{ config, lib, pkgs, modulesPath, ... }: let user = config.user; in { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; networking.domain = "tristans.cloud"; boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "sd_mod"]; boot.initrd.kernelModules = []; boot.kernelModules = []; boot.extraModulePackages = []; fileSystems."/" = { device = "/dev/disk/by-uuid/979fe496-10e8-41be-97d1-3d000cd2b384"; fsType = "ext4"; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/D8AA-8602"; fsType = "vfat"; }; fileSystems."/mnt/disk1" = { device = "/dev/disk/by-uuid/caba0b6c-00d2-495a-8c04-67ea584f1a63"; fsType = "ext4"; }; fileSystems."/mnt/disk2" = { device = "/dev/disk/by-uuid/e3828580-625e-4f93-974f-9c7fed99dee2"; fsType = "ext4"; }; fileSystems."/mnt/disk3" = { device = "/dev/disk/by-uuid/28f15a05-d550-4a41-a951-244af6140831"; fsType = "ext4"; }; fileSystems."/mnt/parity1" = { device = "/dev/disk/by-uuid/09fc062c-1a61-4e1b-802c-60f7178bc713"; fsType = "ext4"; }; environment.systemPackages = with pkgs; [ mergerfs mergerfs-tools python3 ]; fileSystems."/mnt/storage" = { device = "/mnt/disk1:/mnt/disk2:/mnt/disk3"; fsType = "fuse.mergerfs"; depends = ["/mnt/disk1" "/mnt/disk2" "/mnt/disk3"]; options = [ "direct_io" "use_ino" "allow_other" "minfreespace=50G" "fsname=mergerfs" "category.create=mfs" "func.mkdir=epall" ]; }; swapDevices = [ {device = "/dev/disk/by-uuid/27ad4809-211f-4ae9-90da-d17d9c1df271";} ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; # networking.interfaces.eth0.useDHCP = lib.mkDefault true; # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; networking.firewall.allowedTCPPorts = [53 80 443]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; system.stateVersion = "24.05"; # don't change. home-manager.users.${user}.imports = [ { home.stateVersion = "24.05"; } ]; networking.hostName = "alpine"; networking.networkmanager.insertNameservers = ["1.1.1.1" "1.0.0.1"]; services.snapraid = { enable = true; contentFiles = [ "/mnt/disk1/SnapRAID.content" "/mnt/disk2/SnapRAID.content" "/mnt/disk3/SnapRAID.content" "/var/snapraid/SnapRAID.content" ]; dataDisks = { d1 = "/mnt/disk1"; d2 = "/mnt/disk2"; d3 = "/mnt/disk3"; }; exclude = ["/lost+found"]; parityFiles = [ "/mnt/parity1/SnapRAID.parity" ]; }; virtualisation = { podman = { enable = true; }; }; services.openssh = { enable = true; openFirewall = true; }; services.nginx = { enable = true; recommendedProxySettings = true; recommendedTlsSettings = true; recommendedOptimisation = true; recommendedGzipSettings = true; virtualHosts = { "*.tristans.cloud" = { globalRedirect = "tristans.cloud"; }; "tristans.cloud" = { forceSSL = true; enableACME = true; root = "/srv/www/tristans.cloud"; }; "*.thebeanbakery.xyz" = { globalRedirect = "thebeanbakery.xyz"; }; "thebeanbakery.xyz" = { forceSSL = true; enableACME = true; root = "/srv/www/thebeanbakery.xyz"; }; "auth.tristans.cloud" = { forceSSL = true; enableACME = true; locations."~" = { proxyPass = "http://localhost:8084"; proxyWebsockets = true; }; }; }; }; security.acme = { acceptTerms = true; defaults.email = "tristan@tristans.cloud"; }; services.ddclient = { # enable = true; protocol = "duckdns"; use = "if, if=enp4s0"; ssl = true; username = ""; passwordFile = "/home/tristan/duckdnstoken"; domains = ["tlbean"]; }; services.mpd = { musicDirectory = "/mnt/storage/media/Music"; }; services.grafana.settings.server = { http_port = 3001; # forgejo and grafana default to 3000 }; }