2023-05-16 09:53:27 +10:00
|
|
|
{ inputs, ... }:
|
2019-08-11 19:53:02 +01:00
|
|
|
{
|
2021-01-21 16:28:48 +01:00
|
|
|
imports = [
|
2022-12-03 12:45:45 +10:00
|
|
|
./auto-upgrade.nix
|
2023-07-29 17:37:07 +10:00
|
|
|
../../shared/nix-daemon.nix
|
2023-07-19 15:30:03 +10:00
|
|
|
./reboot.nix
|
2021-01-21 16:28:48 +01:00
|
|
|
./security.nix
|
2022-12-03 12:45:45 +10:00
|
|
|
./sops-nix.nix
|
2021-03-04 06:24:57 +01:00
|
|
|
./users.nix
|
2023-05-16 09:53:27 +10:00
|
|
|
inputs.sops-nix.nixosModules.sops
|
|
|
|
|
inputs.srvos.nixosModules.mixins-telegraf
|
|
|
|
|
inputs.srvos.nixosModules.server
|
2019-08-12 11:33:34 +02:00
|
|
|
];
|
|
|
|
|
|
2023-07-29 17:37:07 +10:00
|
|
|
# users in trusted group are trusted by the nix-daemon
|
|
|
|
|
nix.settings.trusted-users = [ "@trusted" ];
|
|
|
|
|
|
|
|
|
|
users.groups.trusted = { };
|
|
|
|
|
|
|
|
|
|
# Sometimes it fails if a store path is still in use.
|
|
|
|
|
# This should fix intermediate issues.
|
|
|
|
|
systemd.services.nix-gc.serviceConfig = {
|
|
|
|
|
Restart = "on-failure";
|
|
|
|
|
};
|
|
|
|
|
|
2023-05-16 09:53:27 +10:00
|
|
|
networking.firewall.allowedTCPPorts = [ 9273 ];
|
|
|
|
|
|
|
|
|
|
srvos.flake = inputs.self;
|
|
|
|
|
|
2023-01-04 11:59:51 +10:00
|
|
|
zramSwap.enable = true;
|
|
|
|
|
|
2022-01-09 15:57:46 +01:00
|
|
|
security.acme.defaults.email = "trash@nix-community.org";
|
2021-03-04 10:55:37 +01:00
|
|
|
security.acme.acceptTerms = true;
|
|
|
|
|
|
2021-02-17 23:31:22 +01:00
|
|
|
# Without configuration this unit will fail...
|
|
|
|
|
# Just disable it since we are using telegraf to monitor raid health.
|
|
|
|
|
systemd.services.mdmonitor.enable = false;
|
|
|
|
|
|
2022-08-13 11:13:06 +02:00
|
|
|
networking.domain = "nix-community.org";
|
2019-08-11 19:53:02 +01:00
|
|
|
}
|
