{ config, pkgs, lib, ... }: { imports = [ ./acme-dns.nix ./acme-ssl.nix ./backups.nix # ./dex.nix ./dns.nix # ./gitea.nix ./headscale.nix ./keycloak.nix ./matterbridge.nix # ./monitoring.nix # ./netboot-server.nix ./network.nix ./nginx.nix ./nur.nix # ./oauth2_proxy.nix ./programs.nix ./qemu.nix ./rz.nix ./secrets ./snipe-it.nix ./system.nix ./tunnels.nix # TODO push to gitea # TODO ./gotify.nix # TODO(Raito): ./backups.nix # TODO(Raito): ./snmp.nix # TODO(Raito): ./sflow.nix? ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.initrd.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ]; networking.hostName = "core-services-01"; networking.hostId = "64838310"; time.timeZone = "Europe/Paris"; # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. networking.useDHCP = false; # Adieu, hackENS — networking.interfaces.ens18.useDHCP = true; networking.interfaces.ens19.useDHCP = true; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; # List services that you want to enable: services.zfs.autoScrub.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. networking.firewall.enable = false; system.stateVersion = "22.05"; }