Daholli/nixos-config
1
0
Fork 0
Code Issues 5 Pull requests Actions Packages Releases Activity

rp5 #10

Merged
Daholli merged 6 commits from rp5 into main 2024-11-25 22:33:27 +01:00
Conversation 0 Commits 6 Files changed 11 +59 -2
2 changed files with 59 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 047d4f7dbd - Show all commits

1
modules/home/apps/cli-apps/fish/default.nix
View file

@ -24,7 +24,6 @@ in
shellInit = '' shellInit = ''
zoxide init fish | source zoxide init fish | source
direnv hook fish | source direnv hook fish | source
source ~/.config/op/plugins.sh
set -x LESS_TERMCAP_mb \e'[01;32m' set -x LESS_TERMCAP_mb \e'[01;32m'
set -x LESS_TERMCAP_md \e'[01;32m' set -x LESS_TERMCAP_md \e'[01;32m'

60
systems/aarch64-linux/nixberry/default.nix
View file

@ -1,4 +1,5 @@
{ {
config,
inputs, inputs,
lib, lib,
modulesPath, modulesPath,
@ -9,6 +10,8 @@
with lib.${namespace}; with lib.${namespace};
let let
inherit (lib) mkForce; inherit (lib) mkForce;
ipAddress = "192.168.178.2";
in in
{ {
imports = with inputs.nixos-hardware.nixosModules; [ imports = with inputs.nixos-hardware.nixosModules; [
@ -16,6 +19,7 @@ in
raspberry-pi-5 raspberry-pi-5
]; ];
security.sudo.wheelNeedsPassword = false;
users.users.remotebuild = { users.users.remotebuild = {
isNormalUser = true; isNormalUser = true;
createHome = false; createHome = false;
@ -51,10 +55,11 @@ in
interfaces.wlan0 = { interfaces.wlan0 = {
ipv4.addresses = [ ipv4.addresses = [
{ {
address = "192.168.178.2"; address = ipAddress;
prefixLength = 24; prefixLength = 24;
} }
]; ];
useDHCP = true;
}; };
defaultGateway = { defaultGateway = {
address = "192.168.178.1"; address = "192.168.178.1";
@ -71,6 +76,59 @@ in
}; };
}; };
networking.firewall = {
allowedTCPPorts = [
53
80
];
allowedUDPPorts = [
53
];
};
services.adguardhome = {
enable = true;
host = ipAddress;
port = 80;
settings = {
http = {
address = "0.0.0.0:80";
};
dns = {
ratelimit = 0;
bind_hosts = [ "0.0.0.0" ];
upstream_dns = [
"1.1.1.1"
"1.0.0.1"
"8.8.8.8"
"8.8.4.4"
];
};
filtering = {
protection_enabled = true;
filtering_enabled = true;
};
filters =
map
(url: {
enabled = true;
url = url;
})
[
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt" # AdGuard Dns filter
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_59.txt" # AdGuard Dns PopupHosts filter
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_9.txt" # The Big List of Hacked Malware Web Sites
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_11.txt" # malicious url blocklist
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_18.txt" # Phishing
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_24.txt"
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_47.txt"
];
};
};
# Pi specific stuff # Pi specific stuff
raspberry-pi-nix.board = "bcm2712"; raspberry-pi-nix.board = "bcm2712";
hardware = { hardware = {