83 lines
2.3 KiB
Nix
83 lines
2.3 KiB
Nix
{
|
|
tree,
|
|
lib,
|
|
pkgs,
|
|
config,
|
|
...
|
|
}: {
|
|
imports = with tree; [
|
|
users.root
|
|
|
|
profiles.base
|
|
profiles.sshd
|
|
profiles.nginx
|
|
profiles.nix-gc
|
|
profiles.kernels.latest
|
|
|
|
./containers/storage/storage.nix
|
|
./containers/social/social.nix
|
|
./containers/music/music.nix
|
|
./containers/quassel/quassel.nix
|
|
./containers/piped/piped.nix
|
|
./containers/mail/mail.nix
|
|
|
|
hosts.hetzner-vm.profiles.gitlab-static-sites
|
|
hosts.hetzner-vm.profiles.wireguard
|
|
hosts.hetzner-vm.profiles.nginx-misc
|
|
|
|
./networking.nix
|
|
./hardware.nix
|
|
./secrets.nix
|
|
];
|
|
|
|
environment.systemPackages = with pkgs;
|
|
[
|
|
(pkgs.writeShellScriptBin "journalctl-vaccum-all" ''
|
|
journalctl --vacuum-size=100M
|
|
${lib.concatStringsSep "\n" (lib.forEach (lib.attrNames config.containers) (name: ''
|
|
journalctl --vacuum-size=100M --root /var/lib/nixos-containers/${name}
|
|
''))}
|
|
'')
|
|
(pkgs.writeShellScriptBin "systemctl-list-failed-all" ''
|
|
echo "Host: "
|
|
systemctl --failed
|
|
${lib.concatStringsSep "\n" (lib.forEach (lib.attrNames config.containers) (name: ''
|
|
echo "Container: "
|
|
systemctl -M ${name} --failed
|
|
''))}
|
|
'')
|
|
]
|
|
++ lib.forEach (lib.attrNames config.containers) (name: (pkgs.writeShellScriptBin "journalctl-vaccum-${name}" ''
|
|
journalctl --vacuum-size=100M --root /var/lib/nixos-containers/${name}
|
|
''))
|
|
++ lib.forEach (lib.attrNames config.containers) (name: (pkgs.writeShellScriptBin "systemctl-machine-${name}" ''
|
|
systemctl -M ${name} $@
|
|
''))
|
|
++ lib.forEach (lib.attrNames config.containers) (name: (pkgs.writeShellScriptBin "journalctl-machine-${name}" ''
|
|
journalctl -M ${name} $@
|
|
''))
|
|
++ lib.forEach (lib.attrNames config.containers) (name: (pkgs.writeShellScriptBin "shell-enter-${name}" ''
|
|
machinectl shell ${name}
|
|
''));
|
|
|
|
# For Containers
|
|
networking.nat = {
|
|
enable = true;
|
|
internalInterfaces = ["ve-+"];
|
|
externalInterface = "eth0";
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [80 443];
|
|
networking.firewall.allowedUDPPorts = [443];
|
|
|
|
home-manager.users.root = {
|
|
imports = with tree; [home.base home.dev.small];
|
|
home.stateVersion = "22.05";
|
|
};
|
|
|
|
networking.hostName = "hetzner-vm";
|
|
time.timeZone = "Europe/London";
|
|
|
|
system.stateVersion = "22.05";
|
|
}
|