# NixOps configuration for the Linode VMs { network = { description = "Linode nodes"; enableRollback = true; }; defaults = { config, pkgs, lib, ... }: { imports = [ ../hardware/linode_vm.nix ../roles/host_common.nix ../roles/server_common.nix ]; # Ensure the right package architecture is used nixpkgs.localSystem = { system = "x86_64-linux"; config = "x86_64-unknown-linux-gnu"; }; # Tools that Linode support like to have install if you need them. environment.systemPackages = with pkgs; [ inetutils mtr sysstat ]; # Configure firewall defaults: networking = { usePredictableInterfaceNames = false; # As per Linode's networking guidlines domain = "mcwhirter.io"; firewall = { enable = true; allowedTCPPorts = [ 80 443 ]; trustedInterfaces = [ "lo" ]; }; }; system.autoUpgrade.enable = false; # Disabled as it conflicts with NixOps }; }