Generate my configuration

Networking

Choose your network configuration

I'm a noob in network config, I trust you to provide networking for me (ipv6 only)

My server has a public ip that I can provide

My router is set so that my local machine is accessible on the public network

My server can use a wireguard server i can configure

Machine network name

Usage bundles

Choose your usage bundles (multiple choices possible if your machine can handle it)

Write collectively : pads

Forge : git repo, CI/CD workers, and NixiN

Social media: hosted social medias in activitypub web-apps

Services

👆 Choose any upper bundle to make associated services appear.

Other configuration

Operating UNIX user name

Operating UNIX user password

Timezone

Locale

Auto-generated configuration.nix file

    
{ pkgs, ... }:

{
  networking.hosts = {
      "127.0.0.1" = [ ".nixin.local" ];
  };

  networking.hostName = "";
  networking.domain = "nixin.local";
  networking.firewall = {
    allowedTCPPorts = [
      80
      443
    ];
  };

  time.timeZone = "UTC";
  i18n.defaultLocale = "en_US.UTF-8";


  users.users.operator = {
      isNormalUser = true;
      extraGroups = [ "wheel" ];
      initialPassword = "CHANGE ME !!!";
  };

  security.sudo.extraRules= [
    {
      users = [ "operator" ];
      commands = [
        { 
          command = "ALL" ;
          options= [ "NOPASSWD" ]; # "SETENV" # Adding the following could be a good idea
        }
      ];
    }
  ];

  security.acme.defaults.email = "contact@nixin.local";
  security.acme.acceptTerms = true;

  services.nginx = {
    enable = true;

    # Use recommended settings
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;

    # Only allow PFS-enabled ciphers with AES256
    sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";

    virtualHosts."hedgedoc.nixin.local" = {
      forceSSL = true;
      enableACME = true;  
      root = "/var/www/hedgedoc";
      locations."/".proxyPass = "http://127.0.0.1:8001";
      locations."/socket.io/" = {
        proxyPass = "http://127.0.0.1:8001";
        proxyWebsockets = true;
        extraConfig = "proxy_ssl_server_name on;";
      };
    };
  };

  environment.systemPackages = with pkgs; [
    git
    wget
    tmux
    mosh
    htop
  ];  

  system.stateVersion = "24.05";
}