summaryrefslogtreecommitdiff
path: root/modules/nixos/server
diff options
context:
space:
mode:
Diffstat (limited to 'modules/nixos/server')
-rw-r--r--modules/nixos/server/acme.nix25
-rw-r--r--modules/nixos/server/default.nix43
-rw-r--r--modules/nixos/server/secrets.nix21
3 files changed, 0 insertions, 89 deletions
diff --git a/modules/nixos/server/acme.nix b/modules/nixos/server/acme.nix
deleted file mode 100644
index a08c8ae..0000000
--- a/modules/nixos/server/acme.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{
- config,
- lib,
- secretsDir,
- ...
-}: let
- cfg = config.server.acme;
-in {
- options.server.acme.enable = lib.mkEnableOption "ACME support";
-
- config = lib.mkIf cfg.enable {
- age.secrets = {
- cloudflareApiKey.file = secretsDir + "/cloudflareApiKey.age";
- };
-
- security.acme = {
- acceptTerms = true;
- defaults = {
- email = "[email protected]";
- dnsProvider = "cloudflare";
- credentialsFile = config.age.secrets.cloudflareApiKey.path;
- };
- };
- };
-}
diff --git a/modules/nixos/server/default.nix b/modules/nixos/server/default.nix
deleted file mode 100644
index baf05f9..0000000
--- a/modules/nixos/server/default.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{
- config,
- lib,
- pkgs,
- inputs,
- ...
-}: let
- cfg = config.server;
-in {
- options.server.enable = lib.mkEnableOption "base server settings";
-
- imports = [
- ./acme.nix
- ./secrets.nix
- ];
-
- config = lib.mkIf cfg.enable {
- _module.args.unstable = inputs.nixpkgs.legacyPackages.${pkgs.stdenv.hostPlatform.system};
-
- boot = {
- tmp.cleanOnBoot = lib.mkDefault true;
- kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened;
- };
- environment.etc."nix/inputs/nixpkgs".source = inputs.nixpkgs-stable.outPath;
-
- documentation = {
- enable = false;
- man.enable = false;
- };
-
- environment.defaultPackages = lib.mkForce [];
-
- nix = {
- gc = {
- dates = "*-*-1,5,9,13,17,21,25,29 00:00:00";
- options = "-d --delete-older-than 2d";
- };
-
- registry.n.flake = inputs.nixpkgs-stable;
- settings.allowed-users = [config.networking.hostName];
- };
- };
-}
diff --git a/modules/nixos/server/secrets.nix b/modules/nixos/server/secrets.nix
deleted file mode 100644
index 0f38995..0000000
--- a/modules/nixos/server/secrets.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{
- config,
- lib,
- secretsDir,
- ...
-}: let
- cfg = config.server.secrets;
-in {
- options.server.secrets.enable = lib.mkEnableOption "secrets management";
-
- config = lib.mkIf cfg.enable {
- age = {
- identityPaths = ["/etc/age/key"];
-
- secrets = {
- rootPassword.file = secretsDir + "/rootPassword.age";
- userPassword.file = secretsDir + "/userPassword.age";
- };
- };
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 22:15:08 +0000