nixos-config/systems/mc7/configuration.nix

{ config, pkgs, ... }:
{
  imports =
    [
      ./hardware-configuration.nix
      ./modules/generic.nix
      ./modules/borg.nix
      #./modules/minecraft.nix
      #./modules/rclone.nix
      ./modules/authentik-server.nix
      ./modules/authentik-ldap.nix
      ./modules/powerdns-web.nix
      ./modules/powerdns-admin.nix
      ./modules/ihatemoney.nix
      #./modules/postgresql.nix
      ./modules/zabbix-server.nix
      ./modules/vaultwarden.nix
      ./modules/remotebuild/host.nix
    ];

  services.postgresql = {
    package = pkgs.postgresql_15;
  };


  sops.secrets."authentik/ldap/mc7" = {};
  services.authentik-ldap.token = builtins.readFile config.sops.secrets."authentik/ldap/mc7".path;

  networking.firewall.interfaces.podman0.allowedUDPPorts = [ 53 ];
  networking.firewall.interfaces.podman0.allowedTCPPorts = [ 5432 ];

  #services.rclone.cacheSize = "100G";

  #system.autoUpgrade = {
  #  allowReboot = false;
  #};

  #nix.gc.automatic = false;

  system.stateVersion = "22.05";
}

# vim: set et ts=2 sw=2 ai: