nix-conf/systems/hetzner/default.nix

{
  config,
  pkgs,
  lib,
  self,
  ...
}:

{

  imports = [
    self.inputs.srvos.nixosModules.server
    self.inputs.srvos.nixosModules.hardware-hetzner-online-amd
    self.inputs.srvos.nixosModules.mixins-nginx
    self.inputs.snm.nixosModules.mailserver
    ./mail.nix
    ./matrix.nix
    ./nginx.nix
    ./radicale.nix
  ];

  facter.reportPath = ./facter.json;

  jopejoe1 = {
    local.enable = true;
    nix.enable = true;
    zerotierone.enable = true;
    asf.enable = true;
    user = {
      jopejoe1.enable = true;
      root.enable = true;
      builder.enable = true;
    };
    ssh.enable = true;
  };

  boot.loader = {
    grub = {
      enable = true;
    };
  };

  networking.firewall = {
    enable = true;
    allowedTCPPorts = [ 21 80 ];
    allowedUDPPorts = [ 21 80 ];
  };

  systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f8:a0:31e5::/64";

  time.timeZone = "Europe/Berlin";

  services.openssh.settings.PermitRootLogin = lib.mkForce "yes";

  services.openssh.ports = [ 22 ];

  security.acme.acceptTerms = true;
  security.acme.defaults.email = "security@missing.ninja";

  services.vsftpd = {
    enable = true;
    writeEnable = true;
    userlistEnable = true;
    userlist = [ "backupftp" ];
    localUsers = true;
    chrootlocalUser = true;
  };

  users.users.backupftp = {
    isNormalUser = true;
    initialPassword = "backupPassword";
  };

  disko.devices = {
    disk = {
      vdb = {
        type = "disk";
        device = "/dev/nvme0n1";
        content = {
          type = "gpt";
          partitions = {
            boot = {
              size = "1M";
              type = "EF02"; # for grub MBR
            };
            mdadm = {
              size = "100%";
              content = {
                type = "mdraid";
                name = "raid0";
              };
            };
          };
        };
      };
      vdc = {
        type = "disk";
        device = "/dev/nvme1n1";
        content = {
          type = "gpt";
          partitions = {
            boot = {
              size = "1M";
              type = "EF02"; # for grub MBR
            };
            mdadm = {
              size = "100%";
              content = {
                type = "mdraid";
                name = "raid0";
              };
            };
          };
        };
      };
    };
    mdadm = {
      raid0 = {
        type = "mdadm";
        level = 0;
        content = {
          type = "gpt";
          partitions = {
            primary = {
              size = "100%";
              content = {
                type = "filesystem";
                format = "ext4";
                mountpoint = "/";
              };
            };
          };
        };
      };
    };
  };
}
run nix fmt 2024-07-10 23:02:54 +02:00			`{`
			`config,`
			`pkgs,`
			`lib,`
			`self,`
			`...`
			`}:`
some server stuff 2024-01-18 20:12:43 +01:00
			`{`
update hetzner 2024-02-07 23:19:26 +01:00
			`imports = [`
			`self.inputs.srvos.nixosModules.server`
			`self.inputs.srvos.nixosModules.hardware-hetzner-online-amd`
			`self.inputs.srvos.nixosModules.mixins-nginx`
simple mail config 2024-04-20 10:11:36 +02:00			`self.inputs.snm.nixosModules.mailserver`
			`./mail.nix`
actully enable matrix 2024-04-23 19:09:38 +02:00			`./matrix.nix`
enable doc server 2024-05-01 19:33:12 +02:00			`./nginx.nix`
add radical server 2024-05-03 08:59:02 +02:00			`./radicale.nix`
update hetzner 2024-02-07 23:19:26 +01:00			`];`

hetzner use nixos facter 2024-09-27 10:35:07 +02:00			`facter.reportPath = ./facter.json;`

some server stuff 2024-01-18 20:12:43 +01:00			`jopejoe1 = {`
			`local.enable = true;`
			`nix.enable = true;`
hetzner enable zerotire 2024-05-01 17:20:48 +02:00			`zerotierone.enable = true;`
asf move to hetzner 2024-10-12 17:30:09 +02:00			`asf.enable = true;`
some server stuff 2024-01-18 20:12:43 +01:00			`user = {`
			`jopejoe1.enable = true;`
			`root.enable = true;`
add build user 2024-07-17 20:16:23 +02:00			`builder.enable = true;`
some server stuff 2024-01-18 20:12:43 +01:00			`};`
			`ssh.enable = true;`
			`};`

			`boot.loader = {`
			`grub = {`
			`enable = true;`
			`};`
			`};`

open ports 2024-04-20 21:07:32 +02:00			`networking.firewall = {`
			`enable = true;`
open port 80 2024-10-09 10:38:39 +02:00			`allowedTCPPorts = [ 21 80 ];`
			`allowedUDPPorts = [ 21 80 ];`
open ports 2024-04-20 21:07:32 +02:00			`};`

remove space 2024-04-20 16:52:29 +02:00			`systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f8:a0:31e5::/64";`
some server stuff 2024-01-18 20:12:43 +01:00
			`time.timeZone = "Europe/Berlin";`

			`services.openssh.settings.PermitRootLogin = lib.mkForce "yes";`

update hetzner 2024-02-07 23:19:26 +01:00			`services.openssh.ports = [ 22 ];`
hetzner improvemnts 2024-01-24 20:50:43 +01:00
simple mail config 2024-04-20 10:11:36 +02:00			`security.acme.acceptTerms = true;`
			`security.acme.defaults.email = "security@missing.ninja";`

add ftp 2024-04-20 20:55:55 +02:00			`services.vsftpd = {`
			`enable = true;`
			`writeEnable = true;`
			`userlistEnable = true;`
			`userlist = [ "backupftp" ];`
			`localUsers = true;`
			`chrootlocalUser = true;`
			`};`

			`users.users.backupftp = {`
			`isNormalUser = true;`
			`initialPassword = "backupPassword";`
			`};`

some server stuff 2024-01-18 20:12:43 +01:00			`disko.devices = {`
			`disk = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`vdb = {`
hetzner 2024-01-19 00:22:27 +01:00			`type = "disk";`
update hetzner 2024-02-07 23:19:26 +01:00			`device = "/dev/nvme0n1";`
some server stuff 2024-01-18 20:12:43 +01:00			`content = {`
update hetzner 2024-02-07 23:19:26 +01:00			`type = "gpt";`
			`partitions = {`
			`boot = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`size = "1M";`
			`type = "EF02"; # for grub MBR`
update hetzner 2024-02-07 23:19:26 +01:00			`};`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`mdadm = {`
update hetzner 2024-02-07 23:19:26 +01:00			`size = "100%";`
some server stuff 2024-01-18 20:12:43 +01:00			`content = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`type = "mdraid";`
			`name = "raid0";`
some server stuff 2024-01-18 20:12:43 +01:00			`};`
update hetzner 2024-02-07 23:19:26 +01:00			`};`
			`};`
			`};`
			`};`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`vdc = {`
update hetzner 2024-02-07 23:19:26 +01:00			`type = "disk";`
			`device = "/dev/nvme1n1";`
			`content = {`
			`type = "gpt";`
			`partitions = {`
			`boot = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`size = "1M";`
			`type = "EF02"; # for grub MBR`
update hetzner 2024-02-07 23:19:26 +01:00			`};`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`mdadm = {`
update hetzner 2024-02-07 23:19:26 +01:00			`size = "100%";`
			`content = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`type = "mdraid";`
			`name = "raid0";`
update hetzner 2024-02-07 23:19:26 +01:00			`};`
			`};`
			`};`
			`};`
			`};`
			`};`
			`mdadm = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`raid0 = {`
update hetzner 2024-02-07 23:19:26 +01:00			`type = "mdadm";`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`level = 0;`
update hetzner 2024-02-07 23:19:26 +01:00			`content = {`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`type = "gpt";`
			`partitions = {`
			`primary = {`
			`size = "100%";`
			`content = {`
hetzner dont use impermance 2024-04-20 09:56:54 +02:00			`type = "filesystem";`
			`format = "ext4";`
			`mountpoint = "/";`
Change filesystem hetzner 2024-02-08 11:49:20 +01:00			`};`
update hetzner 2024-02-07 23:19:26 +01:00			`};`
			`};`
some server stuff 2024-01-18 20:12:43 +01:00			`};`
			`};`
			`};`
			`};`
			`}`