rice/hosts/ami/default.nix

73 lines
1.3 KiB
Nix
Raw Normal View History

2024-01-25 15:54:05 +00:00
{
pkgs,
agenix,
2024-03-29 20:56:26 +00:00
disko,
2024-01-25 15:54:05 +00:00
...
}: {
imports = [
./system.nix
agenix.nixosModules.default
2024-03-29 20:56:26 +00:00
disko.nixosModules.disko
2024-01-25 15:54:05 +00:00
./404.nix
2024-01-25 15:54:05 +00:00
./acme.nix
./bitwarden.nix
./borg.nix
2024-03-29 20:56:26 +00:00
./disk-config.nix
./forgejo.nix
./msmtp.nix
./murmur.nix
./nginx.nix
2024-05-05 20:32:10 +00:00
./upgrade.nix
2024-07-02 14:57:06 +00:00
./weechat.nix
2024-06-21 09:25:02 +00:00
./woodpecker.nix
2024-01-25 15:54:05 +00:00
../../users/maintainer
];
age.identityPaths = ["/root/.ssh/id_agenix_ed25519"];
2024-01-25 15:54:05 +00:00
users = {
mutableUsers = false;
users.root.hashedPassword = "!";
};
environment.systemPackages = with pkgs; [
git
htop
neovim
tree
];
2024-04-22 09:36:13 +00:00
2024-07-15 19:51:02 +00:00
services = {
fail2ban.enable = true;
syncthing.enable = true;
};
2024-06-17 10:23:00 +00:00
systemd = {
services.register-thing = {
serviceConfig = let
script = pkgs.writeShellApplication {
name = "run-thing";
runtimeInputs = with pkgs; [nix];
text = "/home/maintainer/register-thing/thing";
};
in {
2024-06-17 10:23:00 +00:00
Type = "oneshot";
User = "maintainer";
ExecStart = "${script}/bin/run-thing";
2024-06-17 10:23:00 +00:00
};
};
timers.register-thing = {
wantedBy = ["timers.target"];
timerConfig = {
2024-06-17 11:08:53 +00:00
OnBootSec = "1m";
2024-06-17 10:23:00 +00:00
OnUnitActiveSec = "1m";
RandomizedDelaySec = "1m";
Unit = "register-thing.service";
2024-06-17 10:23:00 +00:00
};
};
};
2024-01-25 15:54:05 +00:00
}