nuc-configurations/global/software-configuration.nix

{ pkgs, pkgs-unstable, ... }: 
let
  databases = [
    "k3s"
    "gitea"
    "vaultwarden"
    "saysthbot"
  ];
in
{
  # Enable automatic login for the user.
  services = {
    logrotate.checkConfig = false;
    sshd.enable = true;

    ntp = {
      enable = true;
      servers = [
        "ntp.ntsc.ac.cn" # China
      ];
    };

    k3s = {
      enable = true;
      package = pkgs-unstable.k3s_1_28;
      configPath = "/etc/rancher/k3s/config.yaml";
    };

    postgresql = {
      enable = true;
      package = pkgs.postgresql_14;
      authentication = ''
        host	all	all	10.42.0.0/16	md5
        host	all	all	fd01::/56	md5
      '';
      enableTCPIP = true;
      ensureDatabases = databases;
      ensureUsers = [
        {
          name = "k3s";
          ensurePermissions = {
            "DATABASE k3s" =  "ALL PRIVILEGES";
          };
          ensureClauses = {
            login = true;
          };
        }
        {
          name = "gitea";
          ensurePermissions = {
            "DATABASE gitea" =  "ALL PRIVILEGES";
          };
          ensureClauses = {
            login = true;
          };
        }
        {
          name = "vaultwarden";
          ensurePermissions = {
            "DATABASE vaultwarden" =  "ALL PRIVILEGES";
          };
          ensureClauses = {
            login = true;
          };
        }
        {
          name = "saysthbot";
          ensurePermissions = {
            "DATABASE saysthbot" =  "ALL PRIVILEGES";
          };
          ensureClauses = {
            login = true;
          };
        }
      ];
    };

    postgresqlBackup = {
      enable = true;
      databases = databases;
      compressionLevel = 9;
      location = "/backup/postgresql";
      startAt = "*-*-* 01:15:00";
    };
  };

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    nerdctl
    vim
    gnumake42
    git
  ];
}
format 2023-09-25 01:11:58 +00:00			`{ pkgs, pkgs-unstable, ... }:`
init 2023-09-25 00:15:15 +00:00			`let`
			`databases = [`
			`"k3s"`
			`"gitea"`
			`"vaultwarden"`
			`"saysthbot"`
			`];`
			`in`
			`{`
			`# Enable automatic login for the user.`
			`services = {`
			`logrotate.checkConfig = false;`
			`sshd.enable = true;`

			`ntp = {`
			`enable = true;`
			`servers = [`
			`"ntp.ntsc.ac.cn" # China`
			`];`
			`};`

			`k3s = {`
			`enable = true;`
update k3s version 2023-12-01 23:53:47 +00:00			`package = pkgs-unstable.k3s_1_28;`
init 2023-09-25 00:15:15 +00:00			`configPath = "/etc/rancher/k3s/config.yaml";`
			`};`

			`postgresql = {`
			`enable = true;`
			`package = pkgs.postgresql_14;`
			`authentication = ''`
			`host all all 10.42.0.0/16 md5`
			`host all all fd01::/56 md5`
			`'';`
			`enableTCPIP = true;`
			`ensureDatabases = databases;`
			`ensureUsers = [`
			`{`
			`name = "k3s";`
			`ensurePermissions = {`
			`"DATABASE k3s" = "ALL PRIVILEGES";`
			`};`
			`ensureClauses = {`
			`login = true;`
			`};`
			`}`
			`{`
			`name = "gitea";`
			`ensurePermissions = {`
			`"DATABASE gitea" = "ALL PRIVILEGES";`
			`};`
			`ensureClauses = {`
			`login = true;`
			`};`
			`}`
			`{`
			`name = "vaultwarden";`
			`ensurePermissions = {`
			`"DATABASE vaultwarden" = "ALL PRIVILEGES";`
			`};`
			`ensureClauses = {`
			`login = true;`
			`};`
			`}`
			`{`
			`name = "saysthbot";`
			`ensurePermissions = {`
			`"DATABASE saysthbot" = "ALL PRIVILEGES";`
			`};`
			`ensureClauses = {`
			`login = true;`
			`};`
			`}`
			`];`
			`};`

			`postgresqlBackup = {`
			`enable = true;`
			`databases = databases;`
			`compressionLevel = 9;`
			`location = "/backup/postgresql";`
			`startAt = "--* 01:15:00";`
			`};`
			`};`

			`# List packages installed in system profile. To search, run:`
			`# $ nix search wget`
			`environment.systemPackages = with pkgs; [`
			`nerdctl`
			`vim`
			`gnumake42`
git is still needed 2023-09-26 08:19:12 +00:00			`git`
init 2023-09-25 00:15:15 +00:00			`];`
			`}`