]> Git — Sourcephile - sourcephile-nix.git/blob - machines/losurdo.nix
fail2ban: relax some LAN IPv4
[sourcephile-nix.git] / machines / losurdo.nix
1 # NixOS configuration of losurdo.sourcephile.fr
2 # Domenico Losurdo (1941-2018), historian for the working class
3 # https://www.monde-diplomatique.fr/2018/10/FONDU/59128
4 { inputs, ... }:
5 {
6 system = "x86_64-linux";
7 extraArgs = {
8 wireguard = rec {
9 wg-intra = {
10 ipv4 = "192.168.42.2";
11 listenPort = 43642;
12 #listenPort = null;
13 persistentKeepalive = 25;
14 peer = {
15 publicKey = "xsFFep3k8z0pXgUOz4aryOF8l/KPBSOd4WQA26BkXy0=";
16 allowedIPs = [ "${wg-intra.ipv4}/32" ];
17 };
18 };
19 };
20 };
21 modules = [
22 (inputs.nixpkgs + "/nixos/modules/profiles/hardened.nix")
23 ../nixos/defaults.nix
24 losurdo/acme.nix
25 losurdo/debug.nix
26 losurdo/fail2ban.nix
27 losurdo/fileSystems.nix
28 losurdo/freeciv.nix
29 losurdo/hardware.nix
30 losurdo/networking.nix
31 losurdo/nginx.nix
32 #losurdo/postgresql.nix
33 losurdo/prosody.nix
34 (inputs.secrets + "/machines/losurdo/prosody.nix")
35 losurdo/sanoid.nix
36 losurdo/security.nix
37 losurdo/syncoid.nix
38 losurdo/system.nix
39 losurdo/transmission.nix
40 losurdo/unbound.nix
41 losurdo/users.nix
42 (inputs.secrets + "/machines/losurdo/users.nix")
43 ];
44 }