europe/Berlin";
+  defaultLocale = "en_US.UTF-8";
+  storageConfig = import ./data/storage.nix;
+  fileSystemDefinition = lib.mapAttrs' ( 
+    name: value: {
+      name = storageConfig.${name}.path;
+      value = {
+        device = storageConfig.${name}.source;
+        fsType = storageConfig.${name}.type;
+        options = storageConfig.${name}.options;
+      };
+    }) storageConfig;
+in {
+  imports = [
+    "${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/${nixosHardwareVersion}.tar.gz"}/raspberry-pi/4"
+    ./network/static-ip.nix
+    ./services/openssh.nix
+    #./services/blocky.nix #dns
+    ./services/unbound.nix #dns
+    ./services/kea.nix #dhcp
+    ./services/nginx.nix #reverse proxy
+    ./services/qbittorrent.nix #torrent
+    ./services/kiwix.nix #wiki mirror
+    ./services/kiwix-updater.nix #wiki mirror update
+    ./users
+    ./programs
+  ];
+
+  fileSystems = fileSystemDefinition;
+
+  networking.hostName = "raspberry";
+
+  environment.systemPackages = with pkgs; [
+    docker-compose
+    docker-client
+    podman
+    podman-compose
+  ];
+
+  time.timeZone = timeZone;
+
+  virtualisation.docker = {
+    enable = true;
+    autoPrune.enable = true;
+    daemon.settings = {
+      "log-driver" = "json-file";
+      "log-opts" = {
+        "max-size" = "10m";
+        "max-file" = "3";
+      };
+    };
+  };
+  virtualisation.podman = {
+    enable = true;
+    defaultNetwork.settings.dns_enabled = false;
+  };
+
+  i18n = {
+    defaultLocale = defaultLocale;
+    extraLocaleSettings = {
+      LC_ADDRESS = defaultLocale;
+      LC_IDENTIFICATION = defaultLocale;
+      LC_MEASUREMENT = defaultLocale;
+      LC_MONETARY = defaultLocale;
+      LC_NAME = defaultLocale;
+      LC_NUMERIC = defaultLocale;
+      LC_PAPER = defaultLocale;
+      LC_TELEPHONE = defaultLocale;
+      LC_TIME = defaultLocale;
+    };
+  };
+
+  users = {
+    mutableUsers = false;
+  };
+
+  # Enable passwordless sudo.
+  security.sudo.extraRules = [
+    {
+      users = ["nudelerde"];
+      commands = [
+        {
+          command = "ALL";
+          options = ["NOPASSWD"];
+        }
+      ];
+    }
+  ];
+
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than +5";  # Keep last 5 generations
+  };
+
+  # Enable GPU acceleration
+  hardware.raspberry-pi."4".fkms-3d.enable = true;
+
+  system.stateVersion = "23.11";
+}