2022-10-13 23:58:48 +02:00
|
|
|
{ secrets, ... }:
|
2022-03-07 16:01:52 +01:00
|
|
|
{
|
2022-06-21 01:47:36 +02:00
|
|
|
imports = [
|
2022-06-22 20:16:57 +02:00
|
|
|
./hardware-configuration.nix
|
2022-03-07 16:01:52 +01:00
|
|
|
|
2022-06-21 01:47:36 +02:00
|
|
|
# ./services/calibre.nix
|
2022-06-22 20:16:57 +02:00
|
|
|
# ./services/dokuwiki.nix
|
2022-06-21 01:47:36 +02:00
|
|
|
./services/gitea
|
2022-06-22 20:16:57 +02:00
|
|
|
# ./services/gitlab
|
2022-06-21 01:47:36 +02:00
|
|
|
./services/grafana.nix
|
|
|
|
|
./services/hydra.nix
|
2022-10-13 23:58:48 +02:00
|
|
|
# ./services/jitsi.nix
|
2022-06-21 01:47:36 +02:00
|
|
|
# ./services/keycloak.nix
|
|
|
|
|
# ./services/libvirt.nix
|
2022-06-22 20:16:57 +02:00
|
|
|
./services/matrix
|
2022-10-13 23:58:48 +02:00
|
|
|
./services/nginx
|
2022-06-22 20:16:57 +02:00
|
|
|
# ./services/openldap.nix
|
|
|
|
|
# ./services/openvpn.nix
|
2022-06-21 01:47:36 +02:00
|
|
|
./services/plex.nix
|
2022-06-22 20:16:57 +02:00
|
|
|
./services/postgres.nix
|
|
|
|
|
./services/samba.nix
|
|
|
|
|
./services/searx.nix
|
|
|
|
|
# ./services/syncthing.nix
|
2022-06-21 01:47:36 +02:00
|
|
|
./services/vscode-server.nix
|
2022-06-22 20:16:57 +02:00
|
|
|
];
|
2022-03-07 16:01:52 +01:00
|
|
|
|
2022-06-21 01:47:36 +02:00
|
|
|
# TODO: See ../common.nix
|
|
|
|
|
services.xserver.enable = false;
|
|
|
|
|
services.xserver.displayManager.lightdm.enable = false;
|
|
|
|
|
|
|
|
|
|
machineVars = {
|
|
|
|
|
headless = true;
|
2022-06-02 16:33:21 +02:00
|
|
|
dataDrives = let
|
2022-06-22 20:16:57 +02:00
|
|
|
momiji = "/data2";
|
|
|
|
|
in {
|
|
|
|
|
drives = {
|
|
|
|
|
cirno = "/data";
|
|
|
|
|
inherit momiji;
|
|
|
|
|
};
|
|
|
|
|
default = momiji;
|
|
|
|
|
};
|
2022-06-21 01:47:36 +02:00
|
|
|
};
|
|
|
|
|
|
2022-03-07 16:01:52 +01:00
|
|
|
systemd.targets = {
|
|
|
|
|
sleep.enable = false;
|
|
|
|
|
suspend.enable = false;
|
|
|
|
|
hibernate.enable = false;
|
|
|
|
|
hybrid-sleep.enable = false;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# security.pam.services.login.unixAuth = true;
|
|
|
|
|
|
|
|
|
|
boot.loader = {
|
|
|
|
|
grub = {
|
|
|
|
|
enable = true;
|
|
|
|
|
version = 2;
|
|
|
|
|
efiSupport = true;
|
|
|
|
|
fsIdentifier = "label";
|
|
|
|
|
device = "nodev";
|
|
|
|
|
efiInstallAsRemovable = true;
|
|
|
|
|
};
|
|
|
|
|
# efi.efiSysMountPoint = "/boot/efi";
|
|
|
|
|
# efi.canTouchEfiVariables = true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
hostName = "Tsuki";
|
|
|
|
|
networkmanager.enable = true;
|
|
|
|
|
interfaces.ens18.useDHCP = true;
|
|
|
|
|
firewall.enable=true;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services = {
|
2022-06-12 00:07:40 +02:00
|
|
|
openssh.enable = true;
|
2022-03-07 16:01:52 +01:00
|
|
|
printing.enable = true;
|
|
|
|
|
cron = {
|
|
|
|
|
enable = true;
|
|
|
|
|
systemCronJobs = [
|
|
|
|
|
# "*/5 * * * * root date >> /tmp/cron.log"
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2022-06-02 16:33:21 +02:00
|
|
|
users = {
|
2022-10-13 23:58:48 +02:00
|
|
|
users = {
|
|
|
|
|
media = {
|
|
|
|
|
description = "User responsible for owning all sorts of server media files";
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
group = "media";
|
|
|
|
|
};
|
|
|
|
|
nix-builder = {
|
|
|
|
|
description = "User for executing distributed builds via SSH";
|
|
|
|
|
isSystemUser = true;
|
|
|
|
|
group = "nix-builder";
|
|
|
|
|
openssh.authorizedKeys.keyFiles = [ secrets.keys.ssh.nixBuilders.tsuki.public ];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
groups = {
|
|
|
|
|
media = {};
|
|
|
|
|
nix-builder = {};
|
2022-03-07 16:01:52 +01:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
virtualisation = {
|
|
|
|
|
docker.enable = true;
|
|
|
|
|
};
|
|
|
|
|
}
|
