+{ privateFiles }:
+{ config, pkgs, ... }:
+{
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+ myEnv = import "${privateFiles}/environment.nix" // { inherit privateFiles; };
+
+ networking = {
+ firewall.enable = false;
+ interfaces."eth0".ipv4.addresses = pkgs.lib.attrsets.mapAttrsToList
+ (n: ips: { address = ips.ip4; prefixLength = 32; })
+ (pkgs.lib.attrsets.filterAttrs (n: v: n != "main") config.hostEnv.ips);
+ interfaces."eth0".ipv6.addresses = pkgs.lib.flatten (pkgs.lib.attrsets.mapAttrsToList
+ (n: ips: map (ip: { address = ip; prefixLength = (if n == "main" && ip == pkgs.lib.head ips.ip6 then 64 else 128); }) (ips.ip6 or []))
+ config.hostEnv.ips);
+ };
+
+ myServices.ssh.modules = [ config.myServices.ssh.predefinedModules.regular ];
+ imports = builtins.attrValues (import ../..);
+
+ deployment = {
+ targetEnv = "hetzner";
+ hetzner = {
+ robotUser = config.myEnv.hetzner.user;
+ robotPass = config.myEnv.hetzner.pass;
+ mainIPv4 = config.hostEnv.ips.main.ip4;
+ partitions = ''
+ clearpart --all --initlabel --drives=sda,sdb,sdc,sdd
+
+ part swap --recommended --label=swap --fstype=swap --ondisk=sda
+
+ part raid.1 --grow --ondisk=sdc
+ part raid.2 --grow --ondisk=sdd
+
+ raid / --level=1 --device=md0 --fstype=ext4 --label=root raid.1 raid.2
+
+ part /nix --grow --label=nix --ondisk=sda
+ part /data --grow --label=data --ondisk=sdb
+ '';
+ };
+ };
+
+ programs.zsh.enable = true;
+
+ time.timeZone = "Europe/Paris";
+ nix = {
+ useSandbox = "relaxed";
+ extraOptions = ''
+ keep-outputs = true
+ keep-derivations = true
+ #Assumed in NUR
+ allow-import-from-derivation = true
+ '';
+ };
+
+ # This is equivalent to setting environment.sessionVariables.NIX_PATH
+ nix.nixPath = [
+ "home-manager=https://github.com/rycee/home-manager/archive/release-19.03.tar.gz"
+ "nixpkgs=https://nixos.org/channels/nixos-19.03/nixexprs.tar.xz"
+ ];
+
+ # This value determines the NixOS release with which your system is
+ # to be compatible, in order to avoid breaking some software such as
+ # database servers. You should change this only after NixOS release
+ # notes say you should.
+ # https://nixos.org/nixos/manual/release-notes.html
+ system.stateVersion = "19.03"; # Did you read the comment?
+}
+