{ config, lib, pkgs, sources, ... }: let host = "catvayor.sh"; in { imports = [ "${sources.nixos-mailserver}" ./hardware-configuration.nix ./disks.nix ./modo.nix ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.supportedFilesystems = [ "bcachefs" ]; boot.kernelPackages = pkgs.linuxPackages_latest; time.timeZone = "Europe/Paris"; networking = { interfaces."enp1s0" = { useDHCP = false; ipv4.addresses = [ { address = "192.168.122.3"; prefixLength = 24; } ]; ipv6.addresses = [ { address = "fe80::3"; prefixLength = 64; } ]; }; defaultGateway = "192.168.122.1"; defaultGateway6 = { address = "fe80::1"; interface = "enp1s0"; }; nameservers = [ "192.168.122.1" "fe80::1%enp1s0" ]; }; i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "fr"; }; services.dbus.packages = with pkgs; [ dconf ]; nixpkgs.config.allowUnfree = true; programs.zsh.enable = true; environment.systemPackages = with pkgs; [ wget nix-search-cli git btop ranger screen ]; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; services.openssh.enable = true; networking.firewall.enable = false; security.acme = { acceptTerms = true; defaults.email = "root@katvayor.net"; }; services.nginx = { enable = true; virtualHosts."catvayor.sh".enableACME = true; virtualHosts."betamail.katvayor.net" = { enableACME = true; addSSL = true; locations."/" = { recommendedProxySettings = true; proxyPass = "http://localhost:8000/"; }; }; }; mailserver = { enable = true; fqdn = "betamail.katvayor.net"; domains = [ host ]; loginAccounts = { "root@${host}" = { catchAll = [ host ]; aliases = builtins.genList (id: "user${toString id}@${host}") 10 ++ [ "moderators@${host}" "daemon@${host}" ]; hashedPassword = "$2b$05$FoCVDECXYG0KXPigPuIZtuNFiviwSg8RuXx0FbnzC7ZRp.Mz8VWOe"; }; }; certificateScheme = "acme"; }; services.netbird.enable = true; system.stateVersion = "23.11"; }