nixcfg/systems/x86_64-linux/mx/default.nix
Harald Hoyer 4390f2ae09 chore: remove redundant git filter rot8000 config
Remove duplicate configurations for the rot8000 git filter from both mx and base modules. This change helps to streamline the code by ensuring that the unnecessary and redundant configurations are eliminated.
2024-11-29 13:36:00 +01:00

148 lines
3.2 KiB
Nix

{ pkgs, lib, ... }:
{
imports = [
# ./goaccess.nix
./acme.nix
./backup.nix
./coturn.nix
./forgejo.nix
./hardware-configuration.nix
./kicker.nix
./mailserver.nix
./network.nix
./nextcloud.nix
./nginx.nix
./postgresql.nix
./rspamd.nix
./users.nix
];
metacfg = {
base.enable = true;
nix.enable = true;
podman.enable = true;
secureboot.enable = false;
tools = {
direnv.enable = true;
};
};
security = {
tpm2.enable = lib.mkDefault true;
tpm2.abrmd.enable = lib.mkDefault true;
};
system.autoUpgrade = {
enable = true;
dates = "04:00";
operation = "switch";
allowReboot = true;
flake = lib.mkForce "git+file:///var/lib/gitea/repositories/harald/nixcfg.git#mx";
};
nix.gc = {
dates = "daily";
options = "--delete-older-than 7d";
};
programs.git.config = {
safe.directory = "/var/lib/gitea/repositories/harald/nixcfg.git";
};
environment.systemPackages = with pkgs; [
age
apacheHttpd # for mkpasswd
efibootmgr
fgallery
git
htop
mdadm
rrsync
tpm2-pkcs11
tpm2-pkcs11.out
tpm2-tools
zola
];
sops.age.sshKeyPaths = [ "/var/lib/secrets/ssh_host_ed25519_key" ];
services.openssh = {
enable = true;
hostKeys = [
{
path = "/var/lib/secrets/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/var/lib/secrets/ssh_host_rsa_key";
type = "rsa";
bits = 4096;
}
];
};
systemd.services = {
check_boot = {
serviceConfig = {
Type = "oneshot";
Environment = "PATH=/run/current-system/sw/bin";
ExecStart = toString (
pkgs.writeShellScript "check_boot.sh" ''
CURRENT=$(df /boot | grep /boot | awk '{ print $5}' | sed 's/%//g')
THRESHOLD=85
if [ "$CURRENT" -gt "$THRESHOLD" ] ; then
${pkgs.mailutils}/bin/mail -s '/boot Disk Space Alert' harald << EOF
Your /boot partition remaining free space is critically low. Used: $CURRENT%
EOF
fi
''
);
};
wantedBy = [ "default.target" ];
};
};
systemd.timers = {
check_boot = {
timerConfig = {
OnCalendar = "daily";
};
wantedBy = [ "timers.target" ];
};
};
systemd.services = {
check_root = {
serviceConfig = {
Type = "oneshot";
Environment = "PATH=/run/current-system/sw/bin";
ExecStart = toString (
pkgs.writeShellScript "check_root.sh" ''
CURRENT=$(df / | grep / | awk '{ print $5}' | sed 's/%//g')
THRESHOLD=85
if [ "$CURRENT" -gt "$THRESHOLD" ] ; then
${pkgs.mailutils}/bin/mail -s '/boot Disk Space Alert' harald << EOF
Your root partition remaining free space is critically low. Used: $CURRENT%
EOF
fi
''
);
};
wantedBy = [ "default.target" ];
};
};
systemd.timers = {
check_root = {
timerConfig = {
OnCalendar = "daily";
};
wantedBy = [ "timers.target" ];
};
};
system.stateVersion = "23.05";
}