nix-dotfiles/hosts/tsuki/configuration.nix

{ secrets, ... }:
{
  imports = [
    ./hardware-configuration.nix
    ./extra-hardware-configuration.nix

    # ./services/calibre.nix
    ./services/gitea
    ./services/grafana
    ./services/hydra.nix
    # ./services/jitsi.nix
    ./services/jupyter.nix
    # ./services/keycloak.nix
    ./services/matrix
    ./services/minecraft
    ./services/nginx
    ./services/osuchan.nix
    ./services/plex.nix
    ./services/postgres.nix
    ./services/vscode-server.nix
  ];

  # TODO: See ../common.nix
  services.xserver.enable = false;
  services.xserver.displayManager.lightdm.enable = false;

  machineVars = {
    headless = true;
    dataDrives = {
      drives = {
        backup = "/data2/backup";
        momiji = "/data2/momiji";
        cirno = "/data2/cirno";
        media = "/data2/media";
        postgres = "/data2/postgres";
        home = "/data2/home";
      };
      default = "/data2/momiji";
    };
  };

  systemd.targets = {
    sleep.enable = false;
    suspend.enable = false;
    hibernate.enable = false;
    hybrid-sleep.enable = false;
  };

  # security.pam.services.login.unixAuth = true;

  boot.loader = {
    grub = {
      enable = true;
      version = 2;
      efiSupport = true;
      fsIdentifier = "label";
      device = "nodev";
      efiInstallAsRemovable = true;
    };
    # efi.efiSysMountPoint = "/boot/efi";
    # efi.canTouchEfiVariables = true;
  };

  networking = {
    hostName = "Tsuki";
    networkmanager.enable = true;
    interfaces.ens18.useDHCP = true;
    firewall.enable=true;
  };

  services = {
    openssh.enable = true;
    printing.enable = true;
    cron = {
      enable = true;
      systemCronJobs = [
    #     "*/5 * * * *      root    date >> /tmp/cron.log"
      ];
    };
  };

  users = {
    users = {
      media = {
        description = "User responsible for owning all sorts of server media files";
        isSystemUser = true;
        group = "media";
      };
      nix-builder = {
        description = "User for executing distributed builds via SSH";
        isSystemUser = true;
        group = "nix-builder";
        openssh.authorizedKeys.keyFiles = [ secrets.keys.ssh.nixBuilders.tsuki.public ];
      };
    };
    groups = {
      media = {};
      nix-builder = {};
    };
  };

  virtualisation = {
    docker.enable = true;
  };
}
Added nix builder config for tsuki and isvegg - Also updated nix package name 2022-10-13 23:58:48 +02:00			`{ secrets, ... }:`
Initial commit 2022-03-07 16:01:52 +01:00			`{`
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`imports = [`
Several changes 2022-06-22 20:16:57 +02:00			`./hardware-configuration.nix`
tsuki: move all datafiles/drives to TrueNAS NFS 2023-01-03 22:59:30 +01:00			`./extra-hardware-configuration.nix`
Initial commit 2022-03-07 16:01:52 +01:00
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`# ./services/calibre.nix`
			`./services/gitea`
grafana: split up configuration + postgres - Move `services/grafana.nix` to `services/grafana/default.nix` - Split up all data collectors into separate files under `services/grafana` - Make grafana use postgres as its database 2022-11-24 15:20:43 +01:00			`./services/grafana`
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`./services/hydra.nix`
Added nix builder config for tsuki and isvegg - Also updated nix package name 2022-10-13 23:58:48 +02:00			`# ./services/jitsi.nix`
Add config for jupyter 2022-11-05 22:49:54 +01:00			`./services/jupyter.nix`
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`# ./services/keycloak.nix`
Several changes 2022-06-22 20:16:57 +02:00			`./services/matrix`
tsuki: set up minecraft server 2023-01-16 16:06:34 +01:00			`./services/minecraft`
Added nix builder config for tsuki and isvegg - Also updated nix package name 2022-10-13 23:58:48 +02:00			`./services/nginx`
tsuki: add osuchan service 2023-01-04 14:32:11 +01:00			`./services/osuchan.nix`
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`./services/plex.nix`
Several changes 2022-06-22 20:16:57 +02:00			`./services/postgres.nix`
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`./services/vscode-server.nix`
Several changes 2022-06-22 20:16:57 +02:00			`];`
Initial commit 2022-03-07 16:01:52 +01:00
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`# TODO: See ../common.nix`
			`services.xserver.enable = false;`
			`services.xserver.displayManager.lightdm.enable = false;`

			`machineVars = {`
			`headless = true;`
tsuki: move all datafiles/drives to TrueNAS NFS 2023-01-03 22:59:30 +01:00			`dataDrives = {`
Several changes 2022-06-22 20:16:57 +02:00			`drives = {`
tsuki: move all datafiles/drives to TrueNAS NFS 2023-01-03 22:59:30 +01:00			`backup = "/data2/backup";`
			`momiji = "/data2/momiji";`
			`cirno = "/data2/cirno";`
			`media = "/data2/media";`
			`postgres = "/data2/postgres";`
			`home = "/data2/home";`
Several changes 2022-06-22 20:16:57 +02:00			`};`
tsuki: move all datafiles/drives to TrueNAS NFS 2023-01-03 22:59:30 +01:00			`default = "/data2/momiji";`
Several changes 2022-06-22 20:16:57 +02:00			`};`
Move colors and machinevars into modules 2022-06-21 01:47:36 +02:00			`};`

Initial commit 2022-03-07 16:01:52 +01:00			`systemd.targets = {`
			`sleep.enable = false;`
			`suspend.enable = false;`
			`hibernate.enable = false;`
			`hybrid-sleep.enable = false;`
			`};`

			`# security.pam.services.login.unixAuth = true;`

			`boot.loader = {`
			`grub = {`
			`enable = true;`
			`version = 2;`
			`efiSupport = true;`
			`fsIdentifier = "label";`
			`device = "nodev";`
			`efiInstallAsRemovable = true;`
			`};`
			`# efi.efiSysMountPoint = "/boot/efi";`
			`# efi.canTouchEfiVariables = true;`
			`};`

			`networking = {`
			`hostName = "Tsuki";`
			`networkmanager.enable = true;`
			`interfaces.ens18.useDHCP = true;`
			`firewall.enable=true;`
			`};`

			`services = {`
Extract lots of host config to common config 2022-06-12 00:07:40 +02:00			`openssh.enable = true;`
Initial commit 2022-03-07 16:01:52 +01:00			`printing.enable = true;`
			`cron = {`
			`enable = true;`
			`systemCronJobs = [`
			`# "/5 * * * root date >> /tmp/cron.log"`
			`];`
			`};`
			`};`

Pull out more host settings to common 2022-06-02 16:33:21 +02:00			`users = {`
Added nix builder config for tsuki and isvegg - Also updated nix package name 2022-10-13 23:58:48 +02:00			`users = {`
			`media = {`
			`description = "User responsible for owning all sorts of server media files";`
			`isSystemUser = true;`
			`group = "media";`
			`};`
			`nix-builder = {`
			`description = "User for executing distributed builds via SSH";`
			`isSystemUser = true;`
			`group = "nix-builder";`
			`openssh.authorizedKeys.keyFiles = [ secrets.keys.ssh.nixBuilders.tsuki.public ];`
			`};`
			`};`
			`groups = {`
			`media = {};`
			`nix-builder = {};`
Initial commit 2022-03-07 16:01:52 +01:00			`};`
			`};`

			`virtualisation = {`
			`docker.enable = true;`
			`};`
			`}`