Olivier/chiasson-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fba5a7a2aa274430aa46551b69ae79442c9233c9
chiasson-nix/modules/hosts/nix-server/configuration.nix
T
Olivier fba5a7a2aa Rebase to flake parts #10
2026-05-15 00:24:13 -03:00

95 lines
2.4 KiB
Nix
Raw Blame History

{ self, inputs, ... }: {
flake.nixosModules.nix-serverConfiguration =
{
self,
config,
lib,
pkgs,
...
}:
{
imports = [
inputs.ddrm.nixosModules.default
self.nixosModules.nix-serverHardware
inputs.sops-nix.nixosModules.sops
self.nixosModules.system
self.nixosModules.users
./_services/attic-cache-server.nix
./_services/portainer.nix
./_services/organizr.nix
./_services/swiftshare.nix
./_services/immich.nix
./_services/jellyfin.nix
./_services/nixdesk-nfs-client.nix
./_services/ddrm-media-server.nix
./_services/sonarr.nix
./_services/prowlarr.nix
./_services/flaresolverr.nix
./_services/radarr.nix
./_services/qbittorrent.nix
./_services/seerr.nix
./_services/dispatcharr.nix
];
boot.loader.grub = {
enable = true;
efiSupport = false;
device = "/dev/sda";
};
services.qemuGuest.enable = true;
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = true;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
UseDns = false;
};
};
sops = {
defaultSopsFile = ../../../secrets/secrets.yaml;
defaultSopsFormat = "yaml";
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
};
sops.secrets."users/server/hashedPassword".neededForUsers = true;
security.sudo.wheelNeedsPassword = true;
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
trusted-users = [ "root" "@wheel" ];
allowed-users = [ "root" "@wheel" ];
};
chiasson.system = {
networking = {
hostName = "nix-server";
networkManager.enable = true;
};
caching.attic = {
enable = true;
cacheName = "nixos-new";
endpoint = "http://127.0.0.1:8080";
publicKey = "nixos-new:8NySIcT0HP7KvGQKgBRWoWESxxRA8BVYo8S85UNpNX0=";
};
extraPackages = with pkgs; [ btop ];
};
chiasson.users = {
enabled = [ "server" ];
hostOverrides.server = {
hashedPasswordFile = config.sops.secrets."users/server/hashedPassword".path;
};
};
services.xserver.enable = lib.mkDefault false;
system.stateVersion = "25.11";
};
}
Reference in New Issue View Git Blame Copy Permalink