servers/mermet.nix

   1 # This is the root configuration of the target machine.
   2 # Usable by nixos-install and used by nixops.
   3 # It is NOT copied nor usable on the target machine,
   4 # only the resulting closure is copied to the target machine.
   5 { pkgs, lib, config, options
   6 # NixOps extra module inputs
   7 , nodes, name, uuid, resources
   8 , ... }:
   9 let inherit (builtins.extraBuiltins) pass pass-chomp; in
  10 {
  11   # This value determines the NixOS release with which your system is to be
  12   # compatible, in order to avoid breaking some software such as database servers.
  13   # You should change this only after NixOS release notes say you should.
  14   system.stateVersion = "19.09"; # Did you read the comment?
  15
  16   nixpkgs.overlays = import ../overlays.nix;
  17
  18   imports =
  19     [ ../nixos/defaults.nix
  20       mermet/apu2e4.nix
  21       mermet/zfs.nix
  22       mermet/lesptts.nix
  23       mermet/shorewall.nix
  24       mermet/unbound.nix
  25       mermet/nsd.nix
  26       mermet/openldap.nix
  27       mermet/gitolite.nix
  28       mermet/nginx.nix
  29       #mermet/postfix.nix
  30       #mermet/rspamd.nix
  31       #mermet/dovecot2.nix
  32     ];
  33
  34   networking = rec {
  35     hostName   = "mermet";
  36     domainBase = "sourcephile";
  37     domain     = "${domainBase}.fr";
  38   };
  39
  40   users = {
  41     mutableUsers = false;
  42     users = {
  43       root = rec {
  44         initialPassword = password;
  45         password = pass-chomp "servers/mermet/login/root";
  46         openssh.authorizedKeys.keys = [
  47           (pass "members/julm/ssh.pub")
  48         ];
  49       };
  50     };
  51     groups = {
  52     };
  53   };
  54
  55   environment = {
  56     systemPackages = with pkgs; [
  57       cryptsetup
  58       fio
  59       git
  60       gptfdisk
  61       lm_sensors
  62       smartctl-tbw
  63       socat
  64     ];
  65   };
  66 }