{ pkgs, lib, nixpkgs-master, matrix-synapse-unwrapped-patched, draupnir, spacebar, ... }: { imports = [ ../../modules/base-server.nix ./services/nginx/nginx.nix ./services/postgres.nix ./vm.nix ]; boot.loader.grub.devices = lib.mkForce [ "nodev" ]; networking = { hostName = "Rory-ovh"; nat = { enable = true; internalInterfaces = [ "ve-+" "vb-+" ]; externalInterface = "enp98s0f0"; enableIPv6 = false; }; enableIPv6 = lib.mkForce false; nameservers = lib.mkForce [ "1.1.1.1" ]; firewall.enable = lib.mkForce true; resolvconf.enable = false; defaultGateway = lib.mkForce null; defaultGateway6 = lib.mkForce null; firewall.allowedTCPPorts = [ 25565 ]; }; systemd.network = { enable = true; networks.enp98s0f0 = { name = "enp98s0f0"; DHCP = "no"; #gateway = [ "51.210.113.254" ]; routes = [ { Gateway = "51.210.113.254"; GatewayOnLink = true; } ]; address = [ "51.210.113.110/32" ]; }; }; nixpkgs.config.permittedInsecurePackages = [ "olm-3.2.16" "dotnet-runtime-wrapped-7.0.20" "dotnet-runtime-7.0.20" "dotnet-sdk-7.0.20" ]; services.irqbalance.enable = true; environment.memoryAllocator.provider = "jemalloc"; networking.firewall.interfaces."ve-spacebar".allowedTCPPorts = [ 5432 ]; containers."spacebar" = import ./services/containers/spacebar/container.nix { inherit pkgs lib spacebar ; }; # prevent a hang on rebuild with forgotten shells... systemd.services."container@spacebar" = { # dependency on postgres for good measure... after = [ "postgresql.service" ]; wants = [ "postgresql.service" ]; # preStop = '' # for pid in $(pgrep -f "nixos-container root-login spacebar"); do # echo "Killing shell with PID $pid" # kill -9 "$pid" # done # ''; }; system.stateVersion = "22.11"; # DO NOT EDIT! environment.systemPackages = with pkgs; [ waypipe ]; nix.nrBuildUsers = 128; }