Simon Bruder
cb913a9b00
This also adds secrets management for nginx. It is far from perfect (e.g. nginx does not get reloaded when a secret changes).
31 lines
515 B
Nix
31 lines
515 B
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
../../modules
|
|
../../users/simon
|
|
];
|
|
|
|
sbruder = {
|
|
cpu.intel.enable = true;
|
|
gpu.intel.enable = true;
|
|
gui.enable = true;
|
|
libvirt.enable = true;
|
|
media-proxy.enable = true;
|
|
restic.enable = true;
|
|
ssd.enable = true;
|
|
wireguard.home = {
|
|
enable = true;
|
|
address = "10.80.0.4";
|
|
};
|
|
};
|
|
|
|
services.tor = {
|
|
enable = true;
|
|
client.enable = true;
|
|
};
|
|
|
|
networking.hostName = "nunotaba";
|
|
}
|