2022-10-31 11:04:38 +01:00
|
|
|
|
{ pkgs, lib, config, ... }:
|
2020-12-30 09:10:30 +01:00
|
|
|
|
|
2022-10-31 11:04:38 +01:00
|
|
|
|
let
|
2020-12-30 09:10:30 +01:00
|
|
|
|
keys = import ../../../variables/keys.nix;
|
|
|
|
|
|
|
|
|
|
|
|
in {
|
|
|
|
|
|
# TASK: new device
|
|
|
|
|
|
networking.hostName = "srv0"; # Define your hostname.
|
|
|
|
|
|
# networking.domain = "home-ch.stefanjunker.de";
|
|
|
|
|
|
|
|
|
|
|
|
networking.firewall.enable = true;
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
|
|
|
|
# iperf3
|
|
|
|
|
|
5201
|
|
|
|
|
|
];
|
|
|
|
|
|
networking.firewall.logRefusedConnections = false;
|
|
|
|
|
|
|
|
|
|
|
|
networking.usePredictableInterfaceNames = false;
|
|
|
|
|
|
networking.dhcpcd = {
|
|
|
|
|
|
enable = true;
|
|
|
|
|
|
persistent = true;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
networking.interfaces.eth0 = {
|
|
|
|
|
|
useDHCP = true;
|
|
|
|
|
|
# ipv6.addresses = [
|
|
|
|
|
|
# { address = "2a02:c207:3003:2387::1"; prefixLength = 64; }
|
|
|
|
|
|
# ];
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
# networking.defaultGateway6 = {
|
|
|
|
|
|
# address = "fe80::1";
|
|
|
|
|
|
# interface = "eth0";
|
|
|
|
|
|
# };
|
|
|
|
|
|
|
|
|
|
|
|
networking.nat = {
|
|
|
|
|
|
enable = true;
|
|
|
|
|
|
internalInterfaces = [ "ve-+" ];
|
|
|
|
|
|
externalInterface = "eth0";
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
# Kubernetes
|
|
|
|
|
|
# services.kubernetes.roles = ["master" "node"];
|
|
|
|
|
|
|
|
|
|
|
|
# virtualization
|
2022-10-31 11:04:38 +01:00
|
|
|
|
virtualisation = { docker.enable = true; };
|
2020-12-30 09:10:30 +01:00
|
|
|
|
|
2022-10-31 11:04:38 +01:00
|
|
|
|
nix.gc = { automatic = true; };
|
2020-12-30 09:10:30 +01:00
|
|
|
|
|
2022-03-20 16:40:47 +01:00
|
|
|
|
networking.useHostResolvConf = false;
|
2022-10-31 11:04:38 +01:00
|
|
|
|
services.resolved = { enable = true; };
|
2020-12-30 09:10:30 +01:00
|
|
|
|
|
|
|
|
|
|
containers = {
|
2021-02-08 22:51:01 +01:00
|
|
|
|
mailserver = import ../../containers/mailserver.nix {
|
|
|
|
|
|
hostAddress = "192.168.100.10";
|
|
|
|
|
|
localAddress = "192.168.100.11";
|
|
|
|
|
|
|
|
|
|
|
|
imapsPort = 993;
|
|
|
|
|
|
sievePort = 4190;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2020-12-30 09:10:30 +01:00
|
|
|
|
webserver = import ../../containers/webserver.nix {
|
|
|
|
|
|
hostAddress = "192.168.100.12";
|
|
|
|
|
|
localAddress = "192.168.100.13";
|
|
|
|
|
|
|
2021-02-07 17:01:17 +01:00
|
|
|
|
httpPort = 80;
|
2020-12-30 09:10:30 +01:00
|
|
|
|
httpsPort = 443;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
syncthing = import ../../containers/syncthing.nix {
|
|
|
|
|
|
hostAddress = "192.168.100.14";
|
|
|
|
|
|
localAddress = "192.168.100.15";
|
|
|
|
|
|
|
|
|
|
|
|
syncthingPort = 22000;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
backup = import ../../containers/backup.nix {
|
|
|
|
|
|
inherit config;
|
|
|
|
|
|
hostAddress = "192.168.100.16";
|
|
|
|
|
|
localAddress = "192.168.100.17";
|
2022-10-31 11:04:38 +01:00
|
|
|
|
subvolumes = [ "mailserver" "webserver" "backup" "syncthing" ];
|
2020-12-30 09:10:30 +01:00
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
# This value determines the NixOS release from which the default
|
|
|
|
|
|
# settings for stateful data, like file locations and database versions
|
|
|
|
|
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
|
|
|
|
|
# this value at the release version of the first install of this system.
|
|
|
|
|
|
# Before changing this value read the documentation for this option
|
|
|
|
|
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
|
|
|
|
|
system.stateVersion = "20.03"; # Did you read the comment?
|
|
|
|
|
|
}
|
