swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2026-04-14 21:29:12 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
.dotfiles/hosts/nixos/x86_64-linux/winters/default.nix
Leon Schwarzäugl 04e3bcefc3
Some checks are pending
Build and Deploy / build (push) Waiting to run
Details
Build and Deploy / deploy (push) Blocked by required conditions
Details
Flake check / Check flake (push) Waiting to run
Details
feat: winters <> summers parity
2026-01-10 15:56:09 +01:00

108 lines
2.5 KiB
Nix
Raw Blame History

{ self, lib, minimal, globals, ... }:
{
imports = [
./hardware-configuration.nix
"${self}/modules/nixos/optional/systemd-networkd-server.nix"
"${self}/modules/nixos/optional/nix-topology-self.nix"
];
topology.self.interfaces."eth1" = { };
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
};
networking.hosts = {
${globals.networks.home-lan.hosts.hintbooth.ipv4} = [ "server.hintbooth.${globals.domains.main}" ];
${globals.networks.home-lan.hosts.hintbooth.ipv6} = [ "server.hintbooth.${globals.domains.main}" ];
};
swarselsystems = {
info = "ASRock J4105-ITX, 32GB RAM";
flakePath = "/root/.dotfiles";
isImpermanence = false;
isSecureBoot = false;
isCrypted = false;
isBtrfs = false;
isLinux = true;
isNixos = true;
proxyHost = "twothreetunnel";
server = {
wireguard.interfaces = {
wgProxy = {
isClient = true;
serverName = "twothreetunnel";
};
wgHome = {
isClient = true;
serverName = "hintbooth";
};
};
restic = {
bucketName = "SwarselWinters";
paths = [
"/Vault/data/paperless"
"/Vault/data/koillection"
"/Vault/data/postgresql"
"/Vault/data/firefly-iii"
"/Vault/data/radicale"
"/Vault/data/matrix-synapse"
"/Vault/Eternor/Paperless"
"/Vault/Eternor/Bilder"
"/Vault/Eternor/Immich"
];
};
garage = {
data_dir = {
capacity = "200G";
path = "/Vault/data/garage/data";
};
};
};
};
} // lib.optionalAttrs (!minimal) {
swarselprofiles = {
server = true;
};
swarselmodules.server = {
diskEncryption = lib.mkForce false;
# nginx = true; # for php stuff
# acme = false; # cert handled by proxy
# wireguard = true;
# nfs = true;
# kavita = true;
# restic = true;
# jellyfin = true;
# navidrome = true;
# spotifyd = true;
# mpd = true;
# postgresql = true;
# matrix = true;
# nextcloud = true;
# immich = true;
# paperless = true;
# transmission = true;
# syncthing = true;
# grafana = true;
# freshrss = true;
# kanidm = true;
# firefly-iii = true;
# koillection = true;
# radicale = true;
# atuin = true;
# forgejo = true;
# ankisync = true;
# homebox = true;
# opkssh = true;
};
networking.nftables.firewall.zones.untrusted.interfaces = [ "lan" "enp3s0" ];
}
Reference in a new issue View git blame Copy permalink