server-configs/machines/gerd.nix

{
  imports = [
    ./../shared

    ./../shared/applications/server/acme.nix
    ./../shared/applications/server/nginx.nix
    ./../shared/applications/server/postgresql.nix # INCLUDES DATABASE BACKUPS
    ./../shared/applications/server/restic.nix # EXTERNAL BACKUP
    ./../shared/applications/state/postgresql.nix
    ./../shared/applications/state/ssh.nix

    ./gerd/services/fricloud-website.nix
    ./gerd/services/member-website
    ./gerd/services/lldap.nix
    ./gerd/services/authelia
    ./gerd/services/forgejo
    ./gerd/services/teeworlds.nix
    ./gerd/services/murmur.nix
    ./gerd/services/hedgedoc.nix
    ./gerd/services/cyberchef.nix
    ./gerd/services/nextcloud.nix
    ./gerd/services/stalwart
    ./gerd/services/wger

    ./gerd/services/element.nix
    ./gerd/services/matrix-synapse.nix
  ];

  networking.hostName = "gerd";
  networking.hostId = "e1166ac9";

  mine = {
    state.enable = true;
    disks = {
      disk = "/dev/sda";
      pools.rpool.datasets = {
        "safe/svcs/forgejo" = { mountpoint = "/srv/forgejo"; extra.options.quota = "5G"; };
        "safe/svcs/hedgedoc" = { mountpoint = "/srv/hedgedoc"; extra.options.quota = "5G"; };
        "safe/svcs/nextcloud" = { mountpoint = "/srv/nextcloud"; extra.options.quota = "5G"; };
        "safe/svcs/stalwart" = { mountpoint = "/srv/stalwart"; extra.options.quota = "5G"; };
        "safe/svcs/synapse" = { mountpoint = "/srv/synapse"; extra.options.quota = "5G"; };
        "safe/svcs/wger" = { mountpoint = "/srv/wger"; extra.options.quota = "5G"; };
        "safe/svcs/postgresql" = { mountpoint = "/srv/postgresql"; extra.options.quota = "5G"; };
        "backup/postgresql" = { mountpoint = "/media/backup/postgresqlbackup"; extra.options.quota = "5G"; };
      };
    };

    zrepl.enable = true;

    ssh-on-boot.enable = true;

    platforms.hetzner = {
      enable = true;
      network.address = [
       "65.108.221.240/32"
       "2a01:4f9:c012:743e::1/64"
      ];
    };
  };

  # setup zramswap (we are very ram limited)
  zramSwap = {
    enable = true;
    memoryPercent = 75;
    algorithm = "lz4";
  };


  # TMP FIX FOR https://github.com/nix-community/impermanence/issues/229
  boot.initrd.systemd.suppressedUnits = [ "systemd-machine-id-commit.service" ];
  systemd.suppressedSystemUnits = [ "systemd-machine-id-commit.service" ];


  system.stateVersion = "24.11";
}