# SPDX-FileCopyrightText: 2022-2024 Simon Bruder # # SPDX-License-Identifier: AGPL-3.0-or-later { pkgs, ... }: { imports = [ ./hardware-configuration.nix ../../modules ./services/buchborgen.nix ./services/coturn.nix ./services/element-web.nix ./services/forgejo.nix ./services/grafana.nix ./services/hedgedoc.nix ./services/invidious ./services/matrix ./services/password-hash-self-service.nix ./services/prometheus.nix ./services/sbruder.xyz ./services/schabernack.nix ]; sbruder = { nginx.hardening.enable = true; restic = { enable = true; backups.system.enable = true; }; wireguard.home.enable = true; infovhost.enable = true; wkd = { enable = true; }; }; networking.hostName = "renge"; system.stateVersion = "23.11"; services.nginx = { enable = true; virtualHosts."sbruder.de" = { enableACME = true; forceSSL = true; root = pkgs.sbruder.contact; }; }; networking.firewall.allowedTCPPorts = [ 80 443 ]; services.postgresql = { enable = true; package = pkgs.postgresql_16; }; services.postgresqlBackup = { enable = true; startAt = [ ]; # triggered by restic system backup location = "/var/lib/postgresql-backup"; compression = "none"; }; systemd.services.restic-backups-system = { after = [ "postgresqlBackup.service" ]; wants = [ "postgresqlBackup.service" ]; }; }