+{ privateFiles ? ./. }:
{
network = {
description = "Immae's network";
with mylibs;
{
_module.args = {
- mylibs = import ../libs.nix;
+ mylibs = import ../libs.nix { nixpkgs = pkgs; };
+ mypkgs = import ../default.nix;
myconfig = {
- env = import ./environment.nix;
+ inherit privateFiles;
+ env = import "${privateFiles}/environment.nix";
ips = {
main = "176.9.151.89";
production = "176.9.151.154";
./modules/certificates.nix
./modules/gitolite
./modules/databases
+ ./modules/mpd
./modules/websites
+ ./modules/mail
+ ./modules/ftp
+ ./modules/pub
+ ./modules/task
];
services.myGitolite.enable = true;
services.myDatabases.enable = true;
services.myWebsites.production.enable = true;
services.myWebsites.integration.enable = true;
services.myWebsites.tools.enable = true;
+ services.pure-ftpd.enable = true;
+ services.pub.enable = true;
+ services.myTasks.enable = true;
+ services.journald.extraConfig = ''
+ MaxLevelStore="warning"
+ MaxRetentionSec="1year"
+ '';
networking = {
firewall = {
enable = true;
source = ldap_authorized_keys;
};
+ services.cron = {
+ enable = true;
+ systemCronJobs = [
+ ''
+ # The star after /var/lib/* avoids deleting all folders in case of problem
+ 0 3,9,15,21 * * * root rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu: > /dev/null
+ ''
+ ];
+ };
+
+ # This value determines the NixOS release with which your system is
+ # to be compatible, in order to avoid breaking some software such as
+ # database servers. You should change this only after NixOS release
+ # notes say you should.
+ system.stateVersion = "18.09"; # Did you read the comment?
};
}
projects / perso / Immae / Config / Nix.git / blobdiff