nix-dotfiles/hosts/tsuki/configuration.nix

151 lines
3.5 KiB
Nix
Raw Normal View History

{ config, lib, secrets, modulesPath, ... }:
2022-03-07 16:01:52 +01:00
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
2022-03-07 16:01:52 +01:00
# ./services/calibre.nix
./services/gitea
./services/grafana
2023-01-16 17:16:07 +01:00
./services/headscale.nix
./services/hedgedoc.nix
./services/hydra.nix
2023-05-08 01:51:02 +02:00
./services/invidious.nix
# ./services/jitsi.nix
2022-11-05 22:49:54 +01:00
./services/jupyter.nix
2023-03-06 21:12:14 +01:00
./services/kanidm.nix
# ./services/keycloak.nix
2022-06-22 20:16:57 +02:00
./services/matrix
2023-01-16 16:06:34 +01:00
./services/minecraft
./services/nextcloud.nix
./services/nginx
2023-01-04 14:32:11 +01:00
./services/osuchan.nix
./services/pgadmin.nix
./services/plex.nix
2022-06-22 20:16:57 +02:00
./services/postgres.nix
./services/vscode-server.nix
2022-06-22 20:16:57 +02:00
];
2022-03-07 16:01:52 +01:00
machineVars = {
headless = true;
dataDrives = {
2022-06-22 20:16:57 +02:00
drives = {
backup = "/data2/backup";
momiji = "/data2/momiji";
cirno = "/data2/cirno";
media = "/data2/media";
postgres = "/data2/postgres";
home = "/data2/home";
2022-06-22 20:16:57 +02:00
};
default = "/data2/momiji";
2022-06-22 20:16:57 +02:00
};
};
2022-03-07 16:01:52 +01:00
systemd.targets = {
sleep.enable = false;
suspend.enable = false;
hibernate.enable = false;
hybrid-sleep.enable = false;
};
# security.pam.services.login.unixAuth = true;
networking = {
hostName = "Tsuki";
networkmanager.enable = true;
interfaces.ens18.useDHCP = true;
firewall.enable=true;
};
services = {
openssh.enable = true;
2022-03-07 16:01:52 +01:00
printing.enable = true;
cron = {
enable = true;
systemCronJobs = [
# "*/5 * * * * root date >> /tmp/cron.log"
];
};
};
2022-06-02 16:33:21 +02:00
users = {
users = {
media = {
description = "User responsible for owning all sorts of server media files";
isSystemUser = true;
group = "media";
};
nix-builder = {
description = "User for executing distributed builds via SSH";
isSystemUser = true;
group = "nix-builder";
openssh.authorizedKeys.keyFiles = [ secrets.keys.ssh.nixBuilders.tsuki.public ];
};
};
groups = {
media = {};
2022-03-07 16:01:52 +01:00
};
};
sops.secrets."drives/cirno/credentials" = {};
fileSystems = let
nfsDrive = drivename: {
device = "10.0.0.36:/mnt/PoolsClosed/${drivename}";
fsType = "nfs";
options = [ "vers=3" "local_lock=all" ];
};
in {
"/" = {
device = "/dev/disk/by-uuid/54b9fd58-0df5-410c-ab87-766860967653";
fsType = "btrfs";
};
"/boot" = {
device = "/dev/disk/by-uuid/0A60-2885";
fsType = "vfat";
};
"/data2/backup" = nfsDrive "backup";
"/data2/momiji" = nfsDrive "momiji";
"/data2/media" = nfsDrive "media";
"/data2/postgres" = nfsDrive "postgres";
"/data2/home" = nfsDrive "home";
"/data2/cirno" = {
device = "//10.0.0.36/cirno";
fsType = "cifs";
options = [
"vers=3.0"
"cred=${config.sops.secrets."drives/cirno/credentials".path}"
"rw"
"uid=1000"
];
};
};
swapDevices = [{ device = "/dev/disk/by-uuid/92a1a33f-89a8-45de-a45e-6c303172cd7f"; }];
2022-03-07 16:01:52 +01:00
virtualisation = {
docker.enable = true;
};
boot = {
initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ ];
extraModulePackages = [ ];
loader = {
grub = {
enable = true;
version = 2;
efiSupport = true;
fsIdentifier = "label";
device = "nodev";
efiInstallAsRemovable = true;
};
# efi.efiSysMountPoint = "/boot/efi";
# efi.canTouchEfiVariables = true;
};
};
2022-03-07 16:01:52 +01:00
}