]> Git — Sourcephile - sourcephile-nix.git/blob - machines/mermet.nix
nix: move to flake.nix
[sourcephile-nix.git] / machines / mermet.nix
1 # NixOS configuration of mermet.sourcephile.fr
2 { flakes, ... }:
3 {
4 system = "x86_64-linux";
5 extraArgs = rec {
6 ipv4 = "80.67.180.129";
7 wireguard = rec {
8 wg-intranet = {
9 ipv4 = "192.168.42.1";
10 listenPort = 43642;
11 persistentKeepalive = null;
12 peer = {
13 publicKey = "XbTEP2X71LBTjmdmySdiOpQJ+uIomcXvg1aiQGUtWBI=";
14 allowedIPs = [ "${wg-intranet.ipv4}/32" ];
15 endpoint = "${ipv4}:${toString wg-intranet.listenPort}";
16 };
17 };
18 };
19 };
20 modules = [
21 (flakes.nixpkgs + "/nixos/modules/profiles/hardened.nix")
22 ../nixos/defaults.nix
23 ../nixos/profiles/services/unbound.nix
24 mermet/acme.nix
25 mermet/croc.nix
26 mermet/coturn.nix
27 mermet/debug.nix
28 mermet/dovecot.nix
29 mermet/fail2ban.nix
30 mermet/fileSystems.nix
31 mermet/gitolite.nix
32 mermet/hardware.nix
33 mermet/knot.nix
34 #mermet/mlmmj.nix
35 mermet/networking.nix
36 mermet/nginx.nix
37 mermet/openldap.nix
38 mermet/postfix.nix
39 mermet/public-inbox.nix
40 mermet/redis.nix
41 mermet/rspamd.nix
42 mermet/sanoid.nix
43 mermet/security.nix
44 mermet/system.nix
45 mermet/users.nix
46 (flakes.secrets + "/machines/mermet/users.nix")
47 ];
48 }