{ modulesPath, lib, ... }: { imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [ ./hardware-configuration.nix (modulesPath + "/installer/scan/not-detected.nix") ../../base.nix ../users.nix ../../server.nix ../packages.nix ./gitea.nix ./nginx.nix ./minio.nix # ./coturn.nix ./disk-config.nix ./mail.nix ]; boot = { loader.grub.enable = true; # loader.grub.device = "/dev/sda"; }; services.do-agent.enable = true; networking = { firewall.enable = false; networkmanager.enable = true; hostName = "sortug"; # use Digital Ocean metadata server useDHCP = false; interfaces.enp3s0.ipv4.addresses = [ { address = "209.182.234.186"; prefixLength = 24; } ]; interfaces.enp3s0.ipv6.addresses = [ { address = "2602:ff16:14:0:1:f7:0:1"; prefixLength = 64; } ]; defaultGateway = { address = "209.182.234.1"; interface = "enp3s0"; }; defaultGateway6 = { address = "2602:ff16:14::1"; interface = "enp3s0"; }; nameservers = [ "8.8.8.8" "8.8.4.4" "2001:4860:4860::8888" "2001:4860:4860::8844" ]; }; # curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | NIX_CHANNEL=nixos-23.11 bash -x services.resolved = { enable = true; domains = ["2001:4860:4860::8888" "2001:4860:4860::8844"]; }; # services.tailscale.enable = true; # networking.firewall = { # enable = true; # allowedTCPPorts = [ 40308 80 443 53 51820 5522 ]; # allowedUDPPorts = [ 40308 80 443 53 51820 5522 # 50000 # 50001 # 50002 # 50003 # 50004 # 50005 # 50006 # 50007 # 50008 # 50009 # 50010 # ]; # }; services.ntfy-sh = { enable = true; settings = { base-url = "https://ntfy.sortug.com"; listen-http = ":8099"; }; }; system.stateVersion = "24.05"; # Did you read the comment? users.users.y.openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM+qXhCHNrSZmy4HEXaFn6xAp1w2GzQBMOfVdbR3E81Q cloudboxes"]; }