diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-07-21 07:31:45 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-07-21 08:13:11 -0700 |
| commit | 23f8df7396d35744069a4bda0d1d38a55ff64b79 (patch) | |
| tree | 772b5e72355e9ee5b3ae31aef37fe1d4508e8f30 /nix/machines/nixos/x86_64-linux/vm-synology.nix | |
| parent | add docker helpers and clean up some dependencies (diff) | |
| download | infra-23f8df7396d35744069a4bda0d1d38a55ff64b79.tar.gz | |
refactoring to use flake-parts and automatic imports of hosts
This is the first step in a large refactoring to use flake-parts, and to
automatically imports hosts based on paths.
Diffstat (limited to '')
| -rw-r--r-- | nix/machines/nixos/x86_64-linux/vm-synology.nix (renamed from nix/machines/vm-synology/default.nix) | 49 |
1 files changed, 12 insertions, 37 deletions
diff --git a/nix/machines/vm-synology/default.nix b/nix/machines/nixos/x86_64-linux/vm-synology.nix index ec508d8..02030fc 100644 --- a/nix/machines/vm-synology/default.nix +++ b/nix/machines/nixos/x86_64-linux/vm-synology.nix @@ -1,36 +1,35 @@ -{ pkgs, ... }: +{ self, pkgs, ... }: { age = { secrets = { restic_gcs_credentials = { - file = ../../../secrets/restic_gcs_credentials.age; + file = "${self}/secrets/restic_gcs_credentials.age"; }; restic_password = { - file = ../../../secrets/restic_password.age; + file = "${self}/secrets/restic_password.age"; }; cloudflared-tunnel = { - file = ../../../secrets/cloudflared_cragmont.age; + file = "${self}/secrets/cloudflared_cragmont.age"; }; cloudflared-cert = { - file = ../../../secrets/cloudflared_cert.age; + file = "${self}/secrets/cloudflared_cert.age"; }; }; }; imports = [ - ./backups.nix - ./git.nix - ./hardware.nix - ./ingress.nix - ./nginx.nix - ../common/network.nix + "${self}/nix/profiles/git-server.nix" + "${self}/nix/profiles/hardware/synology.nix" + "${self}/nix/profiles/disk/vm.nix" + "${self}/nix/profiles/server.nix" + # ./backups.nix + # ./ingress.nix + # ./nginx.nix ]; # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "vm-synology"; - boot.kernelPackages = pkgs.linuxPackages_latest; nix = { package = pkgs.nixVersions.latest; @@ -46,31 +45,9 @@ }; }; - time.timeZone = "America/Los_Angeles"; - - # Don't require password for sudo - security.sudo.wheelNeedsPassword = false; - - # Virtualization settings - virtualisation.docker.enable = true; - - # Select internationalisation properties. - i18n = { - defaultLocale = "en_US.UTF-8"; - }; - # Define a user account. Don't forget to set a password with ‘passwd’. users.mutableUsers = false; - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - curl - git - vim - jq - ]; - # Enable the OpenSSH daemon. services.openssh.enable = true; services.openssh.settings.PasswordAuthentication = true; @@ -80,8 +57,6 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" ]; - networking.firewall.enable = false; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave |