72 lines
1.3 KiB
Nix
72 lines
1.3 KiB
Nix
{
|
|
pkgs,
|
|
agenix,
|
|
disko,
|
|
...
|
|
}: {
|
|
imports = [
|
|
./system.nix
|
|
agenix.nixosModules.default
|
|
disko.nixosModules.disko
|
|
|
|
./404.nix
|
|
./acme.nix
|
|
./bitwarden.nix
|
|
./borg.nix
|
|
./disk-config.nix
|
|
./forgejo.nix
|
|
./msmtp.nix
|
|
./murmur.nix
|
|
./nginx.nix
|
|
./upgrade.nix
|
|
./weechat.nix
|
|
./woodpecker.nix
|
|
|
|
../../users/maintainer
|
|
];
|
|
|
|
age.identityPaths = ["/root/.ssh/id_agenix"];
|
|
|
|
users = {
|
|
mutableUsers = false;
|
|
users.root.hashedPassword = "!";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
git
|
|
htop
|
|
neovim
|
|
tree
|
|
];
|
|
|
|
services = {
|
|
fail2ban.enable = true;
|
|
syncthing.enable = true;
|
|
};
|
|
|
|
systemd = {
|
|
services.register-thing = {
|
|
serviceConfig = let
|
|
script = pkgs.writeShellApplication {
|
|
name = "run-thing";
|
|
runtimeInputs = with pkgs; [nix];
|
|
text = "/home/maintainer/register-thing/thing";
|
|
};
|
|
in {
|
|
Type = "oneshot";
|
|
User = "maintainer";
|
|
ExecStart = "${script}/bin/run-thing";
|
|
};
|
|
};
|
|
|
|
timers.register-thing = {
|
|
wantedBy = ["timers.target"];
|
|
timerConfig = {
|
|
OnBootSec = "1m";
|
|
OnUnitActiveSec = "1m";
|
|
RandomizedDelaySec = "1m";
|
|
Unit = "register-thing.service";
|
|
};
|
|
};
|
|
};
|
|
}
|