sys/atuin: init

7 files changed, 70 insertions, 0 deletions

diff --git a/modules/server/default.nix b/modules/server/default.nix
new file mode 100644
index 000000000000..42d48ec1e93d
--- /dev/null
+++ b/modules/server/default.nix
@@ -0,0 +1,8 @@
+{ ... }:
+
+{
+  imports = [ ../nix ../locale ../ssh ../users ];
+
+  services.openssh.enable = true;
+  security.sudo.wheelNeedsPassword = false;
+}
diff --git a/modules/server/dns/default.nix b/modules/server/dns/default.nix
new file mode 100644
index 000000000000..6274d6b6b348
--- /dev/null
+++ b/modules/server/dns/default.nix
@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+{
+  networking.nameservers = [ "127.0.0.1" ];
+
+  services.unbound.enable = true;
+
+  systemd.services.doh-proxy = {
+    after = [ "networking.target" ];
+    wantedBy = [ "multi-user.target" ];
+    script = "exec ${pkgs.doh-proxy}/bin/doh-httpproxy --port 4448";
+  };
+}
diff --git a/modules/server/irc/bitlbee/default.nix b/modules/server/irc/bitlbee/default.nix
new file mode 100644
index 000000000000..c0aaaa0b4f17
--- /dev/null
+++ b/modules/server/irc/bitlbee/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+
+{
+  services.bitlbee.enable = true;
+  services.bitlbee.portNumber = 6262;
+}
diff --git a/modules/server/irc/default.nix b/modules/server/irc/default.nix
new file mode 100644
index 000000000000..f031773efacd
--- /dev/null
+++ b/modules/server/irc/default.nix
@@ -0,0 +1,5 @@
+{ ... }:
+
+{
+  imports = [ ./bitlbee ./znc ];
+}
diff --git a/modules/server/irc/znc/default.nix b/modules/server/irc/znc/default.nix
new file mode 100644
index 000000000000..76cce01180a8
--- /dev/null
+++ b/modules/server/irc/znc/default.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+
+{
+  services.znc.enable = true;
+  services.znc.useLegacyConfig = false;
+  services.znc.modulePackages = with pkgs; [ zncModules.playback ];
+}
diff --git a/modules/server/nginx/default.nix b/modules/server/nginx/default.nix
new file mode 100644
index 000000000000..33ba06defd86
--- /dev/null
+++ b/modules/server/nginx/default.nix
@@ -0,0 +1,13 @@
+{ pkgs, ... }:
+
+{
+  services.fcgiwrap.enable = true;
+
+  services.nginx.enable = true;
+  services.nginx.package = pkgs.nginxMainline;
+
+  services.nginx.recommendedOptimisation = true;
+  services.nginx.recommendedTlsSettings = true;
+  services.nginx.recommendedGzipSettings = true;
+  services.nginx.recommendedProxySettings = true;
+}
diff --git a/modules/server/tor/default.nix b/modules/server/tor/default.nix
new file mode 100644
index 000000000000..645684c5dca2
--- /dev/null
+++ b/modules/server/tor/default.nix
@@ -0,0 +1,18 @@
+{ lib, config, ... }:
+
+{
+  networking.firewall.allowedTCPPorts = [ config.services.tor.relay.port ];
+
+  services.tor.enable = true;
+
+  services.tor.relay.accountingMax =
+    lib.mkDefault (throw "Set tor accountingMax!!");
+
+  services.tor.relay.accountingStart =
+    lib.mkDefault (throw "Set tor accountingStart!!");
+
+  services.tor.relay.enable = true;
+  services.tor.relay.nickname = lib.mkDefault config.networking.hostName;
+  services.tor.relay.port = 143;
+  services.tor.relay.role = "relay";
+}