2023-09-11 20:23:04 +02:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
...
|
|
|
|
}:
|
2024-11-20 20:32:38 +01:00
|
|
|
with lib;
|
|
|
|
let
|
2019-10-08 13:15:38 +02:00
|
|
|
cfg = config.machine;
|
2024-11-20 20:32:38 +01:00
|
|
|
in
|
|
|
|
{
|
2019-06-22 23:58:08 +02:00
|
|
|
config.machine = rec {
|
2019-03-23 02:50:48 +01:00
|
|
|
hostName = "Ophanim";
|
2019-10-08 13:15:38 +02:00
|
|
|
domain = "ophanim.de";
|
2023-09-11 20:23:04 +02:00
|
|
|
administrators = [
|
|
|
|
{
|
|
|
|
name = "derped";
|
|
|
|
id = 1337;
|
|
|
|
}
|
|
|
|
];
|
|
|
|
mailAccounts = [
|
|
|
|
{
|
|
|
|
name = "derped";
|
2024-11-20 20:32:38 +01:00
|
|
|
aliases = [
|
|
|
|
"postmaster"
|
|
|
|
"baensch"
|
|
|
|
];
|
2023-09-11 20:23:04 +02:00
|
|
|
}
|
|
|
|
];
|
2019-03-23 02:50:48 +01:00
|
|
|
allowUnfree = true;
|
|
|
|
conffiles = [
|
|
|
|
"etcvars"
|
|
|
|
"security"
|
|
|
|
"zsh"
|
|
|
|
];
|
|
|
|
pkgs = [
|
|
|
|
"base"
|
|
|
|
"server"
|
|
|
|
];
|
|
|
|
services = [
|
2023-09-10 15:35:55 +02:00
|
|
|
"acme"
|
2024-05-09 12:41:24 +02:00
|
|
|
"forgejo"
|
2024-02-26 17:21:14 +01:00
|
|
|
"tandoor"
|
2023-09-11 20:23:04 +02:00
|
|
|
# "hydra"
|
2019-03-23 02:50:48 +01:00
|
|
|
"mailserver"
|
|
|
|
"mariaDB"
|
|
|
|
"nextcloud"
|
|
|
|
"nginx"
|
|
|
|
"openssh"
|
2024-11-21 13:05:30 +01:00
|
|
|
"tt-rss"
|
2019-03-23 02:50:48 +01:00
|
|
|
];
|
2024-11-20 20:32:38 +01:00
|
|
|
vHosts =
|
|
|
|
let
|
|
|
|
base = domain;
|
|
|
|
in
|
|
|
|
[
|
|
|
|
{
|
|
|
|
domain = base;
|
|
|
|
service = "simple";
|
|
|
|
}
|
|
|
|
# { domain = "builder.${base}"; service = "hydra"; }
|
|
|
|
# { domain = "cache.${base}"; service = "cache"; }
|
|
|
|
{
|
|
|
|
domain = "storage.${base}";
|
|
|
|
service = "nextcloud";
|
|
|
|
}
|
|
|
|
{
|
|
|
|
domain = "mail.${base}";
|
|
|
|
service = "mail";
|
|
|
|
}
|
|
|
|
{
|
|
|
|
domain = "git.${base}";
|
|
|
|
service = "forgejo";
|
|
|
|
}
|
|
|
|
{
|
|
|
|
domain = "food.${base}";
|
|
|
|
service = "tandoor";
|
|
|
|
}
|
2024-11-21 13:05:30 +01:00
|
|
|
{
|
|
|
|
domain = "feed.${base}";
|
|
|
|
service = "tt-rss";
|
|
|
|
}
|
2024-11-20 20:32:38 +01:00
|
|
|
];
|
2019-03-23 02:50:48 +01:00
|
|
|
firewall = {
|
2019-08-27 16:24:59 +02:00
|
|
|
enable = true;
|
2019-03-23 02:50:48 +01:00
|
|
|
allowPing = false;
|
2024-11-20 20:32:38 +01:00
|
|
|
allowedUDPPorts = [
|
|
|
|
22
|
|
|
|
80
|
|
|
|
443
|
|
|
|
7776
|
|
|
|
];
|
|
|
|
allowedTCPPorts = [
|
|
|
|
80
|
|
|
|
443
|
|
|
|
7776
|
|
|
|
];
|
2019-03-23 02:50:48 +01:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|