+{ privateFiles ? ./. }:
{
network = {
description = "Immae's network";
{
_module.args = {
mylibs = import ../libs.nix;
+ mypkgs = import ../default.nix;
myconfig = {
- env = import ./environment.nix;
+ inherit privateFiles;
+ env = import "${privateFiles}/environment.nix";
ips = {
main = "176.9.151.89";
production = "176.9.151.154";
./modules/certificates.nix
./modules/gitolite
./modules/databases
+ ./modules/mpd
./modules/websites
./modules/mail
+ ./modules/ftp
+ ./modules/pub
];
services.myGitolite.enable = true;
services.myDatabases.enable = true;
services.myWebsites.production.enable = true;
services.myWebsites.integration.enable = true;
services.myWebsites.tools.enable = true;
+ services.pure-ftpd.enable = true;
+ services.pub.enable = true;
+ services.journald.extraConfig = ''
+ MaxLevelStore="warning"
+ MaxRetentionSec="1year"
+ '';
networking = {
firewall = {
enable = true;
systemCronJobs = [
''
# The star after /var/lib/* avoids deleting all folders in case of problem
- 0 3,9,15,21 * * * root rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu:
+ 0 3,9,15,21 * * * root rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu: > /dev/null
''
];
};
+
+ # This value determines the NixOS release with which your system is
+ # to be compatible, in order to avoid breaking some software such as
+ # database servers. You should change this only after NixOS release
+ # notes say you should.
+ system.stateVersion = "18.09"; # Did you read the comment?
};
}