nixfiles/hosts/hetzner-vm/hetzner-vm.nix

{
  tree,
  lib,
  ...
}: let
  inherit (lib.lists) forEach;
in {
  imports = with tree;
    [
      presets.nixos.serverBase
      presets.nixos.serverHetzner

      profiles.nginx
      profiles.firewallAllow.httpCommon

      profiles.cross.arm64
      profiles.chaosInternalWireGuard

      ./hardware.nix
      ./secrets.nix
    ]
    ++ (forEach [
      "social"
      "storage"
      "music"
      "quassel"
      "piped-fi"
      "mail"
    ] (name: ./containers + "/${name}"))
    ++ (with hosts.hetzner-vm.profiles; [
      vaultUI
      gitlabStaticSites
    ]);

  # For Containers
  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "enp1s0";
  };

  networking.hostName = "hetzner-vm";

  home-manager.users.root.home.stateVersion = "23.05";
  system.stateVersion = "23.05";
}