2025-05-18 14:07:34 +02:00
|
|
|
{
|
|
|
|
|
lib,
|
|
|
|
|
pkgs,
|
|
|
|
|
config,
|
|
|
|
|
...
|
|
|
|
|
}:
|
2025-03-20 14:27:04 +01:00
|
|
|
{
|
|
|
|
|
imports = [
|
|
|
|
|
./hardware-configuration.nix
|
2025-03-22 22:46:55 +01:00
|
|
|
./variables.nix
|
2025-03-20 14:28:57 +01:00
|
|
|
./../../modules/core/default.server.nix
|
2025-03-22 22:46:55 +01:00
|
|
|
./../../modules/services/dandelion.nix
|
2025-03-20 14:27:04 +01:00
|
|
|
];
|
|
|
|
|
|
2025-06-06 15:10:34 +02:00
|
|
|
users.users.liv.openssh.authorizedKeys.keys = [
|
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOLdcB5JFWx6OK2BAr8J0wPHNhr2VP2/Ci6fv3a+DPfo liv@violet" # allow violet to log in over ssh to do back ups
|
2025-08-09 20:00:25 +02:00
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDi8gt51xGRzLSqaNr1LKSdrJ0VHps8U8FME71YCrs6K liv@posy" # allow posy to log in over ssh to mount music folder
|
2025-06-06 15:10:34 +02:00
|
|
|
];
|
|
|
|
|
|
2025-04-24 10:57:39 +02:00
|
|
|
liv.server.enable = true;
|
|
|
|
|
|
2025-03-20 14:27:04 +01:00
|
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
|
|
|
"jitsi-meet-1.0.8043"
|
|
|
|
|
"olm-3.2.16"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Amsterdam";
|
|
|
|
|
|
2025-08-05 21:48:15 +02:00
|
|
|
networking = {
|
|
|
|
|
hostName = "dandelion";
|
|
|
|
|
firewall = {
|
|
|
|
|
allowedTCPPorts = [
|
|
|
|
|
5201
|
|
|
|
|
];
|
|
|
|
|
allowedUDPPorts = [
|
|
|
|
|
5201
|
|
|
|
|
];
|
|
|
|
|
interfaces."ens4s1".allowedTCPPorts = [
|
|
|
|
|
# allow everything for local link
|
|
|
|
|
{
|
|
|
|
|
from = 1;
|
|
|
|
|
to = 65354;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
interfaces."ens4s1".allowedUDPPorts = [
|
|
|
|
|
# allow everything for local link
|
|
|
|
|
{
|
|
|
|
|
from = 1;
|
|
|
|
|
to = 65354;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2025-07-07 23:21:48 +02:00
|
|
|
systemd.network.networks."99-local" = {
|
2025-08-05 21:48:15 +02:00
|
|
|
matchConfig.name = "ens4s1";
|
2025-07-07 23:21:48 +02:00
|
|
|
address = [
|
|
|
|
|
"192.168.1.100/24"
|
|
|
|
|
];
|
|
|
|
|
routes = [
|
|
|
|
|
{
|
|
|
|
|
Gateway = "172.16.10.1";
|
|
|
|
|
GatewayOnLink = false;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2025-03-20 14:27:04 +01:00
|
|
|
environment.systemPackages = with pkgs; [
|
2025-03-22 22:46:55 +01:00
|
|
|
kitty.terminfo
|
|
|
|
|
zfs
|
2025-03-20 14:27:04 +01:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
boot = {
|
2025-03-20 14:38:20 +01:00
|
|
|
loader = {
|
|
|
|
|
systemd-boot.enable = true;
|
2025-03-20 14:34:53 +01:00
|
|
|
efi.canTouchEfiVariables = true;
|
2025-03-20 14:27:04 +01:00
|
|
|
};
|
2025-03-22 22:46:55 +01:00
|
|
|
supportedFilesystems = [ "zfs" ];
|
2025-03-20 14:27:04 +01:00
|
|
|
};
|
2025-03-22 22:46:55 +01:00
|
|
|
|
|
|
|
|
networking.hostId = "8a6b2565";
|
|
|
|
|
|
|
|
|
|
services.zfs = {
|
|
|
|
|
autoScrub.enable = true;
|
|
|
|
|
trim.enable = true;
|
|
|
|
|
};
|
|
|
|
|
|
2025-08-05 20:56:02 +02:00
|
|
|
boot.zfs.extraPools = [
|
|
|
|
|
"spinners"
|
|
|
|
|
];
|
2025-03-22 22:46:55 +01:00
|
|
|
|
2025-08-05 20:56:02 +02:00
|
|
|
# fileSystems = {
|
|
|
|
|
# "/spinners/rootvol" = {
|
|
|
|
|
# device = "spinners/rootvol";
|
|
|
|
|
# fsType = "zfs";
|
|
|
|
|
# };
|
|
|
|
|
# "/spinners/ahwx" = {
|
|
|
|
|
# device = "spinners/ahwx";
|
|
|
|
|
# fsType = "zfs";
|
|
|
|
|
# };
|
|
|
|
|
# "/spinners/violet" = {
|
|
|
|
|
# device = "spinners/violet";
|
|
|
|
|
# fsType = "zfs";
|
|
|
|
|
# };
|
|
|
|
|
# };
|
2025-03-20 14:27:04 +01:00
|
|
|
}
|
