]> Git — Sourcephile - sourcephile-nix.git/blob - servers/losurdo.nix
nftables: only use unbound for DNS resolving
[sourcephile-nix.git] / servers / losurdo.nix
1 # NixOS configuration of losurdo.sourcephile.fr
2 #
3 # Show configuration options with, for example:
4 # nix-instantiate servers/losurdo.nix --eval -A config.networking.hostName
5 # Install/upgrade with:
6 # nix run install -f servers/losurdo.nix
7 let
8 ipv4 = "80.67.180.251";
9 system = import <nixpkgs/nixos/lib/eval-config.nix> {
10 system = "x86_64-linux";
11 modules = [
12 ../nixos/defaults.nix
13 ../nixos/base/install.nix
14 ../nixos/base/unbound.nix
15 losurdo/acme.nix
16 losurdo/debug.nix
17 losurdo/fileSystems.nix
18 losurdo/hardware.nix
19 losurdo/networking.nix
20 losurdo/postgresql.nix
21 losurdo/sanoid.nix
22 losurdo/syncoid.nix
23 losurdo/system.nix
24 losurdo/transmission.nix
25 losurdo/users.nix
26 ];
27 extraArgs = {
28 name = "losurdo";
29 inherit ipv4;
30 servers = import ../servers.nix;
31 };
32 };
33 inherit (system.config) networking;
34 lib = system.pkgs.lib;
35 in with system; system // {
36 inherit ipv4;
37 install =
38 let target = "root@${networking.hostName}.${networking.domain}";
39 profile = "/nix/var/nix/profiles/system";
40 generations = "+10";
41 nixos = config.system.build.toplevel;
42 in
43 pkgs.writeShellScriptBin "bash" ''
44 PATH="$PATH:${with pkgs; lib.makeBinPath [nix openssh pass]}"
45 set -eux
46 nix ''${TRACE:+-L} copy \
47 --to ssh://${target} --substitute-on-destination \
48 ${nixos}
49 target="${target}"
50 ${config.install.shellHook}
51 ssh ${target} nix-env --profile "${profile}" --set "${nixos}" \
52 '&&' nix-env --profile "${profile}" --delete-generations "${generations}" \
53 '&&' "${profile}"/bin/switch-to-configuration "''${switch:-switch}"
54 '';
55 }