imports = builtins.attrValues (import ../..);
+ boot.kernel.sysctl = {
+ # https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md
+ "net.ipv4.tcp_sack" = 0;
+ };
myServices.buildbot.enable = true;
myServices.databases.enable = true;
myServices.gitolite.enable = true;
+ myServices.monitoring.enable = true;
myServices.irc.enable = true;
myServices.pub.enable = true;
myServices.tasks.enable = true;
+ myServices.mpd.enable = true;
+ myServices.dns.enable = true;
+ myServices.certificates.enable = true;
+ myServices.websites.enable = true;
+ myServices.mail.enable = true;
services.pure-ftpd.enable = true;
+ services.backup.enable = true;
deployment = {
targetEnv = "hetzner";
# to be compatible, in order to avoid breaking some software such as
# database servers. You should change this only after NixOS release
# notes say you should.
- system.stateVersion = "18.09"; # Did you read the comment?
+ # https://nixos.org/nixos/manual/release-notes.html
+ system.stateVersion = "19.03"; # Did you read the comment?
}