nixos/shared/server-configuration.nix

97 lines
2.5 KiB
Nix

{ config, lib, pkgs, timeZone, ... }:
let
srvConfig = config.serverConfig;
in
{
options.serverConfig= {
userName = lib.mkOption {
type = lib.types.str;
description = "Main username for system";
};
hostName = lib.mkOption {
type = lib.types.str;
description = "Hostname for system";
};
hostId = lib.mkOption {
type = lib.types.str;
description = "Host ID";
};
email = lib.mkOption {
type = lib.types.str;
description = "Email for server box";
};
sshEnable = lib.mkOption {
default = false;
description = "Whether to enable ssh server";
};
nfsEnable = lib.mkOption {
default = false;
};
nfsRoot = lib.mkOption {
default = "/nfs_export";
type = lib.types.str;
};
nfsExports = lib.mkOption {
default = [];
description = "List of file paths provided as strings to the nfs exports";
};
};
imports = [
./modules/user/main_user.nix
];
config = {
# Enable flakes feature
nix.settings.experimental-features = [
"nix-command" "flakes"
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking = {
hostId = srvConfig.hostId;
hostName = srvConfig.hostName; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networkmanager.enable = true; # Easiest to use and most distros use this by default.
};
time.timeZone = timeZone;
main_user = {
enable = true;
userName = srvConfig.userName;
isDesktopUser = false;
};
environment.systemPackages = with pkgs; [
docker
docker-compose
zsh
];
programs.zsh.enable = true;
services.openssh = lib.mkIf srvConfig.sshEnable {
enable = true;
};
services.nfs.server = lib.mkIf srvConfig.nfsEnable {
enable = true;
exports = ''
${srvConfig.nfsRoot} 192.168.1.1/24(rw,fsid=root,no_subtree_check,all_squash,anonuid=1001,anongid=1001)
${lib.concatMapStringsSep "\n" (n: "${srvConfig.nfsRoot}${n} 192.168.1.1/24(rw,no_subtree_check,nohide,all_squash,anonuid=1001,anongid=1001)") srvConfig.nfsExports}
'';
};
networking.firewall.allowedTCPPorts = [ 2049 ];
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
system.stateVersion = "23.11"; # Did you read the comment?
};
}