# The is the system definition for vps749417.ovh.net. { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Boot loader boot.loader = { grub = { enable = true; device = "/dev/sda"; }; }; # Network configuration networking = { hostName = "vps749417"; useDHCP = false; interfaces.ens3.useDHCP = true; firewall.allowedTCPPorts = [ 22 80 443 ]; }; # Time zone time.timeZone = "Europe/Paris"; # Packages installed in system profile environment.systemPackages = with pkgs; [ git htop tmux vim wget ]; # OpenSSH daemon services.openssh = { enable = true; passwordAuthentication = false; }; # Nginx web server services.nginx = { enable = true; virtualHosts."www.beffara.org" = { forceSSL = true; root = "/data/web/root"; sslCertificate = "/data/web/cert/beffara.org.crt"; sslCertificateKey = "/data/web/cert/beffara.org.key"; locations."~ \.php$".extraConfig = '' fastcgi_pass unix:${config.services.phpfpm.pools.web.socket}; fastcgi_index index.php; ''; }; }; # FastCGI server for PHP services.phpfpm.pools.web = { user = "nobody"; settings = { "listen.owner" = config.services.nginx.user; "pm" = "dynamic"; "pm.max_children" = 5; "pm.start_servers" = 2; "pm.min_spare_servers" = 1; "pm.max_spare_servers" = 3; "pm.max_requests" = 500; }; }; # Initial user account users.users.manu = { isNormalUser = true; extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. initialHashedPassword = "$6$40/yq55oyhD2MhbS$fox2DB5Aj4EpbQAx8z6FYEh3Jl3HKa7aHlGbijJukWxOpXIlKqNucBA8Eene7SaUQzHpvrhke9EFZIRxZpl5F/"; }; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "19.09"; # Did you read the comment? }