49 lines
No EOL
1.1 KiB
Nix
49 lines
No EOL
1.1 KiB
Nix
{ config, pkgs, secret, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
./nginx.nix
|
|
];
|
|
networking = {
|
|
hostName = "mio";
|
|
interfaces.ens18 = {
|
|
useDHCP = false;
|
|
ipv4.addresses = [{
|
|
address = "66.78.40.227";
|
|
prefixLength = 24;
|
|
}];
|
|
};
|
|
defaultGateway = "66.78.40.1";
|
|
nameservers = ["1.1.1.1"];
|
|
};
|
|
|
|
services.openssh.enable = true;
|
|
boot.tmp.cleanOnBoot = true;
|
|
zramSwap.enable = true;
|
|
|
|
system.stateVersion = "25.05";
|
|
services.yggdrasil.persistentKeys = true;
|
|
|
|
marzban = {
|
|
env = {
|
|
UVICORN_HOST = "mio.project-a.space";
|
|
UVICORN_PORT = secret.marzban.port;
|
|
SUDO_USERNAME = secret.marzban.sudo-username;
|
|
SUDO_PASSWORD = secret.marzban.sudo-password;
|
|
DOCS = true;
|
|
};
|
|
cert = true;
|
|
domain = "mio.project-a.space";
|
|
xray = import ../common/xray.nix {
|
|
server-domain = "mio.project-a.space";
|
|
port = secret.marzban.vless-port;
|
|
dest = secret.marzban.dest;
|
|
privateKey = secret.marzban.privateKey;
|
|
shortId = secret.marzban.shortId;
|
|
spiderX = secret.marzban.spiderX;
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ secret.marzban.port secret.marzban.vless-port ];
|
|
} |