hosts/cloud/sing/configuration.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38

{ modulesPath, pkgs, ... }:
{
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    (modulesPath + "/profiles/qemu-guest.nix")
    ./disk-config.nix
  ];
      boot.loader.grub = {
        efiSupport = true;
      };

       # enable flakes
      nix = {
        package = pkgs.nixFlakes;
        extraOptions = ''
          experimental-features = nix-command flakes
        '';
        settings = {
          keep-outputs = true;
          keep-derivations = true;
        };
      };
     
      services.openssh = {
        enable = true;
        passwordAuthentication = false;
        ports = [5522];
      };
      services.do-agent.enable =  true;
      networking = {
        hostName =  "yagonet-sing"; # use Digital Ocean metadata server
      };
      networking.firewall = {
        enable = true;
        allowedTCPPorts = [ 993 465 40308 80 443 53 51820 5522 ];
        allowedUDPPorts = [ 993 465 40308 80 443 53 50000 50001 50002 50003 50004 50005 50006 50007 50008 50009 50010 51820 5522 ];
      };
}