{ lib, ... }:

with lib;

{
  config.machine = rec {
    hostName = "DavidsServer";
    administrators = [ { name = "david"; id = 1000; } ];
    mailAccounts = [ { name = "david"; aliases = []; } ];
    domain = "davids-planet.de";
    allowUnfree = true;
    conffiles = [
      "security"
      "zsh"
    ];
    pkgs = [
      "base"
      "server"
    ];
    services = [
      "fail2ban"
      "mailserver"
      "mariaDB"
      "nextcloud"
      "nginx"
      "openssh"
    ];
    vHosts = (let base = domain; in [
      { domain = base; service = "nextcloud"; }
      { domain = "mail.${base}"; service = "mail"; }
    ]);
    firewall = {
      enable = true;
      allowPing = false;
      allowedUDPPorts = [ 22 80 443 ];
      allowedTCPPorts = [ 80 443 ];
    };
  };
}