1
0
nixfiles/hosts/web-2/configuration.nix

81 lines
2.0 KiB
Nix

{ config, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
../../configuration/common
./bubblesort.nix
./clerie.nix
./gitea.nix
./iot-data.nix
./ip.nix
./meow.nix
./milchinsel.nix
./ping.nix
./prediger.nix
./public.nix
./radicale.nix
./reichartstrasse.nix
./uptimestatus.nix
./wetter.nix
./znc.nix
];
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
networking.hostName = "web-2";
networking.useDHCP = false;
# Network
networking.interfaces.ens3.ipv4.addresses = [ { address = "88.99.187.135"; prefixLength = 32; } ];
networking.interfaces.ens3.ipv6.addresses = [ { address = "2a01:4f8:c0c:c580::1"; prefixLength = 64; } ];
networking.defaultGateway = { address = "172.31.1.1"; interface = "ens3"; };
networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
networking.nameservers = [ "213.133.98.98" "213.133.99.99" "213.133.100.100" ];
services.nginx = {
enable = true;
enableReload = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.postgresql = {
enable = true;
package = pkgs.postgresql_12;
};
services.borgbackup.jobs = {
main = {
paths = [
"/var/src"
"/var/lib"
];
doInit = true;
repo = "borg@backup.clerie.de:." ;
encryption = {
mode = "repokey-blake2";
passCommand = "cat /var/src/secrets/borg/main";
};
environment = { BORG_RSH = "ssh -i /var/src/secrets/ssh/borg-main"; };
compression = "auto,lzma";
startAt = "hourly";
};
};
clerie.monitoring = {
enable = true;
id = "203";
pubkey = "CCEDSGy7e7oJxnW+NLOJc4TamG4ft7cS/zzvtoLQmx8=";
};
system.stateVersion = "21.03";
}