mirror of
https://github.com/JulienMalka/snowfield.git
synced 2025-04-02 18:20:52 +02:00
66 lines
1.5 KiB
Nix
66 lines
1.5 KiB
Nix
{ config, pkgs, lib, modulesPath, ... }:
|
|
let
|
|
hostName = "newton";
|
|
in
|
|
{
|
|
|
|
imports =
|
|
[
|
|
(modulesPath + "/installer/scan/not-detected.nix")
|
|
./hardware.nix
|
|
./home-julien.nix
|
|
../../users/julien.nix
|
|
../../users/default.nix
|
|
];
|
|
|
|
luj = {
|
|
filerun = {
|
|
enable = true;
|
|
subdomain = "cloud";
|
|
};
|
|
paperless = {
|
|
enable = true;
|
|
nginx.enable = true;
|
|
nginx.subdomain = "papers";
|
|
};
|
|
zfs-mails.enable = true;
|
|
zfs-mails.name = hostName;
|
|
zfs-mails.smart.enable = true;
|
|
};
|
|
|
|
networking.hostName = hostName;
|
|
networking.hostId = "f7cdfbc9";
|
|
networking.interfaces.enp2s0f0.useDHCP = true;
|
|
networking.interfaces.enp2s0f1.useDHCP = true;
|
|
|
|
services.fail2ban.enable = true;
|
|
|
|
services.zfs.autoSnapshot.enable = true;
|
|
services.zfs.autoScrub.enable = true;
|
|
|
|
environment.systemPackages = [ pkgs.tailscale ];
|
|
|
|
# enable the tailscale service
|
|
services.tailscale.enable = true;
|
|
networking.nameservers = [ "100.127.245.71" "9.9.9.9" ];
|
|
environment.etc."resolv.conf" = with lib; with pkgs; {
|
|
source = writeText "resolv.conf" ''
|
|
${concatStringsSep "\n" (map (ns: "nameserver ${ns}") config.networking.nameservers)}
|
|
options edns0
|
|
'';
|
|
};
|
|
|
|
services.openssh.extraConfig = ''
|
|
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
|
|
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
TrustedUserCAKeys /etc/ssh/ssh_user_key.pub
|
|
MaxAuthTries 20
|
|
'';
|
|
|
|
|
|
|
|
system.stateVersion = "21.05";
|
|
|
|
|
|
|
|
}
|