summaryrefslogtreecommitdiff
path: root/server/server.nix
diff options
context:
space:
mode:
Diffstat (limited to 'server/server.nix')
-rw-r--r--server/server.nix31
1 files changed, 31 insertions, 0 deletions
diff --git a/server/server.nix b/server/server.nix
new file mode 100644
index 0000000..dd475e5
--- /dev/null
+++ b/server/server.nix
@@ -0,0 +1,31 @@
+{
+ config,
+ modulesPath,
+ lib,
+ pkgs,
+ ...
+}@args:
+{
+ imports = [
+ ./bootstrap.nix
+ ];
+
+ users.mutableUsers = false;
+
+ sops = {
+ defaultSopsFile = ./secrets/secrets.yaml;
+ defaultSopsFormat = "yaml";
+
+ age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+
+ secrets = { };
+ };
+
+ networking.firewall = {
+ allowedTCPPorts = lib.mkForce [
+ 22
+ 80
+ 443
+ ];
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 02:36:43 +0000