2023-09-20 18:44:24 +01:00
|
|
|
{
|
|
|
|
|
tree,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
|
|
|
|
inherit (lib.lists) forEach;
|
|
|
|
|
in {
|
|
|
|
|
imports = with tree;
|
|
|
|
|
[
|
|
|
|
|
presets.nixos.serverBase
|
|
|
|
|
presets.nixos.serverHetzner
|
|
|
|
|
presets.nixos.serverEncryptedDrive
|
|
|
|
|
|
2023-09-21 05:06:27 +01:00
|
|
|
profiles.nginx
|
|
|
|
|
profiles.firewallAllow.httpCommon
|
2023-09-20 18:44:24 +01:00
|
|
|
|
2023-09-21 05:06:27 +01:00
|
|
|
profiles.chaosInternalWireGuard
|
2023-09-20 18:44:24 +01:00
|
|
|
|
|
|
|
|
./hardware.nix
|
|
|
|
|
./secrets.nix
|
|
|
|
|
]
|
|
|
|
|
++ (forEach [
|
2023-09-21 05:06:27 +01:00
|
|
|
"social"
|
|
|
|
|
"storage"
|
|
|
|
|
"music"
|
|
|
|
|
"quassel"
|
2023-09-21 16:59:51 +01:00
|
|
|
"piped-db"
|
2023-09-21 05:06:27 +01:00
|
|
|
"piped-fi"
|
|
|
|
|
"mail"
|
2023-09-30 12:37:07 +01:00
|
|
|
"forgejo"
|
2023-09-20 18:44:24 +01:00
|
|
|
] (name: ./containers + "/${name}"))
|
2023-09-21 05:06:27 +01:00
|
|
|
++ (with hosts.hetzner-arm.profiles; [
|
2023-09-30 15:34:06 +01:00
|
|
|
staticSites
|
2023-09-20 18:44:24 +01:00
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
# For Containers
|
|
|
|
|
networking.nat = {
|
|
|
|
|
enable = true;
|
|
|
|
|
internalInterfaces = ["ve-+"];
|
|
|
|
|
externalInterface = "enp1s0";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking.hostName = "hetzner-arm";
|
|
|
|
|
|
|
|
|
|
home-manager.users.root.home.stateVersion = "23.05";
|
|
|
|
|
system.stateVersion = "23.05";
|
|
|
|
|
}
|
