Add metis (server) configuration

flake.lock

@@ -366,21 +366,6 @@
         "type": "github"
       }
     },
-    "nixpkgs_3": {
-      "locked": {
-        "lastModified": 1626852498,
-        "narHash": "sha256-lOXUJvi0FJUXHTVSiC5qsMRtEUgqM4mGZpMESLuGhmo=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "16105403bdd843540cbef9c63fc0f16c1c6eaa70",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-unstable",
-        "type": "indirect"
-      }
-    },
     "root": {
       "inputs": {
         "comma": "comma",
@@ -398,7 +383,9 @@
     "simple-nixos-mailserver": {
       "inputs": {
         "blobs": "blobs",
-        "nixpkgs": "nixpkgs_3",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
         "nixpkgs-21_05": "nixpkgs-21_05",
         "nixpkgs-21_11": "nixpkgs-21_11",
         "utils": "utils"

flake.nix

@@ -32,7 +32,10 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
-    simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.11";
+    simple-nixos-mailserver = {
+      url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-21.11";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
 
     sops-nix = {
       url = "github:Mic92/sops-nix/master";
@@ -97,6 +100,7 @@
           inputs.home-manager.nixosModules.home-manager
           inputs.sops-nix.nixosModules.sops
           inputs.dwarffs.nixosModules.dwarffs
+          inputs.simple-nixos-mailserver.nixosModules.mailserver
         ] ++ (map (name: ./modules + "/${name}") (moduleNames ./modules));
         specialArgs = {
           nixos-hardware = inputs.nixos-hardware.nixosModules;

machines/metis/default.nix

@@ -0,0 +1,55 @@
+{ config, pkgs, inputs, nixos-hardware, ...}:
+{
+  imports = [
+    ../../common/users.nix
+    ./hardware-configuration.nix
+  ];
+
+  elss = {
+    # base system
+    base.enable = true;
+    # setup locale and font settings
+    locale.enable = true;
+    # setup sshd
+    sshd.enable = true;
+    # configure zsh
+    zsh.enable = true;
+    # enable X11 with lightdm and i3
+    graphical = {
+      enable = false;
+      # set dpi if used in mobile applications
+#      dpi = 180;
+    };
+
+    # enable deamon to generate nix-index-db
+    nix-index-db-update.enable = false;
+
+    # add TUD vpn
+    openvpn.enable = false;
+
+    # enable sops
+    sops = {
+      enable = true;
+    };
+
+    # enable server services
+    server = {
+      enable = true;
+      nextcloud.enable = true;
+    };
+    
+    
+    # user setup
+    users = {
+      enable = true;
+      admins = [ "ellmau" ];
+      users = [ ];
+
+      meta = {
+        ellmau.git = {
+          signDefault = true;
+        };
+      };
+    };
+  };
+}

machines/metis/hardware-configuration.nix

@@ -0,0 +1,38 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/da267a3c-34e3-4218-933f-10738ee61eb6";
+      fsType = "ext4";
+    };
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/9ebd7aff-629b-449b-83d8-6381a04eb708";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/DE6D-C383";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e"; }
+    ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
+  # high-resolution display
+  hardware.video.hidpi.enable = lib.mkDefault true;
+}

modules/server/default.nix

@@ -0,0 +1,27 @@
+{ config, lib, pkgs, ... }:
+with lib; {
+  options.elss.server.enable = mkEnableOption "Enable Mail, Web, and DB";
+  options.elss.server.nginx.enable = mkEnableOption "Set up nginx";
+  options.elss.server.sql.enable = mkEnableOption "Set up sql (mariadb)";
+  options.elss.server.nextcloud.enable = mkEnableOption "Set up nextcloud";
+  options.elss.server.smailserver.enable = mkEnableOption "Set up simple mail server";
+
+  imports = [
+    ./nginx.nix
+    ./smailserver.nix
+    ./sql.nix
+    ./nextcloud.nix
+  ];
+
+  config =
+    let
+      cfg = config.elss.server;
+    in
+      mkIf cfg.enable {
+        elss.server = {
+          nginx.enable = mkDefault true;
+          sql.enable = mkDefault true;
+          smailserver.enable = mkDefault false; # TODO fix simple mail server 
+        };
+      };
+}

modules/server/nextcloud.nix

@@ -0,0 +1,3 @@
+{ ... }:
+{
+}

modules/server/nginx.nix

@@ -0,0 +1,15 @@
+{ config, lib, pkgs, ... }:
+with lib;{
+  config =
+    let
+      cfg = config.elss.server.nginx;
+    in
+    mkIf cfg.enable {
+      services.nginx.enable = true;
+      services.nginx.virtualHosts."localhost" = {
+        addSSL = false;
+        enableACME = false;
+        root = "/var/www/localhost";
+      };
+    };
+}

modules/server/smailserver.nix

@@ -0,0 +1,14 @@
+{ config, pkgs, lib, ... }:
+with lib;{
+  config =
+    let
+      cfg = config.elss.server.smailserver;
+    in
+    mkIf cfg.enable {
+      mailserver = {
+        enable = true;
+        fqdn = "mail.ellmauthaler.net";
+        domains = [ "ellmauthaler.net" ];
+      };
+    };
+}

modules/server/sql.nix

@@ -0,0 +1,13 @@
+{ config, pkgs, lib, ... }:
+with lib;{
+  config =
+    let
+      cfg = config.elss.server.sql;
+    in
+    mkIf cfg.enable {
+      services.mysql = {
+        enable = true;
+        package = pkgs.mariadb;
+      };
+    };
+}