nixfiles/hosts/hetzner-arm/hetzner-arm.nix

{
  tree,
  lib,
  ...
}: let
  inherit (lib.lists) forEach;
in {
  imports = with tree;
    [
      presets.nixos.serverBase
      presets.nixos.serverHetzner
      presets.nixos.serverEncryptedDrive

      profiles.nginx
      profiles.firewallAllow.httpCommon

      profiles.chaosInternalWireGuard

      ./hardware.nix
      ./secrets.nix
    ]
    ++ (forEach [
      "social"
      "storage"
      "music"
      "quassel"
      "postgresql"
      "mail"
      "forgejo"
      "caldav"
      "owncast"
      "jellyfin"
      "grocy"
      #"rss"
      "vault-ca"
    ] (name: ./containers + "/${name}"))
    ++ (with hosts.hetzner-arm.profiles; [
      staticSites
    ]);

  # For Containers
  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "enp1s0";
  };

  networking.hostName = "hetzner-arm";

  home-manager.users.root.home.stateVersion = "23.05";
  system.stateVersion = "23.05";
}
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00			`{`
			`tree,`
			`lib,`
			`...`
			`}: let`
			`inherit (lib.lists) forEach;`
			`in {`
			`imports = with tree;`
			`[`
			`presets.nixos.serverBase`
			`presets.nixos.serverHetzner`
			`presets.nixos.serverEncryptedDrive`

migrate hetzner-vm to hetzner-arm; piped currently dead 2023-09-21 05:06:27 +01:00			`profiles.nginx`
			`profiles.firewallAllow.httpCommon`
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00
migrate hetzner-vm to hetzner-arm; piped currently dead 2023-09-21 05:06:27 +01:00			`profiles.chaosInternalWireGuard`
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00
			`./hardware.nix`
			`./secrets.nix`
			`]`
			`++ (forEach [`
migrate hetzner-vm to hetzner-arm; piped currently dead 2023-09-21 05:06:27 +01:00			`"social"`
			`"storage"`
			`"music"`
			`"quassel"`
move all postgres to one daemon, redo wireguard some, roundcube is haunted and network interface is broken somehow 2023-10-02 03:08:24 +01:00			`"postgresql"`
migrate hetzner-vm to hetzner-arm; piped currently dead 2023-09-21 05:06:27 +01:00			`"mail"`
add forgejo to hetzner-arm 2023-09-30 12:37:07 +01:00			`"forgejo"`
add caldav/carddav server & redo some htpasswd stuff 2023-10-10 22:22:54 +01:00			`"caldav"`
add backups for owncast 2023-10-27 17:44:32 +01:00			`"owncast"`
add jellyfin and rclone fuse mount capability finally 2023-10-31 19:40:51 +00:00			`"jellyfin"`
add grocy 2024-02-08 20:21:35 +00:00			`"grocy"`
Update hosts/hetzner-arm/hetzner-arm.nix 2024-05-24 19:58:11 +01:00			`#"rss"`
rename vault-ca container 2024-05-24 20:07:25 +01:00			`"vault-ca"`
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00			`] (name: ./containers + "/${name}"))`
migrate hetzner-vm to hetzner-arm; piped currently dead 2023-09-21 05:06:27 +01:00			`++ (with hosts.hetzner-arm.profiles; [`
move all static sites here and change repo URIs 2023-09-30 15:34:06 +01:00			`staticSites`
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00			`]);`

			`# For Containers`
			`networking.nat = {`
			`enable = true;`
			`internalInterfaces = ["ve-+"];`
			`externalInterface = "enp1s0";`
			`};`

			`networking.hostName = "hetzner-arm";`

			`home-manager.users.root.home.stateVersion = "23.05";`
			`system.stateVersion = "23.05";`
			`}`