super massive rewrite

2026-02-09 01:51:30 +10:00 · 2026-02-09 01:51:30 +10:00 · 1de15c45f2
commit 1de15c45f2
parent a2192c9341
19 changed files with 746 additions and 1000 deletions
--- a/hosts/butterfly/default.nix
+++ b/hosts/butterfly/default.nix
@ -0,0 +1,77 @@
+{...}: {
+  imports = [
+    ./hardware-configuration.nix
+
+    ./services
+  ];
+
+  # super duper minimum grub2 config
+  boot.loader.grub = {
+    enable = true;
+    device = "/dev/vda";
+  };
+
+  networking = {
+    hostName = "butterfly";
+
+    firewall = {
+      allowedTCPPorts = [
+        80 # nginx
+        # 143 # IMAP4
+        443 # nginx
+        # 587 # SMTPS
+        2222 # forgejo ssh
+        2035 # debug (for my job)
+        # 3000 (INTERNAL) forgejo
+        # 3306 (INTERNAL) forgejo sqlite3 database
+        5000 # debug (for my job)
+        # 8222 (INTERNAL) vaultwarden
+        45000 # minecaft server
+      ];
+      allowedUDPPorts = [
+        54231 # Wireguard
+      ];
+    };
+
+    # wg-quick.interfaces = {
+    #   wg0 = {
+    #     address = [
+    #       "10.10.10.4/24"
+    #     ];
+    #     dns = ["10.10.10.1"];
+    #     privateKeyFile = "/root/wg_agrivpn_hyrule";
+    #     peers = [
+    #       {
+    #         # peer's public key
+    #         publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY=";
+
+    #         # choose which traffic to forward
+    #         allowedIPs = [
+    #           "10.0.51.0/24"
+    #           "10.10.10.0/24"
+    #         ];
+    #         endpoint = "150.242.34.33:54231";
+    #       }
+    #     ];
+    #   };
+    # };
+  };
+
+  users = {
+    users = {
+      # primary user
+      cry = {
+        isNormalUser = true;
+        home = "/home/cry";
+        extraGroups = ["wheel"];
+        openssh.authorizedKeys.keys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net"
+        ];
+      };
+    };
+  };
+
+  virtualisation.docker.enable = true;
+
+  system.stateVersion = "24.11"; # DO NOT MODIFY
+}