Tom Hubrecht
954ba45281
All checks were successful
build configuration / build_storage01 (push) Successful in 1m25s
build configuration / build_compute01 (push) Successful in 1m34s
build configuration / build_vault01 (push) Successful in 1m44s
build configuration / build_web01 (push) Successful in 1m50s
lint / check (push) Successful in 26s
build configuration / build_web02 (push) Successful in 2m27s
build configuration / build_rescue01 (push) Successful in 1m16s
build configuration / push_to_cache (push) Successful in 3m28s
37 lines
660 B
Nix
37 lines
660 B
Nix
{ lib, pkgs, ... }:
|
|
|
|
lib.extra.mkConfig {
|
|
enabledModules = [
|
|
# List of modules to enable
|
|
"dgn-fail2ban"
|
|
"dgn-web"
|
|
];
|
|
|
|
enabledServices = [
|
|
# List of services to enable
|
|
"cas-eleves"
|
|
"kadenios"
|
|
];
|
|
|
|
extraConfig = {
|
|
dgn-fail2ban.jails = lib.extra.enableAttrs' "enabled" [
|
|
"sshd-bruteforce"
|
|
"sshd-timeout"
|
|
];
|
|
|
|
# Restrict access to this node
|
|
dgn-access-control.users.root = [ "thubrecht" ];
|
|
|
|
# Disable monitoring
|
|
dgn-node-monitoring.enable = false;
|
|
|
|
# Enable Postgres databases
|
|
services.postgresql = {
|
|
enable = true;
|
|
|
|
package = pkgs.postgresql_16;
|
|
};
|
|
};
|
|
|
|
root = ./.;
|
|
}
|