nixfiles/hosts/hetzner-arm/hetzner-arm.nix

65 lines
1.1 KiB
Nix
Raw Normal View History

2023-09-20 18:44:24 +01:00
{
tree,
lib,
...
}: let
2024-07-24 14:32:44 +01:00
inherit (lib.lists) forEach flatten;
2023-09-20 18:44:24 +01:00
in {
2024-07-24 14:32:44 +01:00
imports = flatten (with tree; [
(with tree.presets.nixos; [
serverBase
serverHetzner
serverEncryptedDrive
2024-08-12 15:59:00 +01:00
kernelLatest
2024-07-24 14:32:44 +01:00
])
2023-09-20 18:44:24 +01:00
2024-07-24 14:32:44 +01:00
profiles.nixos.nginx
2023-09-20 18:44:24 +01:00
2024-07-24 14:32:44 +01:00
(forEach [
2024-11-08 20:51:59 +00:00
"storage"
"mail"
2024-07-24 17:24:41 +01:00
] (name: ./containers + "/${name}/${name}.nix"))
2024-07-24 14:32:44 +01:00
(with hosts.hetzner-arm.profiles; [
staticSites
gotosocial
2024-07-20 12:58:45 +01:00
forgejo
2024-07-20 13:11:15 +01:00
mpd
2024-07-20 13:23:50 +01:00
radicale
2024-07-21 20:51:30 +01:00
vault
restic
2024-12-14 12:17:54 +00:00
vaultwarden
2024-12-16 13:49:39 +00:00
photoprism
2024-07-24 14:32:44 +01:00
])
./hardware.nix
./secrets.nix
]);
2023-09-20 18:44:24 +01:00
virtualisation.docker.enable = true;
nixpkgs.overlays = [
(_final: prev: {
vault = prev.vault-bin;
mpd = prev.mpd-headless;
})
];
2023-09-20 18:44:24 +01:00
# For Containers
networking.nat = {
enable = true;
internalInterfaces = ["ve-+"];
externalInterface = "enp1s0";
};
2024-07-24 14:13:59 +01:00
networking.firewall = {
allowedTCPPorts = [80 443];
allowedUDPPorts = [80 443];
};
2023-09-20 18:44:24 +01:00
networking.hostName = "hetzner-arm";
2024-12-13 12:06:47 +00:00
home-manager.users.root.home.stateVersion = "25.05";
system.stateVersion = "25.05";
2023-09-20 18:44:24 +01:00
}