nixfiles/hosts/hetzner-vm/hetzner-vm.nix

{
  tree,
  lib,
  ...
}: let
  inherit (lib.lists) forEach;
in {
  imports = with tree;
    [
      presets.nixos.serverBase
      presets.nixos.serverHetzner

      profiles.nginx
      profiles.firewallAllow.httpCommon

      profiles.cross.arm64
      profiles.chaosInternalWireGuard

      ./hardware.nix
      ./secrets.nix
    ]
    ++ (forEach [
      "social"
      "storage"
      "music"
      "quassel"
      "piped-fi"
      "mail"
    ] (name: ./containers + "/${name}"))
    ++ (with hosts.hetzner-vm.profiles; [
      vaultUI
      gitlabStaticSites
    ]);

  # For Containers
  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "enp1s0";
  };

  networking.hostName = "hetzner-vm";

  home-manager.users.root.home.stateVersion = "23.05";
  system.stateVersion = "23.05";
}
move container addresses to a data file, add journalctl-vaccum-all 2023-08-01 19:48:37 +01:00			`{`
			`tree,`
			`lib,`
			`...`
major tidy 2023-09-18 03:56:58 +01:00			`}: let`
			`inherit (lib.lists) forEach;`
			`in {`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`imports = with tree;`
			`[`
major tidy 2023-09-18 03:56:58 +01:00			`presets.nixos.serverBase`
			`presets.nixos.serverHetzner`
moved storage host to a container inside hetzner-vm 2022-12-15 14:33:39 +00:00
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`profiles.nginx`
major tidy 2023-09-18 03:56:58 +01:00			`profiles.firewallAllow.httpCommon`

piped-proxy on raspberry 2023-09-14 19:44:27 +01:00			`profiles.cross.arm64`
major tidy 2023-09-18 03:56:58 +01:00			`profiles.chaosInternalWireGuard`
add jitsi, nginx and vault 2021-12-28 21:42:46 +00:00
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`./hardware.nix`
			`./secrets.nix`
			`]`
major tidy 2023-09-18 03:56:58 +01:00			`++ (forEach [`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`"social"`
wireguard for raspberry, outputs.nix tidy, enable generating of vault policies 2023-09-14 13:54:56 +01:00			`"storage"`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`"music"`
			`"quassel"`
more work on piped stuff 2023-09-19 17:53:44 +01:00			`"piped-fi"`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`"mail"`
			`] (name: ./containers + "/${name}"))`
			`++ (with hosts.hetzner-vm.profiles; [`
major tidy 2023-09-18 03:56:58 +01:00			`vaultUI`
			`gitlabStaticSites`
add vaultui flake, minor tidying, start work on raspberry machine 2023-09-13 16:21:54 +01:00			`]);`
add hetzner-vm and remove pinetab 2021-12-28 15:09:51 +00:00
matrix, more updates 2022-12-20 15:28:31 +00:00			`# For Containers`
			`networking.nat = {`
			`enable = true;`
			`internalInterfaces = ["ve-+"];`
try to make debugging a bit easier 2023-09-20 16:18:44 +01:00			`externalInterface = "enp1s0";`
matrix, more updates 2022-12-20 15:28:31 +00:00			`};`

add hetzner-vm and remove pinetab 2021-12-28 15:09:51 +00:00			`networking.hostName = "hetzner-vm";`

major tidy 2023-09-18 03:56:58 +01:00			`home-manager.users.root.home.stateVersion = "23.05";`
allow generating secrets init scripts outside of module, run deadnix&formatter, update state versions 2023-09-11 23:22:18 +01:00			`system.stateVersion = "23.05";`
add hetzner-vm and remove pinetab 2021-12-28 15:09:51 +00:00			`}`