machines/mermet.nix

   1 # NixOS configuration of mermet.sourcephile.fr
   2 { flakes, ... }:
   3 {
   4 system = "x86_64-linux";
   5 extraArgs = rec {
   6   ipv4 = "80.67.180.129";
   7   wireguard = rec {
   8     wg-intranet = {
   9       ipv4 = "192.168.42.1";
  10       listenPort = 43642;
  11       persistentKeepalive = null;
  12       peer = {
  13         publicKey = "XbTEP2X71LBTjmdmySdiOpQJ+uIomcXvg1aiQGUtWBI=";
  14         allowedIPs = [ "${wg-intranet.ipv4}/32" ];
  15         endpoint = "${ipv4}:${toString wg-intranet.listenPort}";
  16       };
  17     };
  18   };
  19 };
  20 modules = [
  21   (flakes.nixpkgs + "/nixos/modules/profiles/hardened.nix")
  22   ../nixos/defaults.nix
  23   ../nixos/profiles/services/unbound.nix
  24   mermet/acme.nix
  25   mermet/croc.nix
  26   mermet/coturn.nix
  27   mermet/debug.nix
  28   mermet/dovecot.nix
  29   mermet/fail2ban.nix
  30   mermet/fileSystems.nix
  31   mermet/gitolite.nix
  32   mermet/hardware.nix
  33   mermet/knot.nix
  34   #mermet/mlmmj.nix
  35   mermet/networking.nix
  36   mermet/nginx.nix
  37   mermet/openldap.nix
  38   mermet/postfix.nix
  39   mermet/public-inbox.nix
  40   mermet/redis.nix
  41   mermet/rspamd.nix
  42   mermet/sanoid.nix
  43   mermet/security.nix
  44   mermet/system.nix
  45   mermet/users.nix
  46   (flakes.secrets + "/machines/mermet/users.nix")
  47 ];
  48 }