commit 68a6046667340673f696a71f7ca355c97e729f2b
Author: Louis Pearson <opensource@louispearson.work>
Date:   Fri Dec 29 14:42:11 2023 -0700

    feat: initial commit adding existing configuration

diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..3189c94
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,190 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{ config, lib, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+    ];
+
+  # Use the `systemd-boot` boot loader
+  boot.loader.systemd-boot.enable = true;
+  
+  networking.hostName = "samsehu"; # Define your hostname.
+
+  # Pick only one of the below networking options.
+  networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+
+  # Set your time zone.
+  time.timeZone = "America/Denver";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+  # console = {
+  #   font = "Lat2-Terminus16";
+  #   keyMap = "us";
+  #   useXkbConfig = true; # use xkb.options in tty.
+  # };
+
+ 
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable sound.
+  sound.enable = true;
+  hardware.pulseaudio.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.geemili = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+    packages = with pkgs; [ ];
+  };
+
+  users.users.desttinghim = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+    packages = with pkgs; [ ];
+  };
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    helix
+    wget
+  ];
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  services.cockpit = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.udisks2.enable = true;
+
+  services.jellyfin = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.blocky = {
+    enable = true;
+    settings = {
+      ports.dns = 53;
+      ports.http = 4000;
+      upstreams = {  
+        # Picks 2 random resolvers and returns answer from fastest one. Read docs for more info.
+        strategy = "parallel_best";
+        groups.default = [
+          # CloudFlare
+          "https://one.one.one.one/dns-query"
+          # OpenDNS
+          "https://doh.opendns.com/dns-query"
+          # Google
+          "8.8.8.8"
+          "8.8.4.4"
+          "2001:4860:4860::8888"
+          "2001:4860:4860::8844"
+          # Comcast/Our ISP
+          "75.75.75.75"
+          "75.75.76.76"
+        ];
+      };
+      bootstrapDns = {
+        upstream = "https://one.one.one.one/dns-query";
+        ips = [ "1.1.1.1" "1.0.0.1" ];
+      };
+      blocking = {
+        blackLists = {
+          ads = ["https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"];
+        };
+        clientGroupsBlock = {
+          default = [ "ads" ];
+        };
+      };
+    };
+  };
+
+  services.forgejo = {
+    enable = true;
+  };
+
+  services.lldap = {
+    enable = true;
+    settings = {
+      ldap_base_dn = "dc=twins,dc=pearson";
+      # Sets the root administrator's user name
+      ldap_user_dn = "admin";
+      # Default administrator password
+      ldap_user_pass = "extending pulsate nastily";
+    };
+  };
+
+  # Enable automatic upgrades
+  system.autoUpgrade.enable = true;
+  system.autoUpgrade.allowReboot = true;
+
+  # Enable automatic garbage collection
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 30d";
+  };
+
+  # Open ports in the firewall.
+  networking.firewall.enable = true;
+  networking.firewall.allowedTCPPorts = [
+    # Blocky DNS
+    53
+
+    # Blocky API
+    4000
+
+    # Forgejo web interface
+    3000
+
+    # lldap LDAP
+    3890
+
+    # lldap HTTP; user login and administration
+    17170
+  ];
+  networking.firewall.allowedUDPPorts = [
+    # Blocky DNS
+    53
+  ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  # Copy the NixOS configuration file and link it from the resulting system
+  # (/run/current-system/configuration.nix). This is useful in case you
+  # accidentally delete configuration.nix.
+  # system.copySystemConfiguration = true;
+
+  # This option defines the first version of NixOS you have installed on this particular machine,
+  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any reason,
+  # even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
+  # so changing it will NOT upgrade your system.
+  #
+  # This value being lower than the current NixOS release does NOT mean your system is
+  # out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "23.11"; # Did you read the comment?
+
+}
+