{ config, lib, pkgs, ... }: { imports = [ ../../common ./encboot.nix ./hardware.nix ./services/murmur.nix ./services/mail.nix # ./services/engelsystem.nix ./services/codimd.nix ../../common ./wireguard.nix ./services/nginx.nix # ./k8s.nix ./services/docker.nix ./services/rocket.nix ./services/gitlab-runner.nix ]; boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; boot.supportedFilesystems = [ "zfs" ]; # networking networking.hostName = "hainich"; networking.hostId = "8a58cb2f"; networking.useDHCP = true; networking.interfaces.enp6s0.ipv4.addresses = [ { address = "46.4.63.148"; prefixLength = 27; } { address = "46.4.63.158"; prefixLength = 27; } ]; networking.interfaces.enp6s0.ipv6.addresses = [ { address = "2a01:4f8:140:84c9::1"; prefixLength = 64; } ]; networking.defaultGateway = "46.4.63.129"; networking.nameservers = [ "1.1.1.1" "1.0.0.1" "2606:4700:4700::1111" "2606:4700:4700::1001" ]; # networking.defaultGateway6 = { # address = "fe80::1"; # interface = "enp6s0"; # }; networking.nat.enable = true; networking.nat.internalInterfaces = ["ve-+"]; networking.nat.externalInterface = "enp6s0"; networking.firewall.allowedTCPPorts = [ 22 80 443 ]; # networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.enable = false; # misc time.timeZone = "UTC"; environment.systemPackages = with pkgs; [ wget vim git ]; services.openssh.enable = true; services.openssh.ports = [ 22 62954 ]; users.users.root = { openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDNVUDKx9sukRkb6INny432+2HZBWx/qIEAOvngF1qcj hexchen@montasch" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvmrk3i04tXfrSlZtHFbG3o6lQgh3ODMWmGDING4TJ4ctidexmMNY15IjVjzXZgQSET1uKLDLITiaPsii8vaWERZfjm3jjub845mpKkKv48nYdM0eCbv7n604CA3lwoB5ebRgULg4oGTi60rQ4trFf3iTkJfmiLsieFBZz7l+DfgeDEjDNSJcrkOggGBrjE5vBXoDimdkNh8kBNwgMDj1kPR/FHDqybSd5hohCJ5FzQg9vzl/x/H1rzJJKYPO4svSgHkYNkeoL84IZNeHom+UEHX0rw2qAIEN6AiHvNUJR38relvQYxbVdDSlaGN3g26H2ehsmolf+U0uQlRAXTHo0NbXNVYOfijFKL/jWxNfH0aRycf09Lu60oY54gkqS/J0GoQe/OGNq1Zy72DI+zAwEzyCGfSDbAgVF7Y3mU2HqcqGqNzu7Ade5oCbLmkT7yzDM3x6IsmT1tO8dYiT8Qv+zFAECkRpw3yDkJkPOxNKg10oM318whMTtM3yqntE90hk= schweby@taxusbaccata" ]; initialHashedPassword = "$6$F316njEF2$GMF4OmPSF6QgZ3P/DblQ/UFMgoo98bztbdw7X0ygvBGC1UMMIc13Vtxjd/ZGRYW/pEHACZZ7sbRZ48t6xhvO7/"; # shell = pkgs.fish; }; # storage stuffs! services.zfs = { autoSnapshot = { enable = true; }; autoScrub = { enable = true; }; }; services.journald.extraConfig = '' MaxFileSec=6h MaxRetentionSec=72h ''; boot.kernelPackages = pkgs.linuxPackages; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "20.03"; # Did you read the comment? }