{ privateFiles }:
-{ config, pkgs, resources, name, ... }:
+{ config, pkgs, resources, ... }:
{
boot.kernelPackages = pkgs.linuxPackages_latest;
myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
- hostEnv.FQDN = "backup-2.v.immae.eu";
imports = builtins.attrValues (import ../..);
firewall.enable = true;
interfaces."ens3".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
(n: ips: { address = ips.ip4; prefixLength = 32; })
- (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.myEnv.servers.backup-2.ips);
+ (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips);
interfaces."ens3".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
(n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
- config.myEnv.servers.backup-2.ips);
+ config.hostEnv.ips);
defaultGateway6 = { address = "fe80::1"; interface = "ens3"; };
};
+ myServices.certificates.enable = true;
+ services.nginx = {
+ enable = true;
+ recommendedOptimisation = true;
+ recommendedGzipSettings = true;
+ recommendedProxySettings = true;
+ };
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+
services.cron = {
mailto = "cron@immae.eu";
enable = true;
};
myServices.mailRelay.enable = true;
+ myServices.mailBackup.enable = true;
myServices.monitoring.enable = true;
myServices.databasesReplication = {
postgresql = {
hosts = {
eldiron = {
slot = "backup_2";
- connection = "postgresql://backup-2:${config.myEnv.servers.backup-2.ldap.password}@eldiron.immae.eu";
+ connection = "postgresql://backup-2:${config.hostEnv.ldap.password}@eldiron.immae.eu";
};
};
};
host = config.myEnv.servers.eldiron.ips.main.ip4;
port = "3306";
user = "backup-2";
- password = config.myEnv.servers.backup-2.ldap.password;
+ password = config.hostEnv.ldap.password;
dumpUser = "root";
dumpPassword = config.myEnv.databases.mysql.systemUsers.root;
};
projects / perso / Immae / Config / Nix.git / blobdiff