2024-05-02 14:09:52 +03:00
|
|
|
{ config
|
|
|
|
|
, pkgs
|
|
|
|
|
, inputs
|
|
|
|
|
, system
|
|
|
|
|
, lib
|
2024-05-03 00:54:08 +03:00
|
|
|
, settings
|
2024-05-02 14:09:52 +03:00
|
|
|
, ...
|
2024-05-03 00:54:08 +03:00
|
|
|
}: {
|
2024-03-05 21:21:27 +02:00
|
|
|
imports = [
|
|
|
|
|
./hardware-configuration.nix
|
2024-10-29 19:34:06 +02:00
|
|
|
./containers
|
2024-11-01 22:47:29 +02:00
|
|
|
./caddy
|
2024-05-02 14:08:59 +03:00
|
|
|
./gui.nix
|
2024-10-25 21:09:09 +03:00
|
|
|
./drives.nix
|
2024-06-16 04:53:53 +03:00
|
|
|
./games/palworld.nix
|
|
|
|
|
./games/minecraft
|
2024-11-13 00:17:00 +02:00
|
|
|
./services/mautrix.nix
|
2024-11-13 00:52:46 +02:00
|
|
|
./services/jellyfin.nix
|
2024-11-13 01:37:04 +02:00
|
|
|
./services/mastodon.nix
|
2024-11-13 20:00:14 +02:00
|
|
|
./services/archivebox.nix
|
2024-08-03 17:43:49 +03:00
|
|
|
inputs.lastfm-status.nixosModules.default
|
2024-06-08 16:41:43 +03:00
|
|
|
inputs.confess.nixosModules.${system}.default
|
2024-03-29 22:56:23 +02:00
|
|
|
inputs.common-modules.nixosModules.nixos-upgrade
|
|
|
|
|
inputs.common-modules.nixosModules.qbittorrent-nox
|
|
|
|
|
inputs.common-modules.nixosModules.unpackerr
|
2024-03-05 21:21:27 +02:00
|
|
|
];
|
2024-02-23 01:56:51 +02:00
|
|
|
|
2024-06-16 04:53:53 +03:00
|
|
|
nixpkgs.config.allowUnfree = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
|
2024-05-25 01:56:07 +03:00
|
|
|
system.autoUpgrade = {
|
|
|
|
|
enable = true;
|
|
|
|
|
allowReboot = true;
|
|
|
|
|
flake = "/etc/nixos";
|
|
|
|
|
updateFlake = true;
|
2024-05-23 20:51:48 +03:00
|
|
|
|
2024-06-16 04:53:53 +03:00
|
|
|
# minecraft plugin auto update
|
2024-05-25 01:56:07 +03:00
|
|
|
extraCommands =
|
|
|
|
|
let
|
|
|
|
|
plugins = [
|
|
|
|
|
"9eGKb6K1" # https://modrinth.com/plugin/simple-voice-chat
|
|
|
|
|
"1u6JkXh5" # https://modrinth.com/plugin/worldedit
|
|
|
|
|
];
|
|
|
|
|
in
|
|
|
|
|
''
|
2024-08-14 22:25:16 +03:00
|
|
|
./games/minecraft/modrinth-plugin-list.sh paper 1.21.1 ${builtins.concatStringsSep " " plugins} > games/minecraft/paper-vanilla-plugins.nix
|
2024-06-16 04:53:53 +03:00
|
|
|
git add games/minecraft/paper-vanilla-plugins.nix
|
|
|
|
|
git commit games/minecraft/paper-vanilla-plugins.nix -m "Updated games/minecraft/paper-vanilla-plugins.nix"
|
2024-05-23 20:51:48 +03:00
|
|
|
'';
|
|
|
|
|
|
2024-05-25 01:56:07 +03:00
|
|
|
failureNotification = {
|
|
|
|
|
enable = true;
|
|
|
|
|
ntfyUrlFile = "/etc/secrets/failureNotification.env";
|
2024-03-28 12:06:22 +02:00
|
|
|
};
|
2024-05-25 01:56:07 +03:00
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
|
|
|
|
|
nix = {
|
|
|
|
|
gc = {
|
|
|
|
|
automatic = true;
|
|
|
|
|
dates = "weekly";
|
|
|
|
|
};
|
|
|
|
|
optimise = {
|
|
|
|
|
automatic = true;
|
2024-05-02 14:09:52 +03:00
|
|
|
dates = [ "06:00" ];
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
settings = {
|
2024-11-01 20:50:46 +02:00
|
|
|
sandbox = false; # Caddy cannot be built in a sandbox because it retrieves external dependencies (i.e. cloudflare-dns module)
|
2024-05-02 14:09:52 +03:00
|
|
|
experimental-features = [ "nix-command" "flakes" ];
|
2024-02-23 01:56:51 +02:00
|
|
|
auto-optimise-store = true;
|
|
|
|
|
allowed-users = [
|
|
|
|
|
"@wheel"
|
|
|
|
|
"owo"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
boot = {
|
2024-05-24 23:29:16 +03:00
|
|
|
supportedFilesystems = [ "btrfs" "mergerfs" ];
|
2024-03-08 10:45:58 +02:00
|
|
|
tmp.cleanOnBoot = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
|
|
|
|
loader = {
|
|
|
|
|
systemd-boot.enable = true;
|
|
|
|
|
efi.canTouchEfiVariables = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemd.services = {
|
|
|
|
|
tailscaled.environment = {
|
|
|
|
|
TS_NO_LOGS_NO_SUPPORT = "true";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
hostName = "server";
|
|
|
|
|
networkmanager.enable = true;
|
2024-11-09 12:59:15 +02:00
|
|
|
resolvconf = {
|
|
|
|
|
enable = true;
|
|
|
|
|
useLocalResolver = true; # prefers tailscale dns otherwise
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
nameservers = [
|
2024-04-11 10:12:37 +03:00
|
|
|
"127.0.0.1"
|
2024-06-16 05:12:36 +03:00
|
|
|
|
|
|
|
|
# cloudflare
|
2024-03-05 21:21:27 +02:00
|
|
|
"1.1.1.1"
|
2024-06-16 05:12:36 +03:00
|
|
|
"1.0.0.1"
|
2024-02-23 01:56:51 +02:00
|
|
|
];
|
2024-06-16 05:12:36 +03:00
|
|
|
|
2024-11-09 13:45:18 +02:00
|
|
|
interfaces.enp0s31f6q = {
|
|
|
|
|
ipv6.addresses = [{
|
|
|
|
|
address = "2001:7d0:84a6:5900:263a:6e9b:63e4:3b82";
|
|
|
|
|
prefixLength = 64;
|
|
|
|
|
}];
|
|
|
|
|
ipv4.addresses = [{
|
|
|
|
|
address = "192.168.1.131";
|
|
|
|
|
prefixLength = 24;
|
|
|
|
|
}];
|
|
|
|
|
};
|
|
|
|
|
|
2024-06-16 05:12:36 +03:00
|
|
|
firewall = {
|
|
|
|
|
enable = true;
|
|
|
|
|
allowedUDPPortRanges = with config.services.coturn; [
|
|
|
|
|
{
|
|
|
|
|
from = min-port;
|
|
|
|
|
to = max-port;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
allowedUDPPorts = [
|
|
|
|
|
config.services.blocky.settings.ports.dns
|
|
|
|
|
|
|
|
|
|
# coturn
|
|
|
|
|
3478
|
|
|
|
|
5349
|
|
|
|
|
];
|
|
|
|
|
allowedTCPPorts = [
|
|
|
|
|
config.services.blocky.settings.ports.dns
|
|
|
|
|
|
|
|
|
|
# HTTP/HTTPS
|
|
|
|
|
80
|
|
|
|
|
443
|
|
|
|
|
|
|
|
|
|
# coturn
|
|
|
|
|
3478
|
|
|
|
|
5349
|
|
|
|
|
|
|
|
|
|
config.services.forgejo.settings.server.SSH_PORT
|
|
|
|
|
];
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Tallinn";
|
|
|
|
|
|
|
|
|
|
i18n = {
|
|
|
|
|
defaultLocale = "en_GB.UTF-8";
|
|
|
|
|
extraLocaleSettings = {
|
|
|
|
|
LC_ADDRESS = "et_EE.UTF-8";
|
|
|
|
|
LC_IDENTIFICATION = "et_EE.UTF-8";
|
|
|
|
|
LC_MEASUREMENT = "et_EE.UTF-8";
|
|
|
|
|
LC_MONETARY = "et_EE.UTF-8";
|
|
|
|
|
LC_NAME = "et_EE.UTF-8";
|
|
|
|
|
LC_NUMERIC = "et_EE.UTF-8";
|
|
|
|
|
LC_PAPER = "et_EE.UTF-8";
|
|
|
|
|
LC_TELEPHONE = "et_EE.UTF-8";
|
|
|
|
|
LC_TIME = "et_EE.UTF-8";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
hardware = {
|
|
|
|
|
nvidia = {
|
|
|
|
|
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
|
|
|
|
modesetting.enable = true;
|
|
|
|
|
open = false;
|
|
|
|
|
};
|
2024-05-02 14:08:59 +03:00
|
|
|
nvidia-container-toolkit.enable = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
|
2024-06-16 04:53:53 +03:00
|
|
|
virtualisation.docker = {
|
|
|
|
|
enable = true;
|
|
|
|
|
autoPrune.enable = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
mergerfs
|
|
|
|
|
mergerfs-tools
|
|
|
|
|
ffmpeg # nextcloud
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
programs = {
|
2024-05-24 23:29:16 +03:00
|
|
|
mosh.enable = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
git.enable = true;
|
|
|
|
|
fish.enable = true;
|
|
|
|
|
ssh.startAgent = true;
|
|
|
|
|
};
|
|
|
|
|
|
2024-06-16 05:12:36 +03:00
|
|
|
security = {
|
|
|
|
|
sudo.wheelNeedsPassword = false;
|
|
|
|
|
acme = {
|
|
|
|
|
acceptTerms = true;
|
|
|
|
|
defaults.email = "ssl@catnip.ee";
|
|
|
|
|
|
|
|
|
|
certs = {
|
|
|
|
|
${config.services.coturn.realm} = {
|
|
|
|
|
webroot = settings.turnAcmeDir;
|
|
|
|
|
postRun = "systemctl restart coturn.service";
|
|
|
|
|
group = config.systemd.services.coturn.serviceConfig.Group;
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services = {
|
2024-11-01 19:29:28 +02:00
|
|
|
pds = {
|
|
|
|
|
enable = true;
|
2024-11-12 23:30:07 +02:00
|
|
|
pdsadmin.enable = true;
|
|
|
|
|
|
2024-11-01 19:29:28 +02:00
|
|
|
environmentFiles = [
|
|
|
|
|
"/etc/secrets/bluesky.env"
|
|
|
|
|
];
|
2024-11-12 17:57:57 +02:00
|
|
|
settings = {
|
|
|
|
|
PDS_PORT = "3001";
|
|
|
|
|
PDS_HOSTNAME = "bsky.ee";
|
2024-11-13 19:12:19 +02:00
|
|
|
|
|
|
|
|
#PDS_EMAIL_SMTP_URL = "smtps://bluesky@bsky.ee:password@mx1.sly.ee:465";
|
|
|
|
|
PDS_EMAIL_FROM_ADDRESS = "bluesky@bsky.ee";
|
2024-11-12 17:57:57 +02:00
|
|
|
};
|
2024-11-01 19:29:28 +02:00
|
|
|
};
|
2024-10-28 22:46:46 +02:00
|
|
|
borgbackup.jobs."borgbase" = {
|
|
|
|
|
paths = [
|
2024-10-29 18:28:43 +02:00
|
|
|
# maybe only include /var/lib?
|
2024-10-28 22:46:46 +02:00
|
|
|
"/var/lib/lidarr"
|
|
|
|
|
"/var/lib/sonarr"
|
|
|
|
|
"/var/lib/radarr"
|
|
|
|
|
"/var/lib/bazarr"
|
|
|
|
|
"/var/lib/private/prowlarr"
|
|
|
|
|
"/var/lib/mysql"
|
|
|
|
|
"/var/lib/postgresql"
|
|
|
|
|
"/var/lib/nextcloud"
|
|
|
|
|
"/var/lib/forgejo"
|
|
|
|
|
"/var/lib/private/ntfy-sh"
|
|
|
|
|
"/var/lib/private/drasl"
|
|
|
|
|
"/var/lib/acme"
|
|
|
|
|
"/var/lib/tailscale"
|
|
|
|
|
"/var/lib/private/scrutiny"
|
|
|
|
|
"/var/lib/caddy"
|
|
|
|
|
"/var/lib/redis-nextcloud"
|
|
|
|
|
"/var/lib/syncthing"
|
|
|
|
|
"/var/lib/matrix-synapse"
|
|
|
|
|
"/var/lib/plex"
|
|
|
|
|
"/var/lib/confess-web"
|
|
|
|
|
"/var/lib/gitea-runner"
|
|
|
|
|
"/var/lib/influxdb2"
|
|
|
|
|
|
|
|
|
|
"/etc/secrets"
|
|
|
|
|
"/etc/nixos"
|
|
|
|
|
"/srv/minecraft"
|
|
|
|
|
|
|
|
|
|
"/home/owo/.config/qBittorrent"
|
2024-10-29 18:28:43 +02:00
|
|
|
"/home/owo/.local/share/qBittorrent"
|
2024-10-28 22:46:46 +02:00
|
|
|
"/home/owo/Documents/server_configs"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
exclude = [
|
|
|
|
|
"/var/lib/lidarr/.config/Lidarr/MediaCover"
|
|
|
|
|
"/var/lib/sonarr/.config/NzbDrone/MediaCover"
|
|
|
|
|
"/var/lib/radarr/.config/Radarr/MediaCover"
|
|
|
|
|
"/var/lib/plex/transcode"
|
|
|
|
|
"/var/lib/plex/Plex Media Server/Media"
|
|
|
|
|
"/var/lib/matrix-synapse/media_store/remote_content"
|
2024-11-09 17:05:25 +02:00
|
|
|
"/var/lib/matrix-synapse/media_store/remote_thumbnail"
|
2024-10-28 22:46:46 +02:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
repo = "ssh://uq9l5635@uq9l5635.repo.borgbase.com/./repo";
|
|
|
|
|
encryption = {
|
|
|
|
|
mode = "repokey-blake2";
|
|
|
|
|
passCommand = "cat /etc/secrets/borgpass";
|
|
|
|
|
};
|
|
|
|
|
environment.BORG_RSH = "ssh -i /home/owo/.ssh/id_rsa";
|
|
|
|
|
compression = "auto,lzma";
|
|
|
|
|
startAt = "daily";
|
|
|
|
|
};
|
2024-10-25 21:24:50 +03:00
|
|
|
wakapi = {
|
|
|
|
|
enable = true;
|
|
|
|
|
passwordSaltFile = "/etc/secrets/wakaPasswordSalt";
|
|
|
|
|
smtpPasswordFile = "/etc/secrets/wakaSmtpPassword";
|
|
|
|
|
|
|
|
|
|
database.createLocally = true;
|
|
|
|
|
settings = {
|
|
|
|
|
db = {
|
|
|
|
|
dialect = "postgres";
|
|
|
|
|
host = "/run/postgresql";
|
|
|
|
|
port = 5432;
|
|
|
|
|
name = "wakapi"; # db name
|
|
|
|
|
user = "wakapi";
|
|
|
|
|
};
|
|
|
|
|
server = {
|
|
|
|
|
public_url = "https://waka.catnip.ee";
|
|
|
|
|
port = 3000;
|
|
|
|
|
};
|
|
|
|
|
mail = {
|
|
|
|
|
sender = "Wakapi <wakapi@catnip.ee>";
|
|
|
|
|
smtp = {
|
|
|
|
|
host = "mx1.sly.ee";
|
|
|
|
|
port = 465;
|
|
|
|
|
username = "wakapi@catnip.ee";
|
|
|
|
|
tls = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2024-10-25 20:12:49 +03:00
|
|
|
syncthing = {
|
|
|
|
|
enable = true;
|
|
|
|
|
guiAddress = "0.0.0.0:8384";
|
|
|
|
|
openDefaultPorts = true;
|
|
|
|
|
};
|
2024-06-08 16:41:43 +03:00
|
|
|
confess-web = {
|
|
|
|
|
enable = true;
|
2024-10-25 21:04:10 +03:00
|
|
|
port = 8011;
|
2024-06-08 16:41:43 +03:00
|
|
|
reverseProxy = true;
|
|
|
|
|
trustedProxy = "127.0.0.1";
|
|
|
|
|
environmentFile = "/etc/secrets/confess.env";
|
|
|
|
|
};
|
2024-03-30 00:15:16 +02:00
|
|
|
lastfm-status = {
|
|
|
|
|
enable = true;
|
2024-10-25 21:04:10 +03:00
|
|
|
port = 4014;
|
2024-03-30 00:15:16 +02:00
|
|
|
};
|
2024-03-28 12:39:11 +02:00
|
|
|
unpackerr = {
|
|
|
|
|
enable = true;
|
|
|
|
|
|
|
|
|
|
# Stores UN_SONARR_0_API_KEY, UN_RADARR_0_API_KEY
|
|
|
|
|
environmentFile = "/etc/secrets/unpackerr.env";
|
|
|
|
|
user = "owo";
|
|
|
|
|
group = "users";
|
|
|
|
|
|
|
|
|
|
settings = {
|
|
|
|
|
debug = false;
|
|
|
|
|
quiet = false;
|
|
|
|
|
|
|
|
|
|
# How often to poll sonarr and radarr.
|
|
|
|
|
# Recommend 1m-5m. Uses Go Duration.
|
|
|
|
|
interval = "2m";
|
|
|
|
|
|
|
|
|
|
start_delay = "1m";
|
|
|
|
|
retry_delay = "5m";
|
|
|
|
|
|
|
|
|
|
parallel = 1;
|
|
|
|
|
|
|
|
|
|
# Use these configurations to control the file modes used for newly extracted
|
|
|
|
|
# files and folders. Recommend 0644/0755 or 0666/0777.
|
|
|
|
|
file_mode = "0644";
|
|
|
|
|
dir_mode = "0755";
|
|
|
|
|
|
|
|
|
|
sonarr = [
|
|
|
|
|
{
|
|
|
|
|
url = "http://localhost:8989";
|
2024-06-15 23:27:54 +03:00
|
|
|
paths = [ "/mnt/drive1/torrents/downloads" "/mnt/drive2/torrents" "/mnt/seagate-8tb-1/torrents" "/mnt/seagate-8tb-2/torrents" ];
|
2024-03-28 12:39:11 +02:00
|
|
|
protocols = "torrent";
|
|
|
|
|
timeout = "100s";
|
|
|
|
|
delete_delay = "10m";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
radarr = [
|
|
|
|
|
{
|
|
|
|
|
url = "http://localhost:7878";
|
2024-06-15 23:27:54 +03:00
|
|
|
paths = [ "/mnt/drive1/torrents/downloads" "/mnt/drive2/torrents" "/mnt/seagate-8tb-1/torrents" "/mnt/seagate-8tb-2/torrents" ];
|
2024-03-28 12:39:11 +02:00
|
|
|
protocols = "torrent";
|
|
|
|
|
timeout = "100s";
|
|
|
|
|
delete_delay = "10m";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-03-28 10:53:22 +02:00
|
|
|
qbittorrent-nox = {
|
|
|
|
|
enable = true;
|
|
|
|
|
openFirewall = true;
|
2024-04-16 10:12:07 +03:00
|
|
|
user = "owo";
|
|
|
|
|
group = "users";
|
2024-03-28 10:53:22 +02:00
|
|
|
webuiPort = settings.ports.qbittorrent;
|
|
|
|
|
torrentingPort = settings.ports.qbittorrent-torrent;
|
|
|
|
|
};
|
2024-03-08 10:19:23 +02:00
|
|
|
scrutiny = {
|
|
|
|
|
enable = true;
|
2024-03-11 12:17:26 +02:00
|
|
|
collector.enable = true;
|
2024-10-25 21:04:10 +03:00
|
|
|
settings.web.listen.port = 4012;
|
2024-03-08 10:19:23 +02:00
|
|
|
};
|
2024-03-06 12:41:16 +02:00
|
|
|
|
|
|
|
|
# /var/lib/gitea-runner
|
2024-02-23 01:56:51 +02:00
|
|
|
gitea-actions-runner = {
|
|
|
|
|
package = pkgs.forgejo-actions-runner;
|
|
|
|
|
instances = {
|
|
|
|
|
forge = {
|
|
|
|
|
enable = true;
|
|
|
|
|
url = "https://forge.catnip.ee";
|
|
|
|
|
name = "runner";
|
|
|
|
|
labels = [
|
2024-04-01 13:21:33 +03:00
|
|
|
"latest-debian:docker://node:current"
|
|
|
|
|
"latest-alpine:docker://node:current-alpine"
|
2024-02-23 01:56:51 +02:00
|
|
|
];
|
|
|
|
|
tokenFile = "/etc/secrets/gitea-actions-runner.env";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-03-06 12:41:16 +02:00
|
|
|
|
|
|
|
|
# /var/lib/forgejo/
|
2024-02-23 01:56:51 +02:00
|
|
|
forgejo = {
|
|
|
|
|
enable = true;
|
2024-10-08 18:53:20 +03:00
|
|
|
package = pkgs.forgejo;
|
2024-02-23 01:56:51 +02:00
|
|
|
database.type = "postgres";
|
2024-06-08 16:41:43 +03:00
|
|
|
secrets.mailer.PASSWD = "/etc/secrets/forge-email";
|
2024-02-23 01:56:51 +02:00
|
|
|
settings = {
|
|
|
|
|
server = {
|
|
|
|
|
DOMAIN = "forge.catnip.ee";
|
2024-10-25 21:04:10 +03:00
|
|
|
HTTP_PORT = 4005;
|
2024-02-23 01:56:51 +02:00
|
|
|
SSH_PORT = 2222;
|
|
|
|
|
START_SSH_SERVER = true;
|
|
|
|
|
ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}";
|
|
|
|
|
};
|
2024-03-22 14:00:21 +02:00
|
|
|
mailer = {
|
|
|
|
|
ENABLED = true;
|
|
|
|
|
FROM = "forge@catnip.ee";
|
|
|
|
|
PROTOCOL = "smtps";
|
|
|
|
|
SMTP_ADDR = "mx1.sly.ee";
|
|
|
|
|
SMTP_PORT = 465;
|
|
|
|
|
USER = "forge@catnip.ee";
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
service = {
|
|
|
|
|
DISABLE_REGISTRATION = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# /var/lib/nextcloud
|
|
|
|
|
nextcloud = {
|
|
|
|
|
enable = true;
|
2024-10-08 18:56:12 +03:00
|
|
|
package = pkgs.nextcloud30;
|
2024-02-23 01:56:51 +02:00
|
|
|
hostName = "cloud.catnip.ee";
|
|
|
|
|
https = true;
|
2024-10-28 22:46:46 +02:00
|
|
|
configureRedis = true; # /var/lib/redis-nextcloud
|
2024-02-23 01:56:51 +02:00
|
|
|
config = {
|
|
|
|
|
adminuser = "admin";
|
|
|
|
|
adminpassFile = "/etc/secrets/nextcloud";
|
2024-11-09 14:27:00 +02:00
|
|
|
dbtype = "mysql";
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
autoUpdateApps.enable = true;
|
|
|
|
|
database.createLocally = true;
|
|
|
|
|
extraApps = with config.services.nextcloud.package.packages.apps; {
|
2024-04-20 23:52:12 +03:00
|
|
|
inherit contacts calendar tasks mail;
|
2024-10-25 23:58:25 +03:00
|
|
|
integration_github = pkgs.fetchNextcloudApp {
|
|
|
|
|
url = "https://github.com/nextcloud-releases/integration_github/releases/download/v3.0.0/integration_github-v3.0.0.tar.gz";
|
|
|
|
|
sha256 = "sha256-ruLN4lw3Vy8OavTYm1g2L9q1wusRP0a+BpvfXkrZI3A=";
|
|
|
|
|
license = "agpl3Only";
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
extraAppsEnable = true;
|
|
|
|
|
settings = {
|
|
|
|
|
enable_previews = true;
|
|
|
|
|
enabledPreviewProviders = [
|
|
|
|
|
"OC\\Preview\\OpenDocument"
|
|
|
|
|
"OC\\Preview\\PDF"
|
|
|
|
|
"OC\\Preview\\MSOffice2003"
|
|
|
|
|
"OC\\Preview\\MSOfficeDoc"
|
|
|
|
|
"OC\\Preview\\Image"
|
|
|
|
|
"OC\\Preview\\Photoshop"
|
|
|
|
|
"OC\\Preview\\TIFF"
|
|
|
|
|
"OC\\Preview\\SVG"
|
|
|
|
|
"OC\\Preview\\Font"
|
|
|
|
|
"OC\\Preview\\MP3"
|
|
|
|
|
"OC\\Preview\\Movie"
|
|
|
|
|
"OC\\Preview\\MKV"
|
|
|
|
|
"OC\\Preview\\MP4"
|
|
|
|
|
"OC\\Preview\\AVI"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# /var/lib/mysql
|
|
|
|
|
mysql = {
|
|
|
|
|
enable = true;
|
|
|
|
|
ensureDatabases = [
|
|
|
|
|
"nextcloud"
|
|
|
|
|
];
|
2024-03-05 21:21:27 +02:00
|
|
|
ensureUsers = [
|
|
|
|
|
{
|
|
|
|
|
name = "nextcloud";
|
|
|
|
|
ensurePermissions = {
|
|
|
|
|
"nextcloud.*" = "ALL PRIVILEGES";
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
];
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
nginx.virtualHosts.${config.services.nextcloud.hostName} = {
|
2024-03-05 21:21:27 +02:00
|
|
|
listen = [
|
|
|
|
|
{
|
|
|
|
|
addr = "127.0.0.1";
|
|
|
|
|
port = settings.ports.nextcloud;
|
|
|
|
|
}
|
|
|
|
|
];
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
tailscale = {
|
|
|
|
|
enable = true;
|
|
|
|
|
useRoutingFeatures = "server";
|
2024-11-09 12:59:15 +02:00
|
|
|
extraSetFlags = [
|
2024-02-23 01:56:51 +02:00
|
|
|
"--advertise-exit-node"
|
|
|
|
|
];
|
|
|
|
|
permitCertUid = "caddy";
|
|
|
|
|
port = 0;
|
|
|
|
|
};
|
|
|
|
|
blocky = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
|
|
|
|
caching = {
|
|
|
|
|
minTime = "5m";
|
2024-03-05 21:21:27 +02:00
|
|
|
maxTime = "30m";
|
2024-02-23 01:56:51 +02:00
|
|
|
prefetching = true;
|
|
|
|
|
};
|
|
|
|
|
ports.dns = 53;
|
2024-04-11 10:12:37 +03:00
|
|
|
upstreams.groups.default = [
|
|
|
|
|
"1.1.1.1"
|
|
|
|
|
"1.0.0.1"
|
|
|
|
|
];
|
|
|
|
|
bootstrapDns = [
|
|
|
|
|
"tcp+udp:1.1.1.1"
|
|
|
|
|
"https://1.1.1.1/dns-query"
|
2024-02-23 01:56:51 +02:00
|
|
|
];
|
2024-05-02 14:09:52 +03:00
|
|
|
customDNS =
|
|
|
|
|
let
|
|
|
|
|
localDomains = names: ip:
|
|
|
|
|
builtins.listToAttrs (map
|
|
|
|
|
(x: {
|
|
|
|
|
name = x;
|
|
|
|
|
value = ip;
|
|
|
|
|
})
|
|
|
|
|
names);
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
mapping = localDomains [
|
2024-10-21 20:17:48 +03:00
|
|
|
"files.internal"
|
|
|
|
|
"qbittorrent.internal"
|
|
|
|
|
"scrutiny.internal"
|
|
|
|
|
"archive.internal"
|
|
|
|
|
"epic.internal"
|
|
|
|
|
"sonarr.internal"
|
|
|
|
|
"radarr.internal"
|
|
|
|
|
"prowlarr.internal"
|
|
|
|
|
"bazarr.internal"
|
|
|
|
|
"lidarr.internal"
|
2024-10-25 20:12:49 +03:00
|
|
|
"syncthing.internal"
|
2024-05-02 14:09:52 +03:00
|
|
|
] "100.93.150.89";
|
|
|
|
|
};
|
|
|
|
|
conditional =
|
|
|
|
|
let
|
|
|
|
|
opennic = names: ip:
|
|
|
|
|
builtins.listToAttrs (map
|
|
|
|
|
(x: {
|
|
|
|
|
name = x;
|
|
|
|
|
value = ip;
|
|
|
|
|
})
|
|
|
|
|
names);
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
mapping = opennic [
|
|
|
|
|
"epic"
|
|
|
|
|
"geek"
|
|
|
|
|
"chan"
|
|
|
|
|
"fur"
|
|
|
|
|
"cyb"
|
|
|
|
|
"oss"
|
|
|
|
|
"pirate"
|
|
|
|
|
"neo"
|
|
|
|
|
"libre"
|
|
|
|
|
"dyn"
|
|
|
|
|
"glue"
|
|
|
|
|
"indy"
|
|
|
|
|
"bbs"
|
|
|
|
|
"gopher"
|
|
|
|
|
"null"
|
|
|
|
|
"o"
|
|
|
|
|
"oz"
|
|
|
|
|
"parody"
|
|
|
|
|
"bazar"
|
|
|
|
|
"coin"
|
|
|
|
|
"lib"
|
|
|
|
|
"emc"
|
|
|
|
|
"ku"
|
|
|
|
|
"uu"
|
|
|
|
|
"ti"
|
|
|
|
|
"te"
|
|
|
|
|
] "138.197.140.189";
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
blocking = {
|
2024-04-11 10:12:37 +03:00
|
|
|
blackLists = {
|
|
|
|
|
ads = [
|
|
|
|
|
"https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2024-02-23 01:56:51 +02:00
|
|
|
clientGroupsBlock.default = [
|
|
|
|
|
"ads"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-03-06 13:46:28 +02:00
|
|
|
|
2024-04-05 10:41:54 +03:00
|
|
|
lidarr.enable = true; # port 8686, /var/lib/lidarr
|
2024-03-06 13:46:28 +02:00
|
|
|
prowlarr.enable = true; # port 9696, /var/lib/prowlarr
|
|
|
|
|
radarr.enable = true; # port 7878, /var/lib/radarr
|
|
|
|
|
sonarr.enable = true; # port 8989, /var/lib/sonarr
|
2024-10-25 21:04:10 +03:00
|
|
|
bazarr.enable = true; # port 6767, /var/lib/bazarr
|
2024-03-06 13:46:28 +02:00
|
|
|
|
2024-04-27 01:27:39 +03:00
|
|
|
# /var/lib/plex
|
2024-02-23 01:56:51 +02:00
|
|
|
plex = {
|
|
|
|
|
enable = true;
|
2024-11-12 23:40:56 +02:00
|
|
|
openFirewall = true; # 32400
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
coturn = rec {
|
|
|
|
|
enable = true;
|
|
|
|
|
no-cli = true;
|
|
|
|
|
no-tcp-relay = true;
|
|
|
|
|
min-port = 49000;
|
|
|
|
|
max-port = 50000;
|
|
|
|
|
use-auth-secret = true;
|
|
|
|
|
static-auth-secret-file = "/etc/secrets/coturn";
|
|
|
|
|
|
|
|
|
|
realm = "turn.catnip.ee";
|
|
|
|
|
cert = "${config.security.acme.certs.${realm}.directory}/full.pem";
|
|
|
|
|
pkey = "${config.security.acme.certs.${realm}.directory}/key.pem";
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
# for debugging
|
|
|
|
|
verbose
|
|
|
|
|
# ban private IP ranges
|
|
|
|
|
no-multicast-peers
|
|
|
|
|
denied-peer-ip=0.0.0.0-0.255.255.255
|
|
|
|
|
denied-peer-ip=10.0.0.0-10.255.255.255
|
|
|
|
|
denied-peer-ip=100.64.0.0-100.127.255.255
|
|
|
|
|
denied-peer-ip=127.0.0.0-127.255.255.255
|
|
|
|
|
denied-peer-ip=169.254.0.0-169.254.255.255
|
|
|
|
|
denied-peer-ip=172.16.0.0-172.31.255.255
|
|
|
|
|
denied-peer-ip=192.0.0.0-192.0.0.255
|
|
|
|
|
denied-peer-ip=192.0.2.0-192.0.2.255
|
|
|
|
|
denied-peer-ip=192.88.99.0-192.88.99.255
|
|
|
|
|
denied-peer-ip=192.168.0.0-192.168.255.255
|
|
|
|
|
denied-peer-ip=198.18.0.0-198.19.255.255
|
|
|
|
|
denied-peer-ip=198.51.100.0-198.51.100.255
|
|
|
|
|
denied-peer-ip=203.0.113.0-203.0.113.255
|
|
|
|
|
denied-peer-ip=240.0.0.0-255.255.255.255
|
|
|
|
|
denied-peer-ip=::1
|
|
|
|
|
denied-peer-ip=64:ff9b::-64:ff9b::ffff:ffff
|
|
|
|
|
denied-peer-ip=::ffff:0.0.0.0-::ffff:255.255.255.255
|
|
|
|
|
denied-peer-ip=100::-100::ffff:ffff:ffff:ffff
|
|
|
|
|
denied-peer-ip=2001::-2001:1ff:ffff:ffff:ffff:ffff:ffff:ffff
|
|
|
|
|
denied-peer-ip=2002::-2002:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
|
|
|
|
denied-peer-ip=fc00::-fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
|
|
|
|
denied-peer-ip=fe80::-febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
# /var/lib/postgresql
|
|
|
|
|
postgresql = {
|
|
|
|
|
enable = true;
|
2024-10-24 19:09:56 +03:00
|
|
|
package = pkgs.postgresql_16;
|
|
|
|
|
enableTCPIP = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
initialScript = pkgs.writeText "backend-initScript" ''
|
|
|
|
|
CREATE USER "matrix-synapse";
|
|
|
|
|
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
|
|
|
|
|
LOCALE 'C'
|
|
|
|
|
ENCODING 'UTF8'
|
|
|
|
|
TEMPLATE template0;
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
identMap = ''
|
2024-10-25 21:24:50 +03:00
|
|
|
superuser_map root mastodon
|
2024-04-22 11:05:42 +03:00
|
|
|
superuser_map mastodon mastodon
|
|
|
|
|
|
2024-02-23 01:56:51 +02:00
|
|
|
superuser_map root matrix-synapse
|
|
|
|
|
superuser_map matrix-synapse matrix-synapse
|
|
|
|
|
|
|
|
|
|
superuser_map root forgejo
|
|
|
|
|
superuser_map forgejo forgejo
|
|
|
|
|
|
2024-10-25 21:24:50 +03:00
|
|
|
superuser_map root postgres
|
|
|
|
|
superuser_map postgres postgres
|
|
|
|
|
|
|
|
|
|
superuser_map root wakapi
|
|
|
|
|
superuser_map wakapi wakapi
|
2024-11-09 14:16:29 +02:00
|
|
|
|
|
|
|
|
superuser_map root nextcloud
|
|
|
|
|
superuser_map nextcloud nextcloud
|
2024-02-23 01:56:51 +02:00
|
|
|
'';
|
|
|
|
|
authentication = pkgs.lib.mkOverride 10 ''
|
|
|
|
|
#type database DBuser auth-method optional_ident_map
|
|
|
|
|
local sameuser all peer map=superuser_map
|
|
|
|
|
'';
|
|
|
|
|
};
|
2024-03-06 12:41:16 +02:00
|
|
|
|
|
|
|
|
# /var/lib/matrix-synapse
|
2024-02-23 01:56:51 +02:00
|
|
|
matrix-synapse = {
|
|
|
|
|
enable = true;
|
|
|
|
|
|
|
|
|
|
extraConfigFiles = [
|
|
|
|
|
"/etc/secrets/synapse.yaml"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
settings = {
|
|
|
|
|
enable_registration = true;
|
|
|
|
|
registration_requires_token = true;
|
|
|
|
|
max_upload_size = "250M";
|
|
|
|
|
server_name = "catnip.ee";
|
|
|
|
|
public_baseurl = "https://matrix.catnip.ee/";
|
2024-03-06 17:39:08 +02:00
|
|
|
|
2024-03-22 15:16:50 +02:00
|
|
|
# Note: email submodule is defined in /etc/secrets/synapse.yaml as matrix doesnt merge the fields and it will fail to run
|
|
|
|
|
# email = {
|
|
|
|
|
# smtp_host = "mx1.sly.ee";
|
|
|
|
|
# smtp_user = "matrix@catnip.ee";
|
|
|
|
|
# smtp_pass = "";
|
|
|
|
|
# force_tls = true;
|
|
|
|
|
# notif_from = "Matrix <matrix@catnip.ee>";
|
|
|
|
|
# app_name = "Catnip.ee matrix";
|
|
|
|
|
# };
|
|
|
|
|
|
2024-03-06 17:39:08 +02:00
|
|
|
server_notices = {
|
|
|
|
|
system_mxid_localpart = "server";
|
|
|
|
|
system_mxid_display_name = "Server Notices";
|
|
|
|
|
system_mxid_avatar_url = "mxc://catnip.ee/LhehrbXOjfnhaJvFEWsXPtnm";
|
|
|
|
|
room_name = "Server Notices";
|
|
|
|
|
auto_join = true;
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
database = {
|
|
|
|
|
name = "psycopg2";
|
|
|
|
|
args = {
|
|
|
|
|
database = "matrix-synapse";
|
|
|
|
|
user = "matrix-synapse";
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-03-05 21:21:27 +02:00
|
|
|
listeners = [
|
|
|
|
|
{
|
2024-05-02 14:09:52 +03:00
|
|
|
bind_addresses = [ "127.0.0.1" ];
|
2024-10-25 21:04:10 +03:00
|
|
|
port = 8008;
|
2024-03-05 21:21:27 +02:00
|
|
|
resources = [
|
|
|
|
|
{
|
|
|
|
|
compress = true;
|
2024-05-02 14:09:52 +03:00
|
|
|
names = [ "client" "federation" ];
|
2024-03-05 21:21:27 +02:00
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
tls = false;
|
|
|
|
|
type = "http";
|
|
|
|
|
x_forwarded = true;
|
|
|
|
|
}
|
|
|
|
|
];
|
2024-02-23 01:56:51 +02:00
|
|
|
turn_uris = [
|
|
|
|
|
"turn:${config.services.coturn.realm}:3478?transport=udp"
|
|
|
|
|
"turn:${config.services.coturn.realm}:3478?transport=tcp"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
turn_user_lifetime = "1h";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
|
PermitRootLogin = "no";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2024-10-28 22:46:46 +02:00
|
|
|
# /var/lib/ntfy-sh
|
2024-02-23 01:56:51 +02:00
|
|
|
ntfy-sh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
2024-10-25 21:04:10 +03:00
|
|
|
listen-http = ":4006";
|
2024-02-23 01:56:51 +02:00
|
|
|
base-url = "https://ntfy.catnip.ee";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
cloudflare-dyndns = {
|
|
|
|
|
enable = true;
|
|
|
|
|
apiTokenFile = "/etc/secrets/cloudflare-dyndns.env";
|
2024-11-09 13:48:40 +02:00
|
|
|
ipv4 = true;
|
|
|
|
|
ipv6 = true;
|
2024-02-23 01:56:51 +02:00
|
|
|
domains = [
|
|
|
|
|
"catnip.ee"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
users = {
|
|
|
|
|
defaultUserShell = pkgs.fish;
|
2024-03-27 14:45:33 +02:00
|
|
|
|
2024-04-22 11:05:42 +03:00
|
|
|
users = {
|
|
|
|
|
caddy.extraGroups = [
|
|
|
|
|
config.systemd.services.coturn.serviceConfig.Group # caddy user needs to be part of coturn's group for certs
|
2024-03-05 21:21:27 +02:00
|
|
|
];
|
2024-04-22 11:05:42 +03:00
|
|
|
|
|
|
|
|
owo = {
|
|
|
|
|
isNormalUser = true;
|
2024-05-02 14:09:52 +03:00
|
|
|
extraGroups = [ "networkmanager" "wheel" "docker" ];
|
2024-04-22 11:05:42 +03:00
|
|
|
openssh.authorizedKeys.keys = [
|
2024-06-16 05:12:36 +03:00
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDhXnulnINZ/hBBwHhzl35UsFcFUwxwaaFVFwCgIgOHmlJhknhpq5UQDbV6JoouFMgN48uBDD5/vcYjvS0UYFMBTox0MmJK+Yt4AnNusHkf8j1XCiXxHsicQilxJgu7yZJJRd2TAIqWlautW+VjuXOssN08x0pvtiupefDz6Li7A4SnS1iGsNTgypJaemquEYRge3hC043kaubuSgqNKknK65zA9aLp9h31r9W5K6N+k+ll+TPyyWZdsJMnaqWmoIS1+fpAdG5wMPZbR503dLPFzdprwy8FSoTzkD8aKyEdtzzQboS3b7s2DfFvOy3uoKy5bcMOl6Fm1dos90TFiOjCQmF9+WKG8qteeAtizd04Fmi8JRipODCgkvDFj8YAHaB2w5+xNpCYwJTOdHQZflOo25725aIDXZ2afg3evSdVZgJ0PPiWs6fnJMqbJCrzLsBxfN7vAbWzHHTBIuXrtidwY/x/XTs5n4mm4OukyOQF5YjYXy39WIlzjk3uMR0m8ec= lain@navi" # desktop
|
|
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDTbuZLmu2F2EWMl1cXwZqYQwuFDyMyPf+d6MospDs+UaFzKFJdtDlb5+uFkkz9gHf8rCBOnXi6bLGgZNxUhTgEBka0RQVCIqRDjOJAWtwG0zLg/mQ9c1Ug2/9kH/PRjy+GGGzz3GVw7HNZNUjAkNr/kIX4t0L8uBqqkgcM/woBH8S/rV3Xs30XWi9mNkx1J4Z5fqtBBeF2GAd02i2PsUMnGfZSwwJy3mhBhI+Vw5mtsS1QJWd9LrsRfLbtzVHWm4MGr3O0F34ij8BV1uzaHfopn0vKilI/dq8HfjuYjKr33CB5f3C1OdcuFfwqE3ZDxZcaOshqXimt9MrYLXaMv0i7I7a3r33ij2hl9d9oh3Z72yt+wAAdgTJ23Xrwzr4P9Iu4BsayG5bQC6IVLv3Eef5TcPKSXmmtCr2hFLYUMQmlPptrUOf1tmB/7oYo3vJe2cz07PxuxZZ20F3MXugoUTfsnuwAH2chT4xL/TnS4Kbs12QoPFjdG1v/0Z8fVD1ysoU= mina@navi" # laptop
|
2024-04-22 11:05:42 +03:00
|
|
|
];
|
|
|
|
|
packages = with pkgs; [
|
|
|
|
|
firefox
|
2024-11-09 12:59:15 +02:00
|
|
|
|
2024-04-22 11:05:42 +03:00
|
|
|
helix
|
|
|
|
|
mpv
|
|
|
|
|
croc
|
|
|
|
|
ffmpeg
|
|
|
|
|
speedtest-cli
|
|
|
|
|
htop
|
|
|
|
|
progress
|
|
|
|
|
duperemove
|
|
|
|
|
tmux
|
2024-11-09 12:59:15 +02:00
|
|
|
du-dust # du alternative
|
|
|
|
|
dogedns # dig alternative
|
2024-04-22 11:05:42 +03:00
|
|
|
];
|
|
|
|
|
};
|
2024-02-23 01:56:51 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2024-03-06 15:20:38 +02:00
|
|
|
system.stateVersion = "23.05";
|
2024-02-23 01:56:51 +02:00
|
|
|
}
|
