53 lines
1 KiB
Nix
53 lines
1 KiB
Nix
# See /modules/nixos/* for actual settings
|
|
# This file is just *top-level* configuration.
|
|
{
|
|
flake,
|
|
modulesPath,
|
|
config,
|
|
...
|
|
}:
|
|
|
|
let
|
|
inherit (flake) inputs;
|
|
inherit (inputs) self;
|
|
in
|
|
{
|
|
imports = [
|
|
self.nixosModules.default
|
|
"${modulesPath}/virtualisation/lxc-container.nix"
|
|
];
|
|
sops.secrets = {
|
|
otfenv = {
|
|
owner = "otf";
|
|
group = "otf";
|
|
mode = "0550";
|
|
};
|
|
};
|
|
|
|
services = {
|
|
tty-ips.enable = true;
|
|
otf = {
|
|
enable = true;
|
|
environment = {
|
|
OTF_ADDRESS = "0.0.0.0:9000";
|
|
OTF_HOSTNAME = "tofu.skdevstudios.com";
|
|
OTF_DEFAULT_ENGINE = "tofu";
|
|
OTF_RESTRICT_ORG_CREATION = "true";
|
|
};
|
|
environmentFile = config.sops.secrets.otfenv.path;
|
|
};
|
|
};
|
|
networking = {
|
|
firewall.enable = false;
|
|
yggdrasil = {
|
|
enable = true;
|
|
AllowedPublicKeys = [
|
|
"d0e265fcf663451ae9bc048dc1297749819ce9d48042a986f2866c15a779a074"
|
|
];
|
|
};
|
|
hostName = "tofu";
|
|
};
|
|
environment.systemPackages = [
|
|
];
|
|
system.stateVersion = "25.05";
|
|
}
|