steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
infra/nix/os/devices/srv0.home-ch.stefanjunker.de/system.nix

107 lines
2.4 KiB
Nix
Raw Normal View History

run most containers and back them up at home * switch backup from wasabi-s3 to btrfs via ssh * add srv0 at home * run webserver and syncthing at home
2020-12-30 09:10:30 +01:00
{ pkgs
, lib
, config
, ... }:
let
keys = import ../../../variables/keys.nix;
in {
# TASK: new device
networking.hostName = "srv0"; # Define your hostname.
# networking.domain = "home-ch.stefanjunker.de";
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [
# iperf3
5201
];
networking.firewall.logRefusedConnections = false;
networking.usePredictableInterfaceNames = false;
networking.dhcpcd = {
enable = true;
persistent = true;
};
networking.interfaces.eth0 = {
useDHCP = true;
# ipv6.addresses = [
# { address = "2a02:c207:3003:2387::1"; prefixLength = 64; }
# ];
};
# networking.defaultGateway6 = {
# address = "fe80::1";
# interface = "eth0";
# };
networking.nat = {
enable = true;
internalInterfaces = [ "ve-+" ];
externalInterface = "eth0";
};
# Kubernetes
# services.kubernetes.roles = ["master" "node"];
# virtualization
virtualisation = {
docker.enable = true;
};
nix.gc = {
automatic = true;
};
srv0: use systemd-resolved
2022-03-20 16:40:47 +01:00
networking.useHostResolvConf = false;
services.resolved = {
enable = true;
};
run most containers and back them up at home * switch backup from wasabi-s3 to btrfs via ssh * add srv0 at home * run webserver and syncthing at home
2020-12-30 09:10:30 +01:00
containers = {
container/mailserver: run on srv0.home-ch
2021-02-08 22:51:01 +01:00
mailserver = import ../../containers/mailserver.nix {
hostAddress = "192.168.100.10";
localAddress = "192.168.100.11";
imapsPort = 993;
sievePort = 4190;
};
run most containers and back them up at home * switch backup from wasabi-s3 to btrfs via ssh * add srv0 at home * run webserver and syncthing at home
2020-12-30 09:10:30 +01:00
webserver = import ../../containers/webserver.nix {
hostAddress = "192.168.100.12";
localAddress = "192.168.100.13";
srv0,webserver: expose port 80 so ACME can verify the certificate
2021-02-07 17:01:17 +01:00
httpPort = 80;
run most containers and back them up at home * switch backup from wasabi-s3 to btrfs via ssh * add srv0 at home * run webserver and syncthing at home
2020-12-30 09:10:30 +01:00
httpsPort = 443;
};
syncthing = import ../../containers/syncthing.nix {
hostAddress = "192.168.100.14";
localAddress = "192.168.100.15";
syncthingPort = 22000;
};
backup = import ../../containers/backup.nix {
inherit config;
hostAddress = "192.168.100.16";
localAddress = "192.168.100.17";
subvolumes = [
container/mailserver: run on srv0.home-ch
2021-02-08 22:51:01 +01:00
"mailserver"
run most containers and back them up at home * switch backup from wasabi-s3 to btrfs via ssh * add srv0 at home * run webserver and syncthing at home
2020-12-30 09:10:30 +01:00
"webserver"
"backup"
"syncthing"
];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.03"; # Did you read the comment?
}
Reference in a new issue Copy permalink