diff --git a/configuration.nix b/configuration.nix index 94e0cb3..4bb1814 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). -# { config, pkgs, ... }: @@ -12,14 +8,19 @@ ]; # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - boot.kernelPackages = pkgs.linuxPackages_latest; - - networking.hostName = "nginx"; - networking.networkmanager.enable = true; + boot = { + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + kernelPackages = pkgs.linuxPackages_latest; + }; + networking = { + hostName = "nginx"; + networkmanager.enable = true; + }; + # Set your time zone. time.timeZone = "Europe/Zurich"; @@ -66,22 +67,11 @@ acme ]; - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; - - # List services that you want to enable: - # Enable the OpenSSH daemon. services.openssh = { enable = true; settings.PermitRootLogin = "without-password"; }; - # services.nginx.enable = false; services.nginx = { enable = true; @@ -91,6 +81,7 @@ locations."/".proxyPass = "http://10.0.0.24:3000/"; }; }; + security.acme = { acceptTerms = true; defaults.email = "gentoo@blubb.fish"; @@ -99,8 +90,6 @@ # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 80 443 ]; # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions