{ config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ../../mixins/tailscale.nix ../../mixins/cli.nix ./services/website.nix ./services/git.nix # ./services/hydrus.nix ./services/matrix.nix ./services/maloja.nix ./services/arXiv.nix ./services/cytube.nix ]; config = { boot = { kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; loader.grub.device = "/dev/vda"; initrd = { availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"]; kernelModules = []; }; kernelModules = []; extraModulePackages = []; }; time.timeZone = lib.mkDefault "Frankfurt"; systemd.network.networks."10-ens3" = { matchConfig.Name = "ens3"; networkConfig.DHCP = "yes"; dhcpV4Config = { UseDNS = false; }; dhcpV6Config = { UseDNS = false; }; ipv6AcceptRAConfig = { UseDNS = false; DHCPv6Client = false; }; }; nixpkgs.config.allowUnfree = true; environment.persistence."/nix/persist".directories = [ { directory = config.services.terraria.dataDir; user = "terraria"; group = "terraria"; } { directory = "/var/lib/private/${config.services.factorio.stateDirName}"; user = "root"; group = "root"; } ]; services.terraria = { enable = false; worldPath = "${config.services.terraria.dataDir}/14.wld"; password = "???"; openFirewall = true; }; services.factorio = { enable = false; openFirewall = true; game-password = "???"; requireUserVerification = false; }; security.lockKernelModules = lib.mkForce false; virtualisation.podman = { enable = true; autoPrune.enable = true; dockerCompat = true; defaultNetwork.settings = { # Required for container networking to be able to use names. dns_enabled = true; }; }; virtualisation.oci-containers.backend = "podman"; }; }