55 lines
887 B
Nix
55 lines
887 B
Nix
{
|
|
tree,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit (lib.lists) flatten;
|
|
in {
|
|
imports = flatten (with tree; [
|
|
(with tree.presets.nixos; [
|
|
serverBase
|
|
serverHetzner
|
|
serverEncryptedDrive
|
|
kernelLatest
|
|
])
|
|
|
|
profiles.nixos.nginx
|
|
|
|
(with hosts.hetzner-arm.profiles; [
|
|
gotosocial
|
|
forgejo
|
|
mpd
|
|
photoprism
|
|
radicale
|
|
rclone
|
|
restic
|
|
staticSites
|
|
storage
|
|
vault
|
|
vaultwarden
|
|
])
|
|
|
|
./hardware.nix
|
|
./secrets.nix
|
|
]);
|
|
|
|
virtualisation.docker.enable = true;
|
|
|
|
nixpkgs.overlays = [
|
|
(_final: prev: {
|
|
vault = prev.vault-bin;
|
|
#mpd = prev.mpd-headless;
|
|
})
|
|
];
|
|
|
|
networking.firewall = {
|
|
allowedTCPPorts = [80 443];
|
|
allowedUDPPorts = [80 443];
|
|
};
|
|
|
|
networking.hostName = "hetzner-arm";
|
|
|
|
home-manager.users.root.home.stateVersion = "25.05";
|
|
system.stateVersion = "25.05";
|
|
}
|