dennis/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

migrates dnsc-vps-sm

Browse source
This commit is contained in:
Dennis Schoepf 2026-03-10 19:58:21 +01:00
parent a5e20a6a75
commit 26b05c4818
9 changed files with 485 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

75
modules/hosts/dnsc-vps-sm/default.nix Normal file
View file

@ -0,0 +1,75 @@
{ inputs, config, ... }:
let
hostname = "dnsc-vps-sm";
secretsDir = "${inputs.self}/secrets";
in
{
flake.nixosConfigurations.${hostname} = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = with config.flake.modules.nixos; [
inputs.agenix.nixosModules.default
home-manager
base
server-shell
git
ssh
cli-tools
nix
restic
caddy
vaultwarden
uptime-kuma
homepage
actual-server
(
{ config, ... }:
{
imports = [
./_hardware-configuration.nix
./_networking.nix
];
networking.hostName = hostname;
networking.hostId = "e5d5a602";
networking.domain = "dnsc.io";
networking.firewall = {
enable = true;
allowedTCPPorts = [
22
80
443
];
};
system.stateVersion = "24.11";
boot.tmp.cleanOnBoot = true;
zramSwap.enable = true;
# Fix due to https://github.com/NixOS/nixpkgs/issues/180175
systemd.services.NetworkManager-wait-online.enable = false;
# Secrets for this machine
age = {
identityPaths = [
"${config.users.users.dennis.home}/.ssh/id_ed25519"
];
secrets."vaultwarden/env" = {
file = "${secretsDir}/vaultwarden/env";
};
secrets."restic/password" = {
file = "${secretsDir}/restic/password.age";
};
};
# Custom Module Options
restic.repository = "sftp:dnsc-storage:restic/dnsc-server";
restic.backupPaths = [
"/var/backup/vaultwarden"
"/data/actual-server"
# TODO: Include memos path, maybe uptime kuma
];
}
)
];
};
}