nixfiles/hosts/hetzner-arm/hetzner-arm.nix

{
  tree,
  lib,
  ...
}: let
  inherit (lib.lists) forEach;
in {
  imports = with tree;
    [
      presets.nixos.serverBase
      presets.nixos.serverHetzner
      presets.nixos.serverEncryptedDrive

      #profiles.nginx
      #profiles.firewallAllow.httpCommon

      #profiles.chaosInternalWireGuard

      ./hardware.nix
      ./secrets.nix
    ]
    ++ (forEach [
      #"social"
      #"storage"
      #"music"
      #"quassel"
      #"piped-fi"
      #"mail"
    ] (name: ./containers + "/${name}"))
    ++ (with hosts.hetzner-vm.profiles; [
      #vaultUI
      #gitlabStaticSites
    ]);

  # For Containers
  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "enp1s0";
  };

  networking.hostName = "hetzner-arm";

  home-manager.users.root.home.stateVersion = "23.05";
  system.stateVersion = "23.05";
}
start work on hetzner-arm for real now 2023-09-20 18:44:24 +01:00			`{`
			`tree,`
			`lib,`
			`...`
			`}: let`
			`inherit (lib.lists) forEach;`
			`in {`
			`imports = with tree;`
			`[`
			`presets.nixos.serverBase`
			`presets.nixos.serverHetzner`
			`presets.nixos.serverEncryptedDrive`

			`#profiles.nginx`
			`#profiles.firewallAllow.httpCommon`

			`#profiles.chaosInternalWireGuard`

			`./hardware.nix`
			`./secrets.nix`
			`]`
			`++ (forEach [`
			`#"social"`
			`#"storage"`
			`#"music"`
			`#"quassel"`
			`#"piped-fi"`
			`#"mail"`
			`] (name: ./containers + "/${name}"))`
			`++ (with hosts.hetzner-vm.profiles; [`
			`#vaultUI`
			`#gitlabStaticSites`
			`]);`

			`# For Containers`
			`networking.nat = {`
			`enable = true;`
			`internalInterfaces = ["ve-+"];`
			`externalInterface = "enp1s0";`
			`};`

			`networking.hostName = "hetzner-arm";`

			`home-manager.users.root.home.stateVersion = "23.05";`
			`system.stateVersion = "23.05";`
			`}`