# Overall configuration # Copyright (C) 2022-2024 Nguyễn Gia Phong # # This file is part of loang configuration. # # Loang configuration is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published # by the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Loang configuration is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # # You should have received a copy of the GNU Affero General Public License # along with loang configuration. If not, see . { pkgs, ... }: { environment = { enableAllTerminfo = true; systemPackages = with pkgs; [ git htop man-pages rsync vim ]; }; fileSystems."/mnt/nas" = { device = "172.16.129.228:/nas/4905"; options = [ "nfsvers=3" ]; fsType = "nfs"; }; imports = [ ./access.nix ./automation.nix ./dbms.nix ./dns.nix ./fail2ban.nix ./irc.nix ./git.nix ./mail.nix ./matrix.nix ./music.nix ./push.nix ./static.nix ./status.nix ./vpsadminos.nix ./wikiwiki.nix ]; networking = { domain = "loang.net"; hostName = "brno"; nftables = { enable = true; ruleset = '' table inet filter { # https://openai.com/gptbot-ranges.txt set gptbot_ipv4 { type ipv4_addr flags interval elements = { 20.15.240.64/28, 20.15.240.80/28, 20.15.240.96/28, 20.15.240.176/28, 20.15.241.0/28, 20.15.242.128/28, 20.15.242.144/28, 20.15.242.192/28, 40.83.2.64/28 } } chain output { type filter hook output priority 0 policy accept ip daddr @gptbot_ipv4 counter reject } chain input { type filter hook output priority 0 policy accept ip saddr @gptbot_ipv4 counter reject } } ''; }; }; system.stateVersion = "22.05"; systemd.extraConfig = '' DefaultTimeoutStartSec=900s ''; time.timeZone = "UTC"; }