Cradicle Explorer
Nix
/ hosts / hadouken / default.nix
default.nix
 1  { ... }:
 2  {
 3    networking = {
 4      hostName = "hadouken";
 5      hostId = "1b936a2a";
 6    };
 7  
 8    imports = [
 9      ./modules/monitoring.nix
10      ./modules/detection.nix
11      ./modules/mastodon.nix
12      ./modules/paperless.nix
13      ./modules/microbin.nix
14      ./modules/calendar.nix
15      ./modules/database.nix
16      ./modules/garage.nix
17      ./modules/bincache.nix
18      ./modules/storage.nix
19      ./modules/matrix.nix
20      ./modules/immich.nix
21      ./modules/shares.nix
22      ./modules/proton.nix
23      ./modules/caddy.nix
24      ./modules/atuin.nix
25      ./modules/media.nix
26    ];
27  
28    hosts.shares.enable = true;
29    hosts.caddy.enable = true;
30    hosts.media.enable = true;
31    hosts.tailscale.enable = true;
32    hosts.monitoring.enable = true;
33    hosts.matrix.enable = true;
34    hosts.mastodon.enable = true;
35    hosts.microbin.enable = true;
36    hosts.changedetection.enable = true;
37    hosts.immich.enable = true;
38    hosts.prometheus.enable = true;
39    hosts.calendar.enable = true;
40    hosts.database.enable = true;
41    hosts.garage.enable = true;
42    hosts.atuin.enable = true;
43    hosts.paperless.enable = true;
44    hosts.bincache.enable = true;
45    hosts.proton.enable = true;
46    hosts.nymvpn.enable = true;
47  
48    users = {
49      groups.notes.members = [ "caddy" ];
50    };
51  
52    systemd.services.loki = {
53      after = [ "tailscaled.service" ];
54      requires = [ "tailscaled.service" ];
55      serviceConfig.RestartSec = 10;
56    };
57  
58    hosts.borg = {
59      enable = true;
60      repository = "ssh://gak69wyz@gak69wyz.repo.borgbase.com/./repo";
61      paths = [ "/mnt/zwembad/app" ];
62    };
63  
64    # Heat management intel cpu
65    services.thermald.enable = true;
66  
67    hosts.openssh = {
68      enable = true;
69      allowUsers = [
70        "*@100.64.0.0/10"
71        "*@10.30.0.0/24"
72      ];
73    };
74  
75    # Server defaults
76    hosts.server.enable = true;
77  
78    boot = {
79      supportedFilesystems = [ "zfs" ];
80      zfs = {
81        forceImportRoot = false;
82        extraPools = [
83          "zwembad"
84          "zolder"
85        ];
86      };
87  
88      # Silent Boot
89      # https://wiki.archlinux.org/title/Silent_boot
90      kernelParams = [
91        "quiet"
92        "rd.systemd.show_status=false"
93        "rd.udev.log_level=3"
94        "udev.log_priority=3"
95      ];
96      consoleLogLevel = 0;
97      initrd.verbose = false;
98    };
99  }