nixfiles/hosts/hetzner-vm/hetzner-vm.nix

{tree, ...}: {
  imports = with tree; [
    users.root

    hosts.hetzner-vm.modules.mailserver
    hosts.hetzner-vm.modules.piped

    profiles.base
    profiles.sshd
    profiles.nginx
    profiles.nix-gc

    ./containers/storage/storage.nix
    ./containers/matrix/matrix.nix
    ./containers/music/music.nix

    hosts.hetzner-vm.profiles.restic
    hosts.hetzner-vm.profiles.piped
    hosts.hetzner-vm.profiles.quassel
    hosts.hetzner-vm.profiles.mailserver
    hosts.hetzner-vm.profiles.gitlab-static-sites
    hosts.hetzner-vm.profiles.misskey
    hosts.hetzner-vm.profiles.wireguard
    hosts.hetzner-vm.profiles.nginx-misc

    ./networking.nix
    ./hardware.nix
    ./secrets.nix
  ];

  # For Containers
  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "eth0";
  };

  networking.firewall.allowedTCPPorts = [80 443];
  networking.firewall.allowedUDPPorts = [443];

  home-manager.users.root = {
    imports = with tree; [home.base home.dev.small];
    home.stateVersion = "22.05";
  };

  networking.hostName = "hetzner-vm";
  time.timeZone = "Europe/London";

  system.stateVersion = "22.05";
}