infrastructure/machines/web02/_configuration.nix

37 lines
660 B
Nix

{ lib, pkgs, ... }:
lib.extra.mkConfig {
enabledModules = [
# List of modules to enable
"dgn-fail2ban"
"dgn-web"
];
enabledServices = [
# List of services to enable
"cas-eleves"
"kadenios"
];
extraConfig = {
dgn-fail2ban.jails = lib.extra.enableAttrs' "enabled" [
"sshd-bruteforce"
"sshd-timeout"
];
# Restrict access to this node
dgn-access-control.users.root = [ "thubrecht" ];
# Disable monitoring
dgn-node-monitoring.enable = false;
# Enable Postgres databases
services.postgresql = {
enable = true;
package = pkgs.postgresql_16;
};
};
root = ./.;
}