Chris Toph
5879c0bed8
- Introduces new Nix modules for comprehensive backup configuration using Borg - Implements orchestrated backup chain with logging, status tracking, and notifications - Establishes Docker container service definitions and network configurations for Komodo services - Updates host and service secrets, including firewall and Docker credentials
69 lines
1.4 KiB
Nix
69 lines
1.4 KiB
Nix
###############################################################
|
|
#
|
|
# Sock - LXC Container
|
|
# NixOS container, Intel N150 (4 Cores), 8GB/2GB RAM/SWAP
|
|
#
|
|
# Docker Environment, Managed by with Komodo
|
|
#
|
|
###############################################################
|
|
|
|
{
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
username = "toph";
|
|
user = config.secretsSpec.users.${username};
|
|
firewall = config.secretsSpec.firewall.sock;
|
|
in
|
|
{
|
|
imports = lib.flatten [
|
|
## Sock Only ##
|
|
./config
|
|
|
|
## Hardware ##
|
|
./hardware.nix
|
|
|
|
(map lib.custom.relativeToRoot [
|
|
## Required Configs ##
|
|
"hosts/global/core"
|
|
|
|
## Optional Configs ##
|
|
"hosts/global/common/acme"
|
|
"hosts/global/common/docker.nix"
|
|
])
|
|
];
|
|
|
|
## Host Specifications ##
|
|
hostSpec = {
|
|
hostName = "sock";
|
|
username = username;
|
|
hashedPassword = user.hashedPassword;
|
|
email = user.email;
|
|
handle = user.handle;
|
|
userFullName = user.fullName;
|
|
isServer = true;
|
|
isMinimal = true;
|
|
};
|
|
|
|
networking = {
|
|
enableIPv6 = false;
|
|
firewall = {
|
|
allowedTCPPorts = firewall.allowedTCPPorts;
|
|
allowedTCPPortRanges = firewall.allowedTCPPortRanges;
|
|
allowedUDPPorts = firewall.allowedUDPPorts;
|
|
};
|
|
};
|
|
|
|
## System-wide packages ##
|
|
programs.nix-ld.enable = true;
|
|
environment.systemPackages = with pkgs; [
|
|
lazydocker
|
|
compose2nix
|
|
];
|
|
|
|
# https://wiki.nixos.org/wiki/FAQ/When_do_I_update_stateVersion
|
|
system.stateVersion = "25.05";
|
|
}
|