Add Astral host

2025-10-03 10:32:05 -07:00 · 2025-10-03 10:32:05 -07:00 · b3be9bbad9
commit b3be9bbad9
parent c2399507d3
9 changed files with 198 additions and 138 deletions
--- a/hosts/astral/default.nix
+++ b/hosts/astral/default.nix
@ -0,0 +1,71 @@
+{ nixosModules, modulesPath, lib, config, pkgs, ... }: {
+  imports = with nixosModules; [
+    "${modulesPath}/virtualisation/amazon-image.nix"
+    nettika
+  ];
+
+  boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
+
+  nix = {
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 30d";
+    };
+    settings.trusted-users = [ "@wheel" ];
+  };
+
+  networking = {
+    hostName = "astral";
+    domain = "recipes.leaf.ninja";
+    firewall.allowedTCPPorts = [ 80 443 ];
+    networkmanager.enable = true;
+  };
+
+  users.defaultUserShell = pkgs.fish;
+
+  security.sudo.wheelNeedsPassword = false;
+
+  environment.variables.EDITOR = "nano";
+
+  services.caddy = {
+    enable = true;
+    virtualHosts = {
+      "${config.networking.domain}".extraConfig = ''
+        reverse_proxy localhost:8008
+        header Strict-Transport-Security "max-age=63072000; includeSubDomains;"
+      '';
+    };
+  };
+
+  programs.fish.enable = true;
+
+  programs.git = {
+    enable = true;
+    lfs.enable = true;
+    config = {
+      init.defaultBranch = "master";
+      user = {
+        email = "git@nettika.cat";
+        name = "Nettika";
+      };
+      credential.helper = "store";
+    };
+  };
+
+  programs.nano = {
+    enable = true;
+    nanorc = ''
+      set autoindent
+      set linenumbers
+    '';
+  };
+
+  documentation.man.generateCaches = false;
+
+  promptEmoji = "✴️";
+
+  time.timeZone = "America/Los_Angeles";
+
+  system.stateVersion = "23.05";
+}