Simon Bruder
e67d68a05d
This also removes ankisyncd, which in its current version in nixpkgs does not support the latest anki version.
70 lines
1.4 KiB
Nix
70 lines
1.4 KiB
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
../../modules
|
|
|
|
./services/bang-evaluator.nix
|
|
./services/buchborgen.nix
|
|
./services/coturn.nix
|
|
./services/element-web.nix
|
|
./services/gitea.nix
|
|
./services/grafana.nix
|
|
./services/grocy.nix
|
|
./services/hedgedoc.nix
|
|
./services/invidious
|
|
./services/libreddit.nix
|
|
./services/matrix
|
|
./services/murmur.nix
|
|
./services/nitter.nix
|
|
./services/onlypain.icu
|
|
./services/prometheus.nix
|
|
./services/sbruder.xyz
|
|
./services/schabernack.nix
|
|
];
|
|
|
|
sbruder = {
|
|
nginx.hardening.enable = true;
|
|
restic.system = {
|
|
enable = true;
|
|
};
|
|
wireguard.home.enable = true;
|
|
};
|
|
|
|
networking.hostName = "renge";
|
|
|
|
system.stateVersion = "21.11";
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
|
|
virtualHosts."sbruder.de" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
|
|
root = pkgs.sbruder.contact;
|
|
};
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [
|
|
80
|
|
443
|
|
];
|
|
|
|
services.postgresqlBackup = {
|
|
enable = true;
|
|
startAt = [ ]; # triggered by restic system backup
|
|
location = "/var/lib/postgresql-backup";
|
|
};
|
|
systemd.services.restic-backups-system = {
|
|
after = [ "postgresqlBackup.service" ];
|
|
wants = [ "postgresqlBackup.service" ];
|
|
};
|
|
}
|