96 lines
1.9 KiB
Nix
96 lines
1.9 KiB
Nix
{ pkgs, pkgs-unstable, ... }:
|
|
let
|
|
databases = [
|
|
"k3s"
|
|
"gitea"
|
|
"vaultwarden"
|
|
"saysthbot"
|
|
];
|
|
in
|
|
{
|
|
# Enable automatic login for the user.
|
|
services = {
|
|
logrotate.checkConfig = false;
|
|
sshd.enable = true;
|
|
|
|
ntp = {
|
|
enable = true;
|
|
servers = [
|
|
"ntp.ntsc.ac.cn" # China
|
|
];
|
|
};
|
|
|
|
k3s = {
|
|
enable = true;
|
|
package = pkgs-unstable.k3s_1_28;
|
|
configPath = "/etc/rancher/k3s/config.yaml";
|
|
};
|
|
|
|
postgresql = {
|
|
enable = true;
|
|
package = pkgs.postgresql_14;
|
|
authentication = ''
|
|
host all all 10.42.0.0/16 md5
|
|
host all all fd01::/56 md5
|
|
'';
|
|
enableTCPIP = true;
|
|
ensureDatabases = databases;
|
|
ensureUsers = [
|
|
{
|
|
name = "k3s";
|
|
ensurePermissions = {
|
|
"DATABASE k3s" = "ALL PRIVILEGES";
|
|
};
|
|
ensureClauses = {
|
|
login = true;
|
|
};
|
|
}
|
|
{
|
|
name = "gitea";
|
|
ensurePermissions = {
|
|
"DATABASE gitea" = "ALL PRIVILEGES";
|
|
};
|
|
ensureClauses = {
|
|
login = true;
|
|
};
|
|
}
|
|
{
|
|
name = "vaultwarden";
|
|
ensurePermissions = {
|
|
"DATABASE vaultwarden" = "ALL PRIVILEGES";
|
|
};
|
|
ensureClauses = {
|
|
login = true;
|
|
};
|
|
}
|
|
{
|
|
name = "saysthbot";
|
|
ensurePermissions = {
|
|
"DATABASE saysthbot" = "ALL PRIVILEGES";
|
|
};
|
|
ensureClauses = {
|
|
login = true;
|
|
};
|
|
}
|
|
];
|
|
};
|
|
|
|
postgresqlBackup = {
|
|
enable = true;
|
|
databases = databases;
|
|
compressionLevel = 9;
|
|
location = "/backup/postgresql";
|
|
startAt = "*-*-* 01:15:00";
|
|
};
|
|
};
|
|
|
|
# List packages installed in system profile. To search, run:
|
|
# $ nix search wget
|
|
environment.systemPackages = with pkgs; [
|
|
nerdctl
|
|
vim
|
|
gnumake42
|
|
git
|
|
];
|
|
}
|